# Twitter API test

## Twitter dev portal setup

1. create account
1. go to dev portal
1. set up project
1. set up app inside project
1. retrieve
    - consumer key
    - consumer secret
    - bearer token
    - access token
    - access secret

### OAuth1

- consumer key/secret - represents the app making the API requests
- access token/secret - represents the twitter account that the request is made on behalf of

This solves the following problems when making HTTP requests to twitter's servers:

1. which app is making the request?
1. which account is the app making the request on behalf of?
1. has the user granted authorization to the app to post on its behalf?
1. has the request been tampered by a third-party in transit?

In [9]:
import os
import requests
from pathlib import Path
import json
import tomllib
from dotenv import load_dotenv
import base64
import hashlib
import redis
import re
from requests.auth import AuthBase, HTTPBasicAuth
from requests_oauthlib import OAuth1Session, OAuth2Session, TokenUpdated
from flask import Flask, request, redirect, session, url_for, render_template

In [7]:
dotenv_file = Path('../.env')
load_dotenv(dotenv_file)

True

In [6]:
TWITTER_API_KEY = os.getenv('TWITTER_API_KEY')
TWITTER_API_SECRET = os.getenv('TWITTER_API_SECRET')
TWITTER_BEARER_TOKEN = os.getenv('TWITTER_BEARER_TOKEN')
TWITTER_ACCESS_TOKEN = os.getenv('TWITTER_ACCESS_TOKEN')
TWITTER_ACCESS_SECRET = os.getenv('TWITTER_ACCESS_SECRET')
TWITTER_REDIRECT_URI = os.environ.get("TWITTER_REDIRECT_URI")
oauth2_url = "https://twitter.com/i/oauth2/authorize"
oauth2_token_url = "https://api.twitter.com/2/oauth2/token"
# oauth2 scopes
scopes = ["tweet.read", "users.read", "tweet.write", "offline.access"]

## via HTTP request

### search tweets with cURL

```bash
curl \
    --request GET 'https://api.twitter.com/2/tweets/search/recent?query=from:twitterdev' \
    --header 'Authorization: Bearer $BEARER_TOKEN'
```

In [5]:
def bearer_oauth(request):
    """
    Callable method required by bearer token auth
    """
    request.headers['Authorization'] = f'Bearer {TWITTER_BEARER_TOKEN}'
    request.headers['User-Agent'] = "v2RecentSearchPython"
    return request

search_url = "https://api.twitter.com/2/tweets/search/recent"
# Optional params: start_time,end_time,since_id,until_id,max_results,next_token,
# expansions,tweet.fields,media.fields,poll.fields,place.fields,user.fields
query_params = {'query': '(from:twitterdev -is:retweet) OR #twitterdev','tweet.fields': 'author_id'}

response = requests.get(
    url=search_url,
    auth=bearer_oauth,
    params=query_params,
)

json_response = response.json()
print(json.dumps(json_response, indent=4, sort_keys=True))

{
    "client_id": "27669589",
    "detail": "When authenticating requests to the Twitter API v2 endpoints, you must use keys and tokens from a Twitter developer App that is attached to a Project. You can create a project via the developer portal.",
    "reason": "client-not-enrolled",
    "registration_url": "https://developer.twitter.com/en/docs/projects/overview",
    "required_enrollment": "Appropriate Level of API Access",
    "title": "Client Forbidden",
    "type": "https://api.twitter.com/2/problems/client-forbidden"
}


### Posting with OAuth1

[Link to sample code](https://github.com/twitterdev/Twitter-API-v2-sample-code/blob/main/Manage-Tweets/create_tweet.py)

In [10]:
request_token_url = "https://api.twitter.com/oauth/request_token?oauth_callback=oob&x_auth_access_type=write"
oauth = OAuth1Session(TWITTER_API_KEY, client_secret=TWITTER_API_SECRET)

payload = {"text": "Hello Klang Valley!"}

# get resource token
try:
    fetch_response = oauth.fetch_request_token(request_token_url)
except ValueError:
    print("Potential error with key or secret")

print(fetch_response.keys())

In [12]:
resource_owner_key = fetch_response.get("oauth_token")
resource_owner_secret = fetch_response.get("oauth_token_secret")
print(f'OAuth token: {resource_owner_key}')

OAuth token: fz9YRwAAAAABpjRVAAABijC3V1g


In [15]:
# get authorization
base_oauth1_url = "https://api.twitter.com/oauth/authorize"
oauth1_url = oauth.authorization_url(base_oauth1_url)
print(f'go here to authorize: {oauth1_url}')
# in vs code, the input is asked in the top bar, not part of the cell output
verifier = input("Paste pin here: ")

go here to authorize: https://api.twitter.com/oauth/authorize?oauth_token=fz9YRwAAAAABpjRVAAABijC3V1g


In [17]:
# get access token
access_token_url = "https://api.twitter.com/oauth/access_token"
oauth = OAuth1Session(
    TWITTER_API_KEY,
    TWITTER_API_SECRET,
    resource_owner_key=resource_owner_key,
    resource_owner_secret=resource_owner_secret,
    verifier=verifier,
)
oauth1_tokens = oauth.fetch_access_token(access_token_url)

# debug, to make sure they exist
access_token = oauth1_tokens["oauth_token"]
access_token_secret = oauth1_tokens["oauth_token_secret"]


In [19]:
# make the request
response = oauth.post(
     "https://api.twitter.com/2/tweets",
     json=payload,
)
if response.status_code != 201:
    raise Exception(f"Request returned error: {response.status_code} {response.text}")

print(f'Response code: {response.status_code}')

json_response = response.json()
print(json.dumps(json_response, indent=4, sort_keys=True))

Response code: 201
{
    "data": {
        "edit_history_tweet_ids": [
            "1695338599930339365"
        ],
        "id": "1695338599930339365",
        "text": "Hello Klang Valley!"
    }
}


## OAuth2

Uses a Bearer Token to authenticate requests on behalf of the app

To retrieve the OAuth2 Client ID and secret:

1. create project
1. create app
1. settings > user authentication settings
1. use `http://127.0.0.1:5000/oauth/callback` for redirect, or callback URI
1. use the github repo for website
1. save
1. client ID and secret will be shown

### Python Wrappers for Twitter API v2

- [tweepy](https://github.com/tweepy/tweepy)
  - docs for OAuth2
- [python-twitter](https://github.com/sns-sdks/python-twitter)

### Post with OAuth2

- `requests` library makes HTTP requests to twitter API
- `redis` stores the key/token pairs from OAuth2
- `requests_oauthlib` to use OAuth2
- `flask` to create web framework that authenticates our account

#### Set up database to save tokens created from OAuth 2.0 flow

Use redis, and in-memory key-value database. [render] offers a managed instance at free tier.

Retrieve the external connection URL, in the format of `rediss://user:pass@host:port`, and save as env var for our python script

In [8]:
redis_url = redis.from_url(os.environ["REDIS_URL"])

#### Create flask app

In [None]:
app = Flask(__name__)
app.seccret_key = os.urandom(50)

#### OAuth2

retrieve callback URI and client ID/secret into app

In [20]:
client_id = os.environ.get("TWITTER_CLIENT_ID")
client_secret = os.environ.get("TWITTER_CLIENT_SECRET")
oauth2_url = "https://twitter.com/i/oauth2/authorize"
token_url = "https://api.twitter.com/2/oauth2/token"
redirect_uri = os.environ.get("TWITTER_REDIRECT_URI")

# set scopes for OAuth2
# offline.access allows refresh tokens to stay connected for >2h
scopes = ["tweet.read", "users.read", "tweet.write", "offline.access"]

code verifier and challenge for PKCE-compliance. challenge is a base64 encoded `str` of the code verifier hash

In [22]:
code_verifier = base64.urlsafe_b64encode(os.urandom(30)).decode('utf-8')
code_verifier = re.sub('[^a-zA-Z0-9]+', "", code_verifier)
print(code_verifier)

UJWDphJtfDQm3VwmT7FYNTlmhOp0kzrZ6G8i3Ft


In [24]:
code_challenge = hashlib.sha256(code_verifier.encode('utf-8')).digest()
code_challenge = base64.urlsafe_b64encode(code_challenge).decode('utf-8')
code_challenge = code_challenge.replace("=", "")
code_challenge

'D-VnoIY9By9LNc6YyO-6UtmbzVN8A-_heF5h4SfICaY'

to manage tweets, we need an access token

In [25]:
def make_token():
    return OAuth2Session(
        client_id,
        redirect_uri=redirect_uri,
        scope=scopes
    )

Call aviationstacks API and figure out which planes are late

In [27]:
AVIATION_API_KEY = os.environ.get("AVIATION_API_KEY")
def request_flights():
    url = "http://api.aviationstack.com/v1/flights"
    params = {
        "access_key": AVIATION_API_KEY,
        "airline_name": "Malaysia Airlines",
        "min_delay_arr": 30,
    }
    response = requests.get(url, params).json()
    return response

In [30]:
response = request_flights()

In [31]:
response['pagination']

{'limit': 100, 'offset': 0, 'count': 100, 'total': 162}