twitter-oauth2
v1.1.2
Published
Express.js middleware implementation for Twitter OAuth2 Client.
Downloads
90
Readme
twitter-oauth2
Express.js middleware implementation for Twitter OAuth 2.0 Client.
This module supports the following grant type available on twitter:
Table of Contents
Install
$ npm i twitter-oauth2Usage
import express from 'express';
import session from 'express-session';
import { request } from 'undici';
import { twitterOAuth2 } from 'twitter-oauth2';
const app: express.Express = express();
/* ---- express-session ----*/
app.use(session({
name: 'YOUR-SESSION-NAME',
secret: 'YOUR-SECRET',
resave: false,
saveUninitialized: true
}))
app.use(twitterOAuth2({
client_id: 'YOUR-CLIENT-ID',
client_secret: 'YOUR-CLIENT-SECRET',
redirect_uri: 'YOUR-REDIRECT-URI',
scope: 'tweet.read users.read offline.access'
}))
app.get('/', async (req: express.Request, res: express.Response) => {
const tokenSet = req.session.tokenSet;
console.log('received tokens %j', req.session.tokenSet);
const { body } = await request('https://api.twitter.com/2/users/me',
{
headers: {
Authorization: `Bearer ${tokenSet?.access_token}`
}
});
const username = (await body.json()).data.username;
res.send(`Hello ${username}!`);
})Note This module uses a session store that is compatible with express-session.
See the example for more details.
Authorization Code Grant with PKCE
The required arguments depend on the client type.
Confidential Client
app.use(twitterOAuth2({
client_id: 'YOUR-CLIENT-ID',
client_secret: 'YOUR-CLIENT-SECRET',
redirect_uri: 'YOUR-REDIRECT-URI',
scope: 'tweet.read users.read offline.access'
}))Public Client
app.use(twitterOAuth2({
client_type: 'public',
client_id: 'YOUR-CLIENT-ID',
redirect_uri: 'YOUR-REDIRECT-URI',
scope: 'tweet.read users.read offline.access'
}))Client Credentials Grant
app.use(twitterOAuth2({
consumer_key: 'YOUR-CONSUMER-KEY',
consumer_secret: 'YOUR-CONSUMER-SECRET',
grant_type: 'client_credentials'
}))API
import { twitterOAuth2 } from 'twitter-oauth2';twitterOAuth2(options)
Create a middleware with the given options.
Options
twitterOAuth2 accepts these properties in the options object.
client_id
The identifier of the Client.
You can check it from the Developer Portal.
This option is used in case Authorization Code Grant.
This option can also be read from the environment variable CLIENT_ID.
client_secret
This is the secret information used for client authentication.
You can check it from the Developer Portal.
This option is used in the case of Authorization Code Grant and Confidential Client.
This option can also be read from the environment variable CLIENT_SECRET.
redirect_uri
This is the callback URL that you registered on the Developer Portal.
This option can also be read from the environment variable REDIRECT_URI.
scope
The scope of the access request.
Please see the documentation for available scopes.
The current default is tweet.read users.read offline.access.
client_type
The client type is defined in OAuth2.0.
This value was set during the registration process.
The current default is confidential.
grant_type
The grant_type is defined in OAuth2.0.
The current default is authorization_code.
consumer_key
The client identifier.
In Client Credentials Grant, the consumer key is used as the client_id.
This option can also be read from the environment variable CONSUMER_KEY.
consumer_secret
The client secret.
In Client Credentials Grant, the consumer secret is used as the client_secret.
This option can also be read from the environment variable CONSUMER_SECRET.
Error Handling
Errors raised by this middleware are handled by the default Express error handler. To write your error handler, see the Express documentation on writing Custom error handlers.
Contributing
Thanks for your feedback and contribution to this repo! Please feel free to open issues and send pull-requests.