Sample code for 30+ languages & platforms
PowerShell

Twitter OAuth1 Authorization (3-legged)

See more OAuth1 Examples

Demonstrates 3-legged OAuth1 authorization for Twitter.

This example is deprecated and no longer valid.

Chilkat PowerShell Downloads

PowerShell
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"

$success = $false

$consumerKey = "TWITTER_CONSUMER_KEY"
$consumerSecret = "TWITTER_CONSUMER_SECRET"

$requestTokenUrl = "https://api.twitter.com/oauth/request_token"
$authorizeUrl = "https://api.twitter.com/oauth/authorize"
$accessTokenUrl = "https://api.twitter.com/oauth/access_token"

# The port number is picked at random. It's some unused port that won't likely conflict with anything else..
$callbackUrl = "http://localhost:3017/"
$callbackLocalPort = 3017

# The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
$http = New-Object Chilkat.Http

$http.OAuth1 = $true
$http.OAuthConsumerKey = $consumerKey
$http.OAuthConsumerSecret = $consumerSecret

$req = New-Object Chilkat.HttpRequest
$req.AddParam("oauth_callback",$callbackUrl)

$req.HttpVerb = "POST"
$req.ContentType = "application/x-www-form-urlencoded"

$resp = New-Object Chilkat.HttpResponse
$success = $http.HttpReq($requestTokenUrl,$req,$resp)
if ($success -eq $false) {
    $($http.LastErrorText)
    exit
}

# If successful, the resp.BodyStr contains something like this:  
# oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
$($resp.BodyStr)

if ($resp.StatusCode -ne 200) {
    $("Failed response status code: " + $resp.StatusCode)
    exit
}

$hashTab = New-Object Chilkat.Hashtable
$hashTab.AddQueryParams($resp.BodyStr)

$requestToken = $hashTab.LookupStr("oauth_token")
$requestTokenSecret = $hashTab.LookupStr("oauth_token_secret")
$http.OAuthTokenSecret = $requestTokenSecret

$("oauth_token = " + $requestToken)
$("oauth_token_secret = " + $requestTokenSecret)

# ---------------------------------------------------------------------------
# The next step is to form a URL to send to the authorizeUrl
# This is an HTTP GET that we load into a popup browser.
$sbUrlForBrowser = New-Object Chilkat.StringBuilder
$sbUrlForBrowser.Append($authorizeUrl)
$sbUrlForBrowser.Append("?oauth_token=")
$sbUrlForBrowser.Append($requestToken)
$url = $sbUrlForBrowser.GetAsString()

# Launch the system's default browser navigated to the URL.
$oauth2 = New-Object Chilkat.OAuth2
$success = $oauth2.LaunchBrowser($url)
if ($success -eq $false) {
    $($oauth2.LastErrorText)
    exit
}

# When the url is loaded into a browser, the response from Twitter will redirect back to localhost:3017
# We'll need to start a socket that is listening on port 3017 for the callback from the browser.
$listenSock = New-Object Chilkat.Socket

$backLog = 5
$success = $listenSock.BindAndListen($callbackLocalPort,$backLog)
if ($success -eq $false) {
    $($listenSock.LastErrorText)
    exit
}

# Wait for the browser's connection in a background thread.
# (We'll send load the URL into the browser following this..)
# Wait a max of 60 seconds before giving up.
$sock = New-Object Chilkat.Socket
$maxWaitMs = 60000
$task = $listenSock.AcceptNextAsync($maxWaitMs,$sock)
$task.Run()

# Wait for the listenSock's task to complete.
$success = $task.Wait($maxWaitMs)
if (!$success -or ($task.StatusInt -ne 7) -or ($task.TaskSuccess -ne $true)) {
    if (!$success) {
        # The task.LastErrorText applies to the Wait method call.
        $($task.LastErrorText)
    }
    else {
        # The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        $($task.Status)
        $($task.ResultErrorText)
    }

    exit
}

# If we get to this point, the connection from the browser arrived and was accepted.

# We no longer need the listen socket...
# Stop listening on port 3017.
$listenSock.Close(10)

# Read the start line of the request..
$startLine = $sock.ReceiveUntilMatch("`r`n")
if ($sock.LastMethodSuccess -eq $false) {
    $($sock.LastErrorText)
    exit
}

# Read the request header.
$requestHeader = $sock.ReceiveUntilMatch("`r`n`r`n")
if ($sock.LastMethodSuccess -eq $false) {
    $($sock.LastErrorText)
    exit
}

# The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
# Once the request header is received, we have all of it.
# We can now send our HTTP response.
$sbResponseHtml = New-Object Chilkat.StringBuilder
$sbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")

$sbResponse = New-Object Chilkat.StringBuilder
$sbResponse.Append("HTTP/1.1 200 OK`r`n")
$sbResponse.Append("Content-Length: ")
$sbResponse.AppendInt($sbResponseHtml.Length)
$sbResponse.Append("`r`n")
$sbResponse.Append("Content-Type: text/html`r`n")
$sbResponse.Append("`r`n")
$sbResponse.AppendSb($sbResponseHtml)

$sock.SendString($sbResponse.GetAsString())
$sock.Close(50)

# The information we need is in the startLine.
# For example, the startLine will look like this:
#  GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
$sbStartLine = New-Object Chilkat.StringBuilder
$sbStartLine.Append($startLine)
$numReplacements = $sbStartLine.Replace("GET /?","")
$numReplacements = $sbStartLine.Replace(" HTTP/1.1","")
$sbStartLine.Trim()

# oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd
$("startline: " + $sbStartLine.GetAsString())

$hashTab.Clear()
$hashTab.AddQueryParams($sbStartLine.GetAsString())

$requestToken = $hashTab.LookupStr("oauth_token")
$authVerifier = $hashTab.LookupStr("oauth_verifier")

# ------------------------------------------------------------------------------
# Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

$http.OAuthToken = $requestToken
$http.OAuthVerifier = $authVerifier

# We don't need the "Authorization: OAuth ..." header for this POST.
$http.OAuth1 = $false
$req.RemoveParam("oauth_callback")
$req.AddParam("oauth_verifier",$authVerifier)
$req.AddParam("oauth_token",$requestToken)

$req.HttpVerb = "POST"
$req.ContentType = "application/x-www-form-urlencoded"

$success = $http.HttpReq($accessTokenUrl,$req,$resp)
if ($success -eq $false) {
    $($http.LastErrorText)
    exit
}

# Make sure a successful response was received.
if ($resp.StatusCode -ne 200) {
    $($resp.StatusLine)
    $($resp.Header)
    $($resp.BodyStr)
    exit
}

# If successful, the resp.BodyStr contains something like this:
# oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&user_id=85612355&screen_name=chilkatsoft&x_auth_expires=0
$($resp.BodyStr)

$hashTab.Clear()
$hashTab.AddQueryParams($resp.BodyStr)

$accessToken = $hashTab.LookupStr("oauth_token")
$accessTokenSecret = $hashTab.LookupStr("oauth_token_secret")
$userId = $hashTab.LookupStr("user_id")
$screenName = $hashTab.LookupStr("screen_name")

# The access token + secret is what should be saved and used for
# subsequent REST API calls.
$("Access Token = " + $accessToken)
$("Access Token Secret = " + $accessTokenSecret)
$("user_id = " + $userId)
$("screen_name  = " + $screenName)

# Save this access token for future calls.
# Just in case we need user_id and screen_name, save those also..
$json = New-Object Chilkat.JsonObject
$json.AppendString("oauth_token",$accessToken)
$json.AppendString("oauth_token_secret",$accessTokenSecret)
$json.AppendString("user_id",$userId)
$json.AppendString("screen_name",$screenName)

$fac = New-Object Chilkat.FileAccess
$fac.WriteEntireTextFile("qa_data/tokens/twitter.json",$json.Emit(),"utf-8",$false)

$("Success.")