Using Twitter OAuth with Rails + sample

I've been using rails with the Twitter REST API of late, using the oauth gem as the base. It works well, but keeping up with the API changes can be a challenge!

In the recent update to OAuth 1.0a, there were two critical changes required:

Web-apps should specify the oauth_callback

Through trial-and-error, I found that if you don't explicitly specify the oauth_callback when going through the authorization process, twitter will halt at the PIN page (behaving as if you are using a client application). That's easily fixed..
request_token = consumer.get_request_token( :oauth_callback => TWOAUTH_CALLBACK )
session[:request_token] = request_token.token
session[:request_token_secret] = request_token.secret
# Send to to authorize
redirect_to request_token.authorize_url

NB: the root cause is that oauth 0.3.5 sets "oob" as the oauth_callback if you don't explicitly set it. This triggers the twitter desktop PIN flow.

Include the oauth_verifier when exchanging the request token for an access token

Next, the major change in 1.0a was to add an oauth_verifier parameter. Twitter sends this back to you after the user has authorized access, and you need to include this parameter when exchanging the request token for an access token.
request_token =, session[:request_token], session[:request_token_secret])
access_token = request_token.get_access_token( :oauth_verifier => params[:oauth_verifier] )

An example application

I've created a minimalist application that demonstrates the twitter API with OAuth 1.0a in rails. I've set this up to run at heroku.

The source is at github for all to share:

And there's a running demo site at