contents of this page
OAuth¶
Parse.ly uses 2-legged OAuth to authenticate API users, so you will a key and secret to make API requests. Every request you make must contain this information. We look for the following information in the Authorization part of the header of all of your requests:
{
'oauth_consumer_key': key,
'oauth_timestamp': current_timestamp(),
'oauth_nonce': nonce,
'oauth_version': 1.0,
'oauth_signature_method': 'HMAC-SHA1',
'oauth_signature': signature
'xoauth_requestor_id': profile_id,
}
Two-Legged OAuth with Python¶
Not all OAuth client libraries have the same degree of support for 2-legged OAuth. Our Python client library includes a special module to implement 2-legged OAuth. Here’s an example of getting our ParselyClient connected to our server with the OAuth secret and key:
client = parsely.ParselyClient(
"DgB6Dcpzju2hX6xTwU",
"CqaDTFAkneDzZTre9TgCzd34JANKZQTm",
"api.parse.ly")
Meaning of xoauth_requestor_id¶
One of the OAuth header keys that is required on almost all requests is xoauth_requestor_id. This is the identifier of the UserProfile instance for the data being requested. Not all OAuth client libraries support this key out of the box; let us know if you run into issues with it.
Setting up an oauth_proxy¶
In order to ergonomically test our API (e.g. using your browser and using command-line tools like curl), you can set up an OAuth Proxy. An OAuth proxy simply receives HTTP requests and forwards thems to another HTTP service, while signing every request with the proper OAuth header entries (as described in OAuth).
Luckily, Seth Fitzsimmons has written a handy little tool that does just that. You can find the tool at the oauth_proxy github repo or read his article about the tool.
Implementation
The oauth_proxy tool is implemented in Python as a plugin for the Twisted framework. Therefore, it requires that you have both a Python interpreter installed and a recent version of the Twisted framework, installable on most systems using easy_install twisted.
Once you have this tool, simply set it up with the consumer key and shared secret we provided to you via e-mail. If you don’t have an API Key yet, contact us to get one.
Since we use two-legged OAuth, you only need to run the following:
$ cd oauth-proxy
$ twistd -n oauth_proxy
--consumer-key <consumer key>
--consumer-secret <consumer secret>
Then, you can make requests to the Parse.ly API using curl as follows:
$ curl -x localhost:8001 http://api.parse.ly/p/user/items/current
which should return data in JSON format.
Note
Currently, the Parse.ly API requires the parameter oauth_requestor_id to be included in the HTTP Authorization header of all requests that access UserProfile data. Unfortunately, oauth_proxy doesn’t support a pass-through for this argument. We’ve put up an alternate version of oauth_proxy that allows the pass-through of this parameter here: not yet available
If you run into issues getting a proper response from our server, feel free to contact us for help.