From ebbcfd6e18170d182606238173eced0a1be169c3 Mon Sep 17 00:00:00 2001 From: Ryan Barrett Date: Tue, 12 Aug 2014 15:17:34 -0700 Subject: [PATCH] add access_type kwarg to OAuthHandler.get_authorization_url(), pass through to Twitter's x_auth_access_type Twitter's oauth/request_token endpoint supports a custom x_auth_access_type query parameter that may be 'read' or 'write'. This lets you request a read-only token for an app that has read/write permissions. Details: https://dev.twitter.com/docs/api/1/post/oauth/request_token fixes #471 --- tests/test_auth.py | 6 ++++++ tweepy/auth.py | 8 +++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/tests/test_auth.py b/tests/test_auth.py index 29678f5..d6cd8bb 100644 --- a/tests/test_auth.py +++ b/tests/test_auth.py @@ -21,3 +21,9 @@ class TweepyAuthTests(unittest.TestCase): s = api.update_status('test %i' % random.randint(0, 1000)) api.destroy_status(s.id) + def testaccesstype(self): + auth = OAuthHandler(oauth_consumer_key, oauth_consumer_secret) + auth_url = auth.get_authorization_url(access_type='read') + print('Please open: ' + auth_url) + answer = raw_input('Did Twitter only request read permissions? (y/n) ') + self.assertEqual('y', answer.lower()) diff --git a/tweepy/auth.py b/tweepy/auth.py index edf2609..e18b71e 100644 --- a/tweepy/auth.py +++ b/tweepy/auth.py @@ -47,9 +47,11 @@ class OAuthHandler(AuthHandler): def apply_auth(self): return OAuth1(self.consumer_key, client_secret=self.consumer_secret, resource_owner_key=self.access_token, resource_owner_secret=self.access_token_secret) - def _get_request_token(self): + def _get_request_token(self, access_type = None): try: url = self._get_oauth_url('request_token') + if access_type: + url += '?x_auth_access_type=%s' % access_type return self.oauth.fetch_request_token(url) except Exception as e: raise TweepError(e) @@ -58,14 +60,14 @@ class OAuthHandler(AuthHandler): self.access_token = key self.access_token_secret = secret - def get_authorization_url(self, signin_with_twitter = False): + def get_authorization_url(self, signin_with_twitter = False, access_type = None): """Get the authorization URL to redirect the user""" try: if signin_with_twitter: url = self._get_oauth_url('authenticate') else: url = self._get_oauth_url('authorize') - self.request_token = self._get_request_token() + self.request_token = self._get_request_token(access_type=access_type) return self.oauth.authorization_url(url) except Exception as e: raise TweepError(e) -- 2.25.1