-
-
Notifications
You must be signed in to change notification settings - Fork 97
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add example Twitter access token grant flow (PIN-based)
- Loading branch information
Showing
4 changed files
with
108 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
|
||
# examples | ||
|
||
|
||
### Login Flow (PIN) | ||
|
||
A consumer application can obtain a Twitter Access Token for a user by requesting the user grant access via [3-legged](https://dev.twitter.com/oauth/3-legged) or [PIN-based](https://dev.twitter.com/oauth/pin-based) OAuth 1. | ||
|
||
export TWITTER_CONSUMER_KEY=xxx | ||
export TWITTER_CONSUMER_SECRET=yyy | ||
|
||
go run twitter-login.go | ||
|
||
Open this URL in your browser: | ||
https://api.twitter.com/oauth/authenticate?oauth_token=xxx | ||
Paste your PIN here: ddddddd | ||
Consumer was granted an access token to act on behalf of a user. | ||
token: ddddd-xxxxx | ||
secret: yyyyyy | ||
|
||
Note that website backends should define a CallbackURL which can receive a verifier string and request an access token, "oob" is for PIN-based agents such as the command line. | ||
|
||
The OAuth 1 flow can be used to implement Sign in with Twitter if receipt of an access token by your server is used to gate creation of some form of unforgeable session state. Consider using the [go-twitter](https://github.com/dghubble/go-twitter) `login` package if you're implementing Sign in with Twitter in Go. | ||
|
||
### Authorized Requests | ||
|
||
Use an Access Token to make requests on behalf of a Twitter user. | ||
|
||
export TWITTER_CONSUMER_KEY=xxx | ||
export TWITTER_CONSUMER_SECRET=xxx | ||
export TWITTER_ACCESS_TOKEN=xxx | ||
export TWITTER_ACCESS_TOKEN_SECRET=xxx | ||
|
||
Run to perform requests as the user (reads only, it won't tweet anything) | ||
|
||
go run twitter-request.go | ||
|
||
|
||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
package main | ||
|
||
import ( | ||
"fmt" | ||
"github.com/dghubble/oauth1" | ||
twauth "github.com/dghubble/oauth1/twitter" | ||
"log" | ||
"os" | ||
) | ||
|
||
const outOfBand = "oob" | ||
|
||
var config oauth1.Config | ||
|
||
// main performs PIN-based 3-legged auth to show the Oauth 1 user flow in a | ||
// simple command line program. | ||
func main() { | ||
// read credentials from environment variables | ||
consumerKey := os.Getenv("TWITTER_CONSUMER_KEY") | ||
consumerSecret := os.Getenv("TWITTER_CONSUMER_SECRET") | ||
if consumerKey == "" || consumerSecret == "" { | ||
log.Fatal("Required environment variable missing.") | ||
} | ||
|
||
config = oauth1.Config{ | ||
ConsumerKey: consumerKey, | ||
ConsumerSecret: consumerSecret, | ||
CallbackURL: outOfBand, | ||
Endpoint: twauth.AuthorizeEndpoint, | ||
} | ||
|
||
requestToken, err := login() | ||
if err != nil { | ||
log.Fatalf("Request Token Phase: %s", err.Error()) | ||
} | ||
accessToken, err := receivePIN(requestToken) | ||
if err != nil { | ||
log.Fatalf("Access Token Phase: %s", err.Error()) | ||
} | ||
|
||
fmt.Println("Consumer was granted an access token to act on behalf of a user.") | ||
fmt.Printf("token: %s\nsecret: %s\n", accessToken.Token, accessToken.TokenSecret) | ||
} | ||
|
||
func login() (*oauth1.RequestToken, error) { | ||
requestToken, err := config.GetRequestToken() | ||
if err != nil { | ||
return nil, err | ||
} | ||
authorizationURL, err := config.AuthorizationURL(requestToken) | ||
if err != nil { | ||
return nil, err | ||
} | ||
fmt.Printf("Open this URL in your browser:\n%s\n", authorizationURL.String()) | ||
return requestToken, err | ||
} | ||
|
||
func receivePIN(requestToken *oauth1.RequestToken) (*oauth1.Token, error) { | ||
fmt.Printf("Paste your PIN here: ") | ||
var verifier string | ||
_, err := fmt.Scanf("%s", &verifier) | ||
if err != nil { | ||
return nil, err | ||
} | ||
return config.GetAccessToken(requestToken, verifier) | ||
} |
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters