twitter issueshttps://gitlab.memri.io/memri/plugins/twitter/-/issues2022-08-09T07:45:42Zhttps://gitlab.memri.io/memri/plugins/twitter/-/issues/15Twitter 1 BE | integrate with FE for nonCVU (2)2022-08-09T07:45:42ZAglaiaTwitter 1 BE | integrate with FE for nonCVU (2)
┆Issue is synchronized with this [Clickup ](https://app.clickup.com/t/2r1cda1) by [Unito](https://www.unito.io)
┆Issue is synchronized with this [Clickup ](https://app.clickup.com/t/2r1cda1) by [Unito](https://www.unito.io)Koen van der VeenKoen van der Veenhttps://gitlab.memri.io/memri/plugins/twitter/-/issues/14Twitter 1 BE | authentication for twitter (2)2022-08-09T07:45:35ZAglaiaTwitter 1 BE | authentication for twitter (2)Token flow is described below:
Authenticate to Twitter (APP_KEY, APP_KEY_SECRET) (Get back Request token from '@twitter/auth/request_token': hidden)
Inputs: APP_KEY, APP_KEY_SECRET, 'oob'
Outputs: OAUTH_TOKEN, OAUTH_TOKEN_SECRET
Get use...Token flow is described below:
Authenticate to Twitter (APP_KEY, APP_KEY_SECRET) (Get back Request token from '@twitter/auth/request_token': hidden)
Inputs: APP_KEY, APP_KEY_SECRET, 'oob'
Outputs: OAUTH_TOKEN, OAUTH_TOKEN_SECRET
Get user authorization url (this is generated by above request tokens: '@twitter/oauth/authorize?oauth_token=...'
Input OAUTH_TOKEN, OAUTH_TOKEN_SECRET
Output OAUTH_URL
Getting the PIN
Input OAUTH_URL
Output OAUTH_VERIFIER (PIN)
User gets back with PIN, posts to '@twitter/oauth/access_token'
Inputs: OAUTH_VERIFIER (PIN), OAUTH_TOKEN, APP_KEY
Outputs: USER_ACCESS_TOKEN, USER_ACCESS_TOKEN_SECRET
Access user data
Inputs: USER_ACCESS_TOKEN, USER_ACCESS_TOKEN_SECRET, APP_KEY, OAUTH_TOKEN
Output: Twitter DATA
┆Issue is synchronized with this [Clickup ](https://app.clickup.com/t/2r1cczu) by [Unito](https://www.unito.io)Koen van der VeenKoen van der Veenhttps://gitlab.memri.io/memri/plugins/twitter/-/issues/13Twitter 1 BE | injecting App key + secret when launching docker container in ...2022-08-09T07:45:23ZAglaiaTwitter 1 BE | injecting App key + secret when launching docker container in k8s (2)Twitter has an app key and app secret that have to stay secret to the user
Implementation
Store as k8s secret
(?) Container accepts arguments for TWITTER_APP_KEY and TWITTER_APP_SECRET
TODO Plugin looks if env variables exist, else uses...Twitter has an app key and app secret that have to stay secret to the user
Implementation
Store as k8s secret
(?) Container accepts arguments for TWITTER_APP_KEY and TWITTER_APP_SECRET
TODO Plugin looks if env variables exist, else uses keys from metadata.json or separate auth.json (for local running)
only open question: how to inject keys from flutter app with local pod
Options
add as CI secret in Twitter plugin, only insert in kubernetes container (see Pod ci)
best choice, no hacking
Plugin needs to read environment variables if they exist, else read from metadata.jsonneed to insert it when launching container
but currently now way to differentiate between which plugin (only twitter should get it)
possible: only pass variables when plugin == twitter
alternative: k, v pair store in hosting where the plugin can pull from when already running
but all plugins will have access, someone can just build plugin to read all secrets
required: if plugin = twitter: ....
Possible: new AuthService backend that handles credentials
seems long-term solution
┆Issue is synchronized with this [Clickup ](https://app.clickup.com/t/2n0ag3k) by [Unito](https://www.unito.io)Koen van der VeenKoen van der Veenhttps://gitlab.memri.io/memri/plugins/twitter/-/issues/12Twitter 1.0 Setup FE | Add authorization screen2022-07-20T17:28:49ZAglaiaTwitter 1.0 Setup FE | Add authorization screenTwitter plugin will be using Callback/redirect-based OAuth authorization.
User starts the plugin by clicking 'Connect'
Plugin connects to Twitter and displays back the authentication page
User [logs in and] approves Memri access
The pag...Twitter plugin will be using Callback/redirect-based OAuth authorization.
User starts the plugin by clicking 'Connect'
Plugin connects to Twitter and displays back the authentication page
User [logs in and] approves Memri access
The page is redirected to Memri flutter app
When the app gets the credentials the authentication is complete.
┆Issue is synchronized with this [Clickup ](https://app.clickup.com/t/37q0uy8) by [Unito](https://www.unito.io)https://gitlab.memri.io/memri/plugins/twitter/-/issues/9Twitter 1 BE | injecting App key + secret when launching docker container in ...2022-08-09T07:32:19ZAglaiaTwitter 1 BE | injecting App key + secret when launching docker container in k8s (1)Twitter has an app key and app secret that have to stay secret to the user
Implementation
Store as k8s secret
(?) Container accepts arguments for TWITTER_APP_KEY and TWITTER_APP_SECRET
TODO Plugin looks if env variables exist, else uses...Twitter has an app key and app secret that have to stay secret to the user
Implementation
Store as k8s secret
(?) Container accepts arguments for TWITTER_APP_KEY and TWITTER_APP_SECRET
TODO Plugin looks if env variables exist, else uses keys from metadata.json or separate auth.json (for local running)
only open question: how to inject keys from flutter app with local pod
Options
add as CI secret in Twitter plugin, only insert in kubernetes container (see Pod ci)
best choice, no hacking
Plugin needs to read environment variables if they exist, else read from metadata.jsonneed to insert it when launching container
but currently now way to differentiate between which plugin (only twitter should get it)
possible: only pass variables when plugin == twitter
alternative: k, v pair store in hosting where the plugin can pull from when already running
but all plugins will have access, someone can just build plugin to read all secrets
required: if plugin = twitter: ....
Possible: new AuthService backend that handles credentials
seems long-term solution
┆Issue is synchronized with this [Clickup ](https://app.clickup.com/t/2jvemqt) by [Unito](https://www.unito.io)Muhammad BilalMuhammad Bilal