Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Added OAuth2 support and examples for Twitter API#1001

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Open
xiangyao1989 wants to merge1 commit intoscribejava:master
base:master
Choose a base branch
Loading
fromxiangyao1989:twitter-oauth2

Conversation

xiangyao1989
Copy link

  1. Introduced OAuth2.0 config for Twitter API - TwitterApi20.java (Beta).
  2. Created example of hitting Twitter APIs with OAuth2.0 PKCE - Twitter20WithPKCEExample.java.

@SuppressWarnings("PMD.SystemPrintln")
public static void main(String... args) throws IOException, InterruptedException, ExecutionException {
final String clientId = "CLIENT_ID"; // replace these with your client id
final String state = "secret" + new Random().nextInt(999_999);

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I detect that this code is problematic. According to theBad practice (BAD_PRACTICE),DMI: Random object created and used only once (DMI_RANDOM_USED_ONLY_ONCE).
This code creates a java.util.Random object, uses it to generate one random number, and then discards the Random object. This produces mediocre quality random numbers and is inefficient. If possible, rewrite the code so that the Random object is created once and saved, and each time a new random number is required invoke a method on the existing Random object to obtain it.
If it is important that the generated Random numbers not be guessable, youmust not create a new Random for each random number; the values are too easily guessable. You should strongly consider using a java.security.SecureRandom instead (and avoid allocating a new SecureRandom for each random number needed).

@horyu1234
Copy link

@xiangyao1989 Any further news on this work?

peternees reacted with thumbs up emoji

@peternees
Copy link

I had a look to the endpoints in TwitterApi20.java, and I don't think they are correct, if I compare withhttps://developer.twitter.com/en/docs/authentication/oauth-1-0a/obtaining-user-access-tokens

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers

@lillieMaiBauerlillieMaiBauerlillieMaiBauer left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

5 participants
@xiangyao1989@horyu1234@peternees@lillieMaiBauer@willfeather
[8]ページ先頭
©2009-2025 Movatter.jp