add access_type kwarg to OAuthHandler.get_authorization_url(), pass through to Twitte...

Twitter's oauth/request_token endpoint supports a custom x_auth_access_type query parameter that may be 'read' or 'write'. This lets you request a read-only token for an app that has read/write permissions. Details: https://dev.twitter.com/docs/api/1/post/oauth/request_token

fixes #471

diff --git a/tests/test_auth.py b/tests/test_auth.py
index 29678f51ae59d33aeeff86c4e4b40fb8088c02fb..d6cd8bb97a053cbb11d3e2a9a6560d804384061d 100644 (file)
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@@ -21,3 +21,9 @@ class TweepyAuthTests(unittest.TestCase):
         s = api.update_status('test %i' % random.randint(0, 1000))
         api.destroy_status(s.id)
 
+    def testaccesstype(self):
+        auth = OAuthHandler(oauth_consumer_key, oauth_consumer_secret)
+        auth_url = auth.get_authorization_url(access_type='read')
+        print('Please open: ' + auth_url)
+        answer = raw_input('Did Twitter only request read permissions? (y/n) ')
+        self.assertEqual('y', answer.lower())

diff --git a/tweepy/auth.py b/tweepy/auth.py
index edf2609e7f8f8c9e60f51c88996e5b7369cb690c..e18b71e37f8554511997b6ce5b3ca3cf674002dc 100644 (file)
--- a/tweepy/auth.py
+++ b/tweepy/auth.py
@@ -47,9 +47,11 @@ class OAuthHandler(AuthHandler):
     def apply_auth(self):
         return OAuth1(self.consumer_key, client_secret=self.consumer_secret, resource_owner_key=self.access_token, resource_owner_secret=self.access_token_secret)
 
-    def _get_request_token(self):
+    def _get_request_token(self, access_type = None):
         try:
             url = self._get_oauth_url('request_token')
+            if access_type:
+                url += '?x_auth_access_type=%s' % access_type
             return self.oauth.fetch_request_token(url)
         except Exception as e:
             raise TweepError(e)
@@ -58,14 +60,14 @@ class OAuthHandler(AuthHandler):
         self.access_token = key
         self.access_token_secret = secret
 
-    def get_authorization_url(self, signin_with_twitter = False):
+    def get_authorization_url(self, signin_with_twitter = False, access_type = None):
         """Get the authorization URL to redirect the user"""
         try:
             if signin_with_twitter:
                 url = self._get_oauth_url('authenticate')
             else:
                 url = self._get_oauth_url('authorize')
-            self.request_token = self._get_request_token()
+            self.request_token = self._get_request_token(access_type=access_type)
             return self.oauth.authorization_url(url)
         except Exception as e:
             raise TweepError(e)