Demo app for Twitter OAuth using sinatra and twitter_oauth gem
Switch branches/tags
Nothing to show
Pull request Compare This branch is 19 commits behind moomerman:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.



Sinitter is a [sinatra]( application to demonstrate the integration of Twitter OAuth via the [twitter_oauth]( gem.

Live Demo

You can see sinitter running at [](

Local Setup

To run the application locally you’ll need to [create a Twitter OAuth Application](

Once your application is setup you will have a consumer key and consumer secret. Create config.yml in the root of sinitter eg.

consumer_key: YOUR-CONSUMER-KEY
consumer_secret: YOUR-CONSUMER-SECRET

Grab the twitter_oauth gem:

gem sources -a
sudo gem install moomerman-twitter_oauth



The application should now be available at http://localhost:4567/


Firstly you need an instance of the Twitter OAuth API client with your credentials.

@client =
    :consumer_key => @@config['consumer_key'],
    :consumer_secret => @@config['consumer_secret'],

This client handles all the communication and authentication with Twitter. The next stage is to prompt the user to click something on your site that initiates the authorization procedure – imagine this is a link to /connect on your site, this is what the code might look like

get '/connect' do
  request_token = @client.request_token
  session[:request_token] = request_token.token
  session[:request_token_secret] = request_token.secret
  redirect request_token.authorize_url  

We have just created a new request token and stored the details of the token in the session for when the user is returned to your site by Twitter. Then we have redirected to the authorize_url that will take the user to the Twitter site.

When you configure your application details on Twitter you have to specify a callback URL. In this example let us assume it is /auth

get '/auth' do
  # Exchange the request token for an access token.
  @access_token = @client.authorize(
  if @client.authorized?
    # Storing the access tokens so we don't have to go back to Twitter again
    # in this session.  In a larger app you would probably persist these details somewhere.
    session[:access_token] = @access_token.token
    session[:secret_token] = @access_token.secret
    session[:user] = true
    redirect '/home'
    redirect '/login'

Here we have retrieved the request token details from the session and asked Twitter to confirm the authorization, if this has all gone according to plan you will now have an access token for this user. The access token never expires (unless the user removes your aplication from their settings page) so you can use that in the future without having to do the authorization process again.

To start making authorized requests we can now create an instance of the API client with this users access token

@client =
  :consumer_key => @@config['consumer_key'],
  :consumer_secret => @@config['consumer_secret'],
  :token => session[:access_token],
  :secret => session[:secret_token]

Now we’re ready to call the API on behalf of this user. Here is an example action that updates the users status on twitter

post '/update' do
  redirect '/'

That’s it!