Skip to content

Instantly share code, notes, and snippets.

@jeffrafter
Created August 28, 2010 21:37
Show Gist options
  • Save jeffrafter/555607 to your computer and use it in GitHub Desktop.
Save jeffrafter/555607 to your computer and use it in GitHub Desktop.
Twitter OAuth with node-oauth for node.js+express
var express = require('express');
var sys = require('sys');
var oauth = require('oauth');
var app = express.createServer();
var _twitterConsumerKey = "YOURTWITTERCONSUMERKEY";
var _twitterConsumerSecret = "YOURTWITTERCONSUMERSECRET";
function consumer() {
return new oauth.OAuth(
"https://twitter.com/oauth/request_token", "https://twitter.com/oauth/access_token",
_twitterConsumerKey, _twitterConsumerSecret, "1.0A", "http://badgestar.com/sessions/callback", "HMAC-SHA1");
}
app.configure('development', function(){
app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
app.use(express.logger());
app.use(express.cookieDecoder());
app.use(express.session());
});
app.dynamicHelpers({
session: function(req, res){
return req.session;
}
});
app.get('/', function(req, res){
res.send('Hello World');
});
app.get('/sessions/connect', function(req, res){
consumer().getOAuthRequestToken(function(error, oauthToken, oauthTokenSecret, results){
if (error) {
res.send("Error getting OAuth request token : " + sys.inspect(error), 500);
} else {
req.session.oauthRequestToken = oauthToken;
req.session.oauthRequestTokenSecret = oauthTokenSecret;
res.redirect("https://twitter.com/oauth/authorize?oauth_token="+req.session.oauthRequestToken);
}
});
});
app.get('/sessions/callback', function(req, res){
sys.puts(">>"+req.session.oauthRequestToken);
sys.puts(">>"+req.session.oauthRequestTokenSecret);
sys.puts(">>"+req.query.oauth_verifier);
consumer().getOAuthAccessToken(req.session.oauthRequestToken, req.session.oauthRequestTokenSecret, req.query.oauth_verifier, function(error, oauthAccessToken, oauthAccessTokenSecret, results) {
if (error) {
res.send("Error getting OAuth access token : " + sys.inspect(error) + "["+oauthAccessToken+"]"+ "["+oauthAccessTokenSecret+"]"+ "["+sys.inspect(results)+"]", 500);
} else {
req.session.oauthAccessToken = oauthAccessToken;
req.session.oauthAccessTokenSecret = oauthAccessTokenSecret;
// Right here is where we would write out some nice user stuff
consumer.get("http://twitter.com/account/verify_credentials.json", req.session.oauthAccessToken, req.session.oauthAccessTokenSecret, function (error, data, response) {
if (error) {
res.send("Error getting twitter screen name : " + sys.inspect(error), 500);
} else {
req.session.twitterScreenName = data["screen_name"];
res.send('You are signed in: ' + req.session.twitterScreenName)
}
});
}
});
});
app.listen(parseInt(process.env.PORT || 80));
@DevelopKim
Copy link

change 'cookieParser'

@jeffrafter
Copy link
Author

thanks!

@remyguercio
Copy link

I am new to oauth, and this is exactly what I was looking for!

@glebus
Copy link

glebus commented Feb 25, 2012

Object function consumer() {
return new oauth.OAuth(
"https://twitter.com/oauth/request_token", "https://twitter.com/oauth/access_token",
_twitterConsumerKey, _twitterConsumerSecret, "1.0A", "http://8.8.8.8/sessions/callback", "HMAC-SHA1");
} has no method 'get'

@jgendr2
Copy link

jgendr2 commented Feb 26, 2012

@glebus, having the same issue..let me know if you figure anymore out.

@glebus
Copy link

glebus commented Feb 26, 2012

I think line 56 should look like this
consumer().get("http://twitter.com/account/verify_credentials.json", req.session.oauthAccessToken, req.session.oauthAccessTokenSecret, function (error, data, response)

@glebus
Copy link

glebus commented Feb 26, 2012

I do not understand. As a result, displays the message:
You are signed in: undefined

Although if you look at the contents of the data object, there is a property screen_name. I have the feeling that at the time using the data object, it is still empty.

@jgendr2
Copy link

jgendr2 commented Feb 26, 2012

Yea that worked for me, on line 56, consumer should be consumer() Thanks!

@glebus
Copy link

glebus commented Feb 28, 2012

String req.session.twitterScreenName = data["screen_name"]; (60) returns error, because data is string, not object. Need data = JSON.parse(data);

Hope this helps!

@santosh79
Copy link

I'm seeing the following error while trying to require in sessions:

    throw e; // process.nextTick error, or 'error' event on first tick
          ^

Error: connect.session({ secret: "string" }) required for security

Not sure if anyone else ran into this. Would appreciate any help. Thanks.

@glebus
Copy link

glebus commented Mar 2, 2012

String
app.use(express.session()); (20)
must be
app.use(express.session({secret:"secret-key"}));

@santosh79
Copy link

Thanks. I've created an updated gist with the suggested and have it working for anyone interested -- https://gist.github.com/1964797.

@MaestroJurko
Copy link

i have a problem with this.

req.session is undefined and so I don't get accessToken and accessTokenSecret.

and dynamicHelper is no longer present in express 3, and this may be the reason why session is not defined. i am only guessing, does anyone have any ideas why req.session is undefined???

@bingeboy
Copy link

use this in config to replace dynamic helper:

app.use(function(req, res){
res.locals = req.session;
});

See this post on stackoverflow:
http://stackoverflow.com/questions/13517375/nodejs-express-dynamichelpers-error

@max90727
Copy link

My problem is I can not get req.query.oauth_verifier

@max90727
Copy link

Problem solved thanks

@jinjojohnson
Copy link

super one , Thanks

@mccahill
Copy link

I have a version of this gist that works with Express 3 and shows both twitter (OAuth) and Google (OAuth2) here: https://gist.github.com/mccahill/6378276

@aslamanver
Copy link

aslamanver commented May 4, 2020

Brilliant man, Thank you ❤️

@mort3za
Copy link

mort3za commented Jul 3, 2021

I had to change the last url to see the result: https://api.twitter.com/1.1/account/verify_credentials.json

@nashwik
Copy link

nashwik commented Dec 2, 2021

TypeError: Cannot set properties of undefined (setting 'oauthRequestToken')

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment