Vimeo implemented OAuth support on their end, the announcement was made here.
Seems like the old web authentication methods are already marked as deprecated, however they still work 4 days later. The deprecated methods are
- vimeo.auth.checkToken
- vimeo.auth.getFrob
- vimeo.auth.getToken
The new OAuth specific URLs are (Twitter alike):
Request Token: http://vimeo.com/oauth/request_token
User Authorization: http://vimeo.com/oauth/authorize
Access Token: http://vimeo.com/oauth/access_token
I noticed a big similarity between Vimeo’s and Flickr’s authentication API, and probably Flickr will do a switch soon as well, there’s no OAuth implementation on their end at the moment.
A thing I noticed is that the Vimeo API now requires the OAuth specific data and valid tokens which kind of forces everyone to switch to the OAuth tokens, instead of the old ones extracted via the deprecated methods.
Loopthing needs an unexpected code update because of this right after launching the authentication feature on our end last week, but I’m happy security has been tightened around the video hosting service.
Update: The OAuth specific URLs for Vimeo does not support SSL because of the improper setup of the certificate and the weird redirects. In the best case you’ll get a 401 error with the message “Invalid nonce”.
