/twitter_oauth

Twitter OAuth REST API client library for Ruby

Primary LanguageRubyMIT LicenseMIT

Twitter OAuth REST API client library for Ruby

Current Status

Twitter turned off access to the v1 API so this project is currently migrating to v1.1. Unfortunately everything is not backward-compatible.

The v.0.4.9x series of this gem is work in progress getting the library compatible with Twitter v1.1 – when complete we will push v0.5.0 of this library.

Install the gem

gem ‘twitter_oauth’

Using the gem

To make authorized requests with the client library you’ll need to create a Twitter OAuth Application.

See sinitter for a full website integration example.

Unauthorized request example

Since Twitter API v1.1 all requests are required to be authorized.

Authorized request example

To use the full power of the Twitter API you need to authorize your application and a valid Twitter user via OAuth.
An example showing how to update the status of an authorized user is below.

Firstly we need to create an instance of the client with your application client credentials you have been given by Twitter
when you set up your application.

client = TwitterOAuth::Client.new(
    :consumer_key => 'YOUR_APP_CONSUMER_KEY',
    :consumer_secret => 'YOUR_APP_CONSUMER_SECRET'
)
request_token = client.request_token(:oauth_callback => oauth_confirm_url)
#:oauth_callback required for web apps, since oauth gem by default force PIN-based flow
#( see http://groups.google.com/group/twitter-development-talk/browse_thread/thread/472500cfe9e7cdb9/848f834227d3e64d )


request_token.authorize_url
=> http://twitter.com/oauth/authorize?oauth_token=TOKEN

In your application your user would be redirected to Twitter to authorize the application at this point. You’ll need to store
the request token (usually in the session) for later. The code continues below assuming the user has authorized your application.

NOTE: Above we called the client.request_token(...) method, this authorizes the application on every call. You can also use the client.authentication_request_token(...) method which automatically redirects back to your application if the user has previously authorized the app.

access_token = client.authorize(
  request_token.token,
  request_token.secret,
  :oauth_verifier => params[:oauth_verifier]
)

client.authorized?
=> true

client.update('checking out the twitter_oauth library') # sends a twitter status update

Now if you keep hold of the access_token (usually in the database) for this user you won’t need to re-authorize them next time. When you create an instance of the client you can just pass in the access token and secret that you have stored.

access_token = @user.access_token # assuming @user
client = TwitterOAuth::Client.new(
    :consumer_key => 'YOUR_CONSUMER_KEY',
    :consumer_secret => 'YOUR_APP_CONSUMER_SECRET',
    :token => access_token.token,
    :secret => access_token.secret
)

client.authorized?
=> true

PIN-based flow

If you’re writing a command line application or desktop app, you will probably want to use the PIN-based authorization method rather than the website redirect method.

client = TwitterOAuth::Client.new(
  :consumer_key => 'YOUR_CONSUMER_KEY',
  :consumer_secret => 'YOUR_APP_CONSUMER_SECRET'
)

request_token = client.authentication_request_token(
  :oauth_callback => 'oob'
)

puts request_token.authorize_url

print 'Please visit the URL and enter the code: '
code = gets.strip

access_token = client.authorize(
  request_token.token,
  request_token.secret,
  :oauth_verifier => code
)

client.authorized?
=> true

The special oauth callback value of oob tells Twitter you want to do the PIN-based authentication. The user goes to the authorization URL to get their unique code and they paste that into your application. Finally we authorize the user with this code.

Working with a Proxy

Services such as Apigee Analytics and API Management require you to proxy your API requests through their servers. The workflow is as follows.

First you need to authorize the Twitter user via OAuth directly via the Twitter API (this part cannot be proxied)

client = TwitterOAuth::Client.new(
    :consumer_key => 'YOUR_APP_CONSUMER_KEY',
    :consumer_secret => 'YOUR_APP_CONSUMER_SECRET'
)
request_token = client.request_token(:oauth_callback => 'YOUR_CALLBACK_URL')

request_token.authorize_url
=> http://twitter.com/oauth/authorize?oauth_token=TOKEN

The user is sent to Twitter to allow the application to access their account and then you need to obtain the access token for the user

access_token = client.authorize(
  request_token.token,
  request_token.secret,
  :oauth_verifier => params[:oauth_verifier]
)

client.authorized?
=> true

Now you can make all further API calls through the proxy of your choice:

access_token = @user.access_token # assuming @user
client = TwitterOAuth::Client.new(
    :proxy => 'http://XXX.YYY.apigee.com',
    :consumer_key => 'YOUR_CONSUMER_KEY',
    :consumer_secret => 'YOUR-CONSUMER-SECRET',
    :token => access_token.token,
    :secret => access_token.secret
)

client.authorized?
=> true

client.update('Proxy via Apigee is working')