Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Twitter OAuth with node-oauth for node.js+express
var express = require('express');
var sys = require('util');
var oauth = require('oauth');
var app = express.createServer();
var _twitterConsumerKey = process.env['TWITTER_CONSUMER_KEY'];
var _twitterConsumerSecret = process.env['TWITTER_CONSUMER_SECRET'];
console.log("_twitterConsumerKey: %s and _twitterConsumerSecret %s", process.env['TWITTER_CONSUMER_KEY'], process.env['TWITTER_CONSUMER_SECRET']);
function consumer() {
return new oauth.OAuth(
"", "",
_twitterConsumerKey, _twitterConsumerSecret, "1.0A", "http://your.domain/sessions/callback", "HMAC-SHA1");
app.configure('development', function(){
app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
secret: "secretkey"
session: function(req, res){
return req.session;
app.get('/', function(req, res){
res.send('Hello World');
app.get('/sessions/connect', function(req, res){
consumer().getOAuthRequestToken(function(error, oauthToken, oauthTokenSecret, results){
if (error) {
res.send("Error getting OAuth request token : " + sys.inspect(error), 500);
} else {
req.session.oauthRequestToken = oauthToken;
req.session.oauthRequestTokenSecret = oauthTokenSecret;
app.get('/sessions/callback', function(req, res){
consumer().getOAuthAccessToken(req.session.oauthRequestToken, req.session.oauthRequestTokenSecret, req.query.oauth_verifier, function(error, oauthAccessToken, oauthAccessTokenSecret, results) {
if (error) {
res.send("Error getting OAuth access token : " + sys.inspect(error) + "["+oauthAccessToken+"]"+ "["+oauthAccessTokenSecret+"]"+ "["+sys.inspect(results)+"]", 500);
} else {
req.session.oauthAccessToken = oauthAccessToken;
req.session.oauthAccessTokenSecret = oauthAccessTokenSecret;
// Right here is where we would write out some nice user stuff
consumer().get("", req.session.oauthAccessToken, req.session.oauthAccessTokenSecret, function (error, data, response) {
if (error) {
res.send("Error getting twitter screen name : " + sys.inspect(error), 500);
} else {
console.log("data is %j", data);
data = JSON.parse(data);
req.session.twitterScreenName = data["screen_name"];
res.send('You are signed in: ' + req.session.twitterScreenName)
app.listen(parseInt(process.env.PORT || 80));
Copy link

jgendr2 commented Mar 3, 2012

Thanks for the update. Can you explain what process.env is? and where can you set these values? Thanks.

Copy link

Sure - process.env returns all the environment variables in your system. For the sake of this example, I kept it simple and secure by requiring the access token and secret be passed in as environment variables. In order to run this you would do:

TWITTER_CONSUMER_KEY="yourAppKey" TWITTER_CONSUMER_SECRET="yourAppSecret" node twitter-oauth.js

In the command line.

Copy link

jgendr2 commented Mar 3, 2012

Thanks for sharing.

Copy link

I get the following error

[Error: 2712:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:openssl\ssl\s23_clnt.c:607:

Any ideas as to how to rectify the same ??

Copy link

Everything seems to work. However, I did have to change the endpoint for the credentials to : . (via:

Copy link

Thanks for the example!

Is there any reason why URLs are instead of as documented on

Copy link

thanks, this run great

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment