11

I have to integrate Sign-in-with Twitter in my app as below. https://dev.twitter.com/docs/auth/sign-twitter It is browser based app developed in JavaScript I have been refering google code java script OAuth, but im confused how to use oauth/authenticate and how to get the oauth_token

Can any one please help me out with some samples ?

zourbuth
  • 898
  • 7
  • 16
user296601
  • 111
  • 1
  • 1
  • 4
  • Have you seen documentation regarding work with oauth_token on twitter site? http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-oauth-request_token – uthark Mar 18 '10 at 17:30
  • all the links are dead. The docs of twitter sucks. Why it is so hard to do this? It should be dead simple – canbax Dec 19 '21 at 15:25

4 Answers4

16

Problem with this is that anyone who views your page can also now view your consumer key and secret which must be kept private.

Now, someone could write an app that uses your app credentials and do naughty and bad things to the point that twitter and users ban you, and there isnt anything you can do.

Twitter do state that every possible effort must be made to keep these values private to avoid this happening

Unfortunately, there is currently no way to use oAuth in Browser based JavaScript securely.

Dan
  • 1,513
  • 1
  • 24
  • 34
2

Check out the Twitter @Anywhere JSDK authComplete and signOut events and callbacks at https://dev.twitter.com/docs/anywhere/welcome#login-signup

twttr.anywhere(function (T) {

    T.bind("authComplete", function (e, user) {
      // triggered when auth completed successfully
    });

    T.bind("signOut", function (e) {
      // triggered when user logs out
    });

});
potench
  • 3,802
  • 1
  • 28
  • 39
  • 2
    Potench, I did that and worked very well three months ago, but I know see that Twitter is [sunsetting Anywhere](https://dev.twitter.com/blog/sunsetting-anywhere) and this fantastic javascript API won't be available anymore. I read the new documentation and I see there is no friendly Javascript API and the only information I found is [do it yourself](https://dev.twitter.com/docs/auth/implementing-sign-twitter). Do you know what would be the way to do it now that Anywhere will be deprecated? Thanks! – fernaramburu Sep 15 '12 at 17:39
  • Thanks @fernaramburu for bringing this to my attention! I'm looking into it - difficult to say at the moment as it appears you'd have to roll your own solution (back-end and front-end) to provide such events as "authComplete" and "signOut". Will get back to you... – potench Sep 17 '12 at 16:56
1

Use below code in consumer.js and select example provider in index.html drop down list

consumer.example =
{ consumerKey   : "your_app_key"
, consumerSecret: "your_app_secret"
, serviceProvider:
  { signatureMethod     : "HMAC-SHA1"
  , requestTokenURL     : "https://twitter.com/oauth/request_token"
  , userAuthorizationURL: "https://twitter.com/oauth/authorize"
  , accessTokenURL      : "https://twitter.com/oauth/access_token"
  , echoURL             : "http://localhost/oauth-provider/echo" 
  }
};
Swar
  • 11
  • 1
0

Since I was searching for the same thing, trying not to use a custom PHP solution, I came across this very simple integration at http://www.fullondesign.co.uk/coding/2516-how-use-twitter-oauth-1-1-javascriptjquery.htm which uses a PHP proxy that accepts whatever twitter api call you'd like to retrieve from your javascript ..

I'm definitely taking a look at it

elQueFaltaba
  • 618
  • 1
  • 9
  • 17
  • Hi, I also thought about a proxy to hide secrets. Did you try this solution? Is it still working with current twitter API? Does it have limitations? – Davide Vernizzi May 09 '15 at 06:49