• Albert Bennett

Tweet Posting: Twitter Integration

Updated: Jul 12, 2021

Tweet Posting: Twitter Integration

Feel free to comment on this post, I'll try my best to read all of them and respond quickly.

Link to GitHub Repo

The title says it all really. This post is all about integrating with the Twitter Api. The setup, the authentication, etc. Everything we need to post a tweet onto twitter.

Step 1 - Research

Our first step when doing an integration is always. Always, to do the research. Each api has there own quirks and ways of managing some level of authentication. Our first step should ALWAYS be, how do we access this api and what do we need to call.

Our first step is to apply for a developer account. Follow this link to do it:

. https://developer.twitter.com/en/application/use-case

We do this so that we can create an auth app that will let us get an access token. Such that we post on behalf of a user.

This part can take a while as it is all up to the good people at Twitter to assess who get to access what. With the magic of the internet here is one that I had created earlier... now on to creating out auth app.

. https://developer.twitter.com/en/apps/create

Nothing on the app creation page really matters. It's mostly for display purposes for users. It's still a mandatory step that has to be done.

There are links on the side of the app creation page that better go through why it is necessary and what and auth app is, I'd check them out if you want more information on the process. The hardest part about this whole process, should be picking an app name. I ended up calling mine "TweetAuthAppDemo1234", catchy name :). Before we go, click create under "Access token & access token secret" in "Keys and tokens". We will be needed these later on.

From here, what we need to do is make sure that our permissions are set to read and Write. The rest doesn't matter right now.

Step 2 - Testing the Twitter Api

Ok, so... authenticating against the Twitter api isn't... straight forward. First what we want to do is to test the keys and endpoint for posting tweets to Twitter. We do this by using a tool called Postman. However first you need to be aware that the Twitter endpoint that we will be hitting uses oauth 1.0. This means that we need to gather up a few things before we can get started. First we need our endpoint:

. https://api.twitter.com/1.1/statuses/update.json?screen_name=yourScreenName&status=test tweet

You'll want to replace "yourScreenName" with... your actual Twitter screen name. Next you'll need your keys from Twitter:

. Customer Key

. Customer Secret

. Access Key

. Access Secret

Finally fill out the Postman request with the above information. Endpoint goes to the request url field. Select the authentication to oauth 1.0 and fill out the form with the above info.

Don't worry about leaving fields blank, just be sure that the signature method is set to "HMAC-SHA1". Next click "Send". Make sure that it's a post request being sent and not a get or something else.

And... Tada, there you have it. Posting a Tweet from Postman.

Cool, well now that we know what the request involves the next part should be simple right?

WRONG! Postman conceals a lot of the authentication process for us. We are going to have to find out what it was doing and how to replicate it in C#.

Step 3 - Getting Handsy... with the Api

The actual request in C# is fine for the most part. Much of what it involves is concatenating a string and sending it on as the authorization header for the request. We have already gathered the required information as well. The hard part is how we need to format the authorization header. More specifically generating an encoding hash to encode our request. We will also need to generate a nonce (nonsense string it's used as a request id to prevent spamming) and a timestamp I used a GUID and removed the '-'. I'm going to shorten a lot of this code because, it's fairly standard stuff. The key part is the hashing as mentioned above.

Essentially you've got to encode and hash the headers values before they have been concatenated then passed back as a signature. Such that if tamper occurs in the request can get rejected by the Twitter api.

And when it's run...

Wait for it...


It works :) as you can see from the postman request. However the proof is in the pudding and here it is live on Twitter.

Now. This is a Azure function as such a lot of the secrets and changeable code is stored in a local settings file. Here is the structure of mine if you wanted to try out the project and run it locally yourself.

Well... I don't know if you've noticed but, that was a lot of typing... I'm going to leave it there for now. Catch you all later ᕕ( ᐛ )ᕗ


. https://developer.twitter.com/en/docs/basics/authentication/overview/oauth

. https://developer.twitter.com/en/docs/tweets/post-and-engage/overview

<< Part 2: Using Azure

7 views0 comments

Recent Posts

See All