Oauth client initialization in python for tumblr API using Python-oauth2

Question

I'm new to Oauth. In the past for twitter applications written in Python i used python-oauth2 library to initialize client like this:

consumer = oauth.Consumer(key = CONSUMER_KEY, secret = CONSUMER_SECRET)
token = oauth.Token(key = ACCESS_KEY, secret = ACCESS_SECRET)
client = oauth.Client(consumer, token)

That was easy because twitter provides both CONSUMER and ACCESS keys and secrets. But now i need to do the same for tumblr. The problem is that tumblr provides only CONSUMER_KEY, CONSUMER_SECRET and these urls:

Request-token URL   http://www.tumblr.com/oauth/request_token
Authorize URL       http://www.tumblr.com/oauth/authorize
Access-token URL    http://www.tumblr.com/oauth/access_token

Using this data how can i initialize client to access tumblr API?

UPD

jterrace suggested a code i tried to use before. The problem with it is oauth_callback. If i don't specify any, api returns error "No oauth_callback specified", but if i do specify some url like "http://example.com/oauthcb/" and follow the link http://www.tumblr.com/oauth/authorize?oauth_token=9ygTF..., then press Allow button, tumblr doesn't show any PIN code page, it immediately redirects to that callback url, which is useless since it's desktop application. Why PIN code isn't shown?

UPD 2

Tumblr API doesn't support PIN code authorization. Use xAuth instead - https://groups.google.com/group/tumblr-api/browse_thread/thread/857285e6a2b4268/15060607dc306c1d?lnk=gst&q=pin#15060607dc306c1d

Answer 1

First, import the oauth2 module and set up the service's URL and consumer information:

import oauth2

REQUEST_TOKEN_URL = 'http://www.tumblr.com/oauth/request_token'
AUTHORIZATION_URL = 'http://www.tumblr.com/oauth/authorize'
ACCESS_TOKEN_URL = 'http://www.tumblr.com/oauth/access_token'
CONSUMER_KEY = 'your_consumer_key'
CONSUMER_SECRET = 'your_consumer_secret'

consumer = oauth2.Consumer(CONSUMER_KEY, CONSUMER_SECRET)
client = oauth2.Client(consumer)

Step 1: Get a request token. This is a temporary token that is used for having the user authorize an access token and to sign the request to obtain said access token.

resp, content = client.request(REQUEST_TOKEN_URL, "GET")

request_token = dict(urlparse.parse_qsl(content))
print "Request Token:"
print "    - oauth_token        = %s" % request_token['oauth_token']
print "    - oauth_token_secret = %s" % request_token['oauth_token_secret']

Step 2: Redirect to the provider. Since this is a CLI script we do not redirect. In a web application you would redirect the user to the URL below.

print "Go to the following link in your browser:"
print "%s?oauth_token=%s" % (AUTHORIZATION_URL, request_token['oauth_token'])

# After the user has granted access to you, the consumer, the provider will
# redirect you to whatever URL you have told them to redirect to. You can 
# usually define this in the oauth_callback argument as well.
oauth_verifier = raw_input('What is the PIN? ')

Step 3: Once the consumer has redirected the user back to the oauth_callback URL you can request the access token the user has approved. You use the request token to sign this request. After this is done you throw away the request token and use the access token returned. You should store this access token somewhere safe, like a database, for future use.

token = oauth2.Token(request_token['oauth_token'], request_token['oauth_token_secret'])
token.set_verifier(oauth_verifier)
client = oauth2.Client(consumer, token)

resp, content = client.request(ACCESS_TOKEN_URL, "POST")
access_token = dict(urlparse.parse_qsl(content))

print "Access Token:"
print "    - oauth_token        = %s" % access_token['oauth_token']
print "    - oauth_token_secret = %s" % access_token['oauth_token_secret']
print

Now that you have an access token, you can call protected methods with it.

EDIT: Turns out that tumblr does not support the PIN authorization method. Relevant post here.

Answer 2

If you just want to gain an access-token/secret to sign, you could just setup your callback URL as: http://localhost/blah

• Fireup the CLI-app (after modifying the callback-url, secret and token ofcourse)
• Follow the link in your browser
• Allow app
• View addressbar of the page you've been redirected to in the browser after allowing your app. It should look something like:

http://localhost/blah?oauth_token=xxxxxxxxxxxxxxxxxxxxxxxxxx0123456789ABCDEFGHIJKLMN&oauth_verifier=XXXXXXXXXXXXXXXXXXXXXXXXX0123456789abcdefghijklmn

Use the value of the query-parameter 'oauth_verifier' as your PIN: XXXXXXXXXXXXXXXXXXXXXXXXX0123456789abcdefghijklmn

The CLI should print out your oauth-token and oauth-token-secret.

HTH! Got this working for tumblr in this way :)

Answer 3

had this problem with oauth2 and facebook. @deepvanbinnen's answer lead me into the right direction.

facebook actually redirected to a page similar to this

'http://localhost/blah?code=AQAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX#_=_'

using then the ' AQAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX#_=_ as the PIN actually got me the access to the requested facebook account.

Answer 4

@jterrance's answer is good. However, realize it is a one _time_ manual procedure to get the access token. The access token is the key that you use for all subsequent API calls. (That's why he recommends saving the access token in a database.) The string referred to as 'PIN' (aka the verification key) is not necessarily a number. It can be a printable string in any form. That verification key is displayed on the authorization page at the URL printed in step 2 then pasted into the prompt for a the 'PIN'.

Answer 5

Have a look at https://github.com/ToQoz/Pyblr

It uses oauth2 and urllib to provide a nice wrapper for exactly what you're trying to do.

Answer 6

It seems that what you're trying to do is access an OAuth 1 API with an OAuth 2 client.

See https://github.com/simplegeo/python-oauth2 and look for “three-legged OAuth example”.