public
Last active

A simple example of PIN-based oauth flow with Twitter and jsOAuth

  • Download Gist
twitter-oauth-pin.html
HTML
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
<!DOCTYPE html>
<html>
<head>
<!--
 
A simple example of PIN-based oauth flow with Twitter and jsOAuth.
 
This is mostly based on/copied from <http://log.coffeesounds.com/oauth-and-pin-based-authorization-in-javascri>.
 
Get jsOAuth at <https://github.com/bytespider/jsOAuth/downloads>
 
-->
 
<meta charset="utf-8">
<title>jsOauth test</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
 
<script type="text/javascript" src="jsOAuth-1.1.js"></script>
 
<style type="text/css" media="screen">
</style>
<script>
 
 
$(document).ready(function() {
var options = {
consumerKey: 'YOUR_CONSUMER_KEY',
consumerSecret: 'YOUR_CONSUMER_SECRET'
};
var requestParams;
var accessParams;
 
var oauth = OAuth(options);
 
oauth.get('https://twitter.com/oauth/request_token',
 
function(data) {
console.dir(data);
window.open('https://twitter.com/oauth/authorize?'+data.text);
requestParams = data.text
},
 
function(data) { alert('darn'); console.dir(data) }
);
 
 
$('#pinbutton').click(function() {
if ($('#pin').val()) {
oauth.get('https://twitter.com/oauth/access_token?oauth_verifier='+$('#pin').val()+'&'+requestParams,
 
function(data) {
console.dir(data);
// split the query string as needed
var accessParams = {};
var qvars_tmp = data.text.split('&');
for (var i = 0; i < qvars_tmp.length; i++) {;
var y = qvars_tmp[i].split('=');
accessParams[y[0]] = decodeURIComponent(y[1]);
};
 
oauth.setAccessToken([accessParams.oauth_token, accessParams.oauth_token_secret]);
getHomeTimeline();
},
 
function(data) { alert('poop'); console.dir(data); }
);
}
});
 
function getHomeTimeline() {
oauth.get('https://api.twitter.com/1/statuses/home_timeline.json',
 
function(data) {
entries = JSON.parse(data.text);
var html = [];
for (var i = 0; i < entries.length; i++) {
html.push(JSON.stringify(entries[i]));
};
$('#timeline').html(html.join('<hr>'));
},
 
function(data) { alert('lame'); console.dir(data); }
);
}
 
 
});
</script>
</head>
<body>
<h1>jsOauth test</h1>
 
When you get a PIN, enter it here.
 
<input id="pin" type="text" value=""><button id='pinbutton'>Save</button>
 
<div id="timeline">
</div>
</body>
</html>

This won't work with a normal AJAX call (because of Access-Control-Allow-Origin) and requires JSONP.

Yes, this will only work in platforms not bound by same-origin, such as Titanium Desktop, Adobe AIR and webOS.

How would the implementation using JSONP?

pretty sure Twitter oAuth does not support JSONP responses. YMMV.

Some examples using no-PIN mode ?

I read this article but it seemed very confusing.

Sorry, I'd have to suggest looking at the Twitter docs – I don't have time to write up more examples for you.

No problem, I search the Twitter docs.
Anyway, thanks for the help.

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.