Meteor Accounts Twitter Auth code here...

[faceyspacey]

Here's a gist of the code:

https://gist.github.com/faceyspacey/9cdaee9b041fbe55868ad686a13ef3a4

@spencercarli you're code (e.g that you're using for Facebook auth) is using Meteor 1.3+ code with imports, whereas my code is for a Meteor 1.2 app or I'd make it similarly. Regardless, I figured I'd put up here for anyone to use if they need it, as I don't really have time to make it a proper package for Meteor 1.2 or 1.3. The code is written in the same style as:

https://github.com/spencercarli/react-native-meteor-accounts/blob/master/MeteorApp/server/imports/oauth-facebook.js

It should be easy for anyone to repurpose for their native twitter auth needs, or to simply incorporate into this package. cheers.

[faceyspacey]

ps. in native code call something like (React Native Example):

let params = {
    twitter: {
      authToken: 'YOUR_TOKEN,
      authTokenSecret: 'YOUR_SECRET'
   }
};

ddp.call('login',  [params], (error, response) =>
   if (res) {
      let { id, token, tokenExpires } = res;

      AsyncStorage.setItem('userId', id.toString());
      AsyncStorage.setItem('loginToken', token.toString());
      AsyncStorage.setItem('loginTokenExpires', tokenExpires.toString());

      return res; //res response for use by promises
    } else {
      AsyncStorage.multiRemove(['userId', 'loginToken', 'loginTokenExpires']);
      throw err;
    }
});

[spencercarli]

You rock @faceyspacey! Thanks for sharing this.

What are you using in React Native to handle the authorization process?

[spencercarli]

I'm not familiar with the Twitter OAuth process but should authTokenSecret be visible to the client? In your second code example it would indicate that it was - just want to make sure this is a secure solution

[faceyspacey]

@spencercarli unlike Facebook, you get both an access token and an access token secret after the authentication process. Neither are app specific, but user specific.

I used: https://github.com/GoldenOwlAsia/react-native-twitter-signin
which works on both Android and iOS and is based on Fabric, which itself is owned by Twitter. So it seems like a pretty a solid twitter auth solution to bank on. The actual objective C auth code is super small. Actually, it has redundant code for stuff I also do on the server, specifically making a 2nd request to the Twitter API to get additional info about the user. So I actually removed some of the code from that package, so that it just looks like this:

//
//  TwitterSignin.m
//  TwitterSignin
//
//  Created by Justin Nguyen on 22/5/16.
//  Copyright © 2016 Golden Owl. All rights reserved.
//
#import <Fabric/Fabric.h>
#import <TwitterKit/TwitterKit.h>
#import "RCTEventDispatcher.h"
#import "TwitterSignin.h"

@implementation TwitterSignin

- (dispatch_queue_t)methodQueue
{
  return dispatch_get_main_queue();
}

RCT_EXPORT_MODULE();

RCT_EXPORT_METHOD(logIn:(NSString *)consumerKey consumerSecret:(NSString *)consumerSecret callback:(RCTResponseSenderBlock)callback)
{
  [[Twitter sharedInstance] startWithConsumerKey:consumerKey consumerSecret:consumerSecret];
  [Fabric with:@[[Twitter class]]];

  [[Twitter sharedInstance] logInWithMethods:TWTRLoginMethodWebBased completion:^(TWTRSession *session, NSError *error) {
    if (error) {
      NSDictionary *body = @{@"domain":error.domain,
                             @"code":@(error.code),
                             @"userInfo":[error.userInfo description]};

      callback(@[body, [NSNull null]]);
    } else {
      NSDictionary *body = @{@"authToken": session.authToken,
                             @"authTokenSecret": session.authTokenSecret,
                             @"userID":session.userID,
                             @"userName":session.userName};

      callback(@[[NSNull null], body]);
    }
  }];
}

@end

So basically most the auth dirty work is done by the Fabric TwitterKit library, and we're left with making a simple request using your consumerKey and consumerSecret.