Getting Single-user OAuth to Work with the Tumblr API

Album Cover: The Future

"Love's the only engine of survival."
Leonard Cohen / The Future

Posted on January 11, 2013 3:09 PM in Programming
Warning: This blog entry was written two or more years ago. Therefore, it may contain broken links, out-dated or misleading content, or information that is just plain wrong. Please read on with caution.

Before I get into the details of how I got single-user OAuth to work with the Tumblr API, I have to make a few comments about Tumblr's API itself. First and foremost, the JSON structure they return is very well done. Compliments end there, though, because they unfortunately make the bar to entry for prospective API consumers far too high.

The first thing you'll notice if you try to build your own Tumblr API-consuming application is that they immediately gloss over the first roadblock to building one: authentication. For example, the whole process of using OAuth to gain access is covered with the following three sentences:

Tumblr supports OAuth 1.0a, accepting parameters via the Authorization header, with the HMAC-SHA1 signature method only. There's probably already an OAuth client library for your platform.

If you've worked with Twitter's OAuth implementation, you'll feel right at home with ours.

Passing the responsibility for documentation off to Twitter, a direct competitor? Really? Granted, Twitter's API documentation sets the gold standard, but at least try!

It's that glossing over of the details that led me to wasting far too much time trying to obtain my OAuth access token and secret key. There is no definitive sample code on their site, but there is a handful of scripts that lead one to believe that the process is straightforward; however, that was not my experience.

What I found when running those scripts is that the final step of requesting the access token would always return a result of "Missing or invalid oauth_verifier." I was using the scripts as-is, only modifying the consumer key and secret, and having absolutely no luck. After contacting Tumblr support and being told my question was "too technical," it was recommended that I post a question in the Google Groups Tumblr API discussion forum. However, that forum requires you to apply to join just in order to ask a question. Like I said previously -- the bar to entry is unnecessarily high.

After contacting the developer behind one of the aforementioned scripts and not receiving a response, I decided to roll up my sleeves again and try to tackle the problem from a different angle. Since I was following the scripts to a tee and not having any luck, and getting an error that doesn't seem to have been run into very often by anyone else (yet), I wondered if maybe the version of my oauth2 module (1.0.2) was newer than the one used by those who had found success with those scripts. Or maybe it didn't support the older 1.0a version of OAuth that the Tumblr API still requires (though Wikipedia claims OAuth 2.0 should be backward-compatible).

Those thoughts led me to a different OAuth module for Python called Rauth. I very quickly tweaked their example code to work with the Tumblr API instead of Twitter's and ran the script. To my dismay, the script raised an exception:

TypeError: session() takes no arguments (1 given)

Because the script working out of the box would just be too easy, right? Upon realizing that the error was being thrown from within the Requests module that Rauth depends on, I was lucky enough to stumble upon a Stack Overflow post mentioning that a recent Requests version change was littered with backward-incompatible changes. It recommended rolling back to version 0.14.2, so I did the following from the command-line (on Linux):

sudo pip install --upgrade requests=0.14.2

I then ran my modified script again, and lo and behold, it ran to completion and printed out my access token and secret.

If you're at all interested in the script I ended up using to do so, you can check it out on Github.

Comments

Ryan on January 23, 2013 at 7:51 AM:

I remember similar struggles with Facebook authentication a few years ago. When I tried it again more recently with the graph API, it ended up being really straightforward. Good APIs make a big difference.

Permalink

high PR dofollow blog comments service on September 05, 2016 at 2:53 AM:

A debt of gratitude is in order for the web journal stacked with such a large number of data. Halting by your web journal assisted me with getting what I was searching for.

Permalink

instagram followers on September 28, 2016 at 3:22 AM:

Much obliged to you for the redesign, exceptionally decent site..

Permalink

instagram likes on September 28, 2016 at 3:22 AM:

Much obliged to you for the redesign, exceptionally decent site..

Permalink

timesharedonations.us this website  on October 06, 2016 at 5:59 AM:

I can't envision concentrating sufficiently long to research; considerably less compose this sort of article. You've beaten yourself with this material. This is extraordinary substance.

Permalink

Cat Spraying No More Review on October 09, 2016 at 10:31 PM:

I have read your article, it is very informative and helpful for me.I admire the valuable information you offer in your articles. Thanks for posting it..

Permalink

b17 tablets on October 10, 2016 at 2:56 AM:

Great .. Astounding .. I'll bookmark your online journal and take the encourages likewise… I'm cheerful to discover such a large number of helpful information here in the post, we need work out more methods in such manner, a debt of gratitude is in order for sharing. b17 tablets

Permalink

netflix on October 17, 2016 at 2:36 AM:

Positive site, where did u think of the data on this posting? I'm satisfied I found it however, sick be inquiring soon to discover what extra posts you incorporate. minecraft free download for pc netflix special offer code

Permalink

netflix on October 17, 2016 at 2:39 AM:

This article gives the light in which we can watch the truth. This is extremely pleasant one and gives indepth data. Much obliged for this pleasant article. minecraft free download for pc netflix special offer code

Permalink

netflix on October 17, 2016 at 2:40 AM:

A debt of gratitude is in order for the online journal stacked with such a variety of data. Ceasing by your online journal assisted me with getting what I was searching for. minecraft free download for pc netflix special offer code

Permalink

Dubai on December 07, 2016 at 7:21 AM:

I really located you by mistake, while I was watching on google for something else,

Permalink

voyance sans cb on December 08, 2016 at 10:46 PM:

thanks this is good blog.

Permalink

Post Comments

If you feel like commenting on the above item, use the form below. Your email address will be used for personal contact reasons only, and will not be shown on this website.

Name:

Email Address:

Website:

Comments:

Check this box if you hate spam.