How do I implemente “sign in with Twitter” from Javascript now that Anywhere will be deprecated soon?


#1

I did in the past an Implementation with Twitter Anywhere. It worked and it’s working very well but I now see that Twitter is sunsetting Anywhere and this fantastic javascript API won’t be available anymore. I read the new documentation and I see there is no friendly Javascript API and the only information I found is a “do it yourself” by understanding how oauth works (https://dev.twitter.com/docs/auth/implementing-sign-twitter). The problem is I don’t have any idea on how to develop all that functionality and I also can’t understand how a brilliant API as Twitter Anywhere will be deprecated while the is no similar new API that really replace it.

Do you know what would be the way to do it now that Anywhere will be deprecated? There are suggestion about using Twitter for website where the login is done automatically when doing a tweet or dooing some actions, but none of them are useful for me as I just use the login to get some information from the user and that’s all.

Thanks a lot in advance!


#2

We’re not providing a new client-side Javascript-based sign in experience at this time. With @Anywhere deprecated, there’s no client-side means to obtain access tokens on behalf of your application or users.

The other products in Twitter for Websites allow you to accomplish much of the same end-user functionality without having to negotiate a direct relationship with the user through authorization.


#3

Hey, thanks for the answer! I’m probably loosing something but I can’t understand what I will do now with my idea and current development.

To give you a better idea, I want to have a login similar to http://whosin.com website (click login and login with twitter at the top right of the screen) and then have the chance from the client side (javascript) to call the Twitter API being authenticated. I’m not worried about how to do the login, I just want to have and authenticated user on javascript and do authenticated calls to the twitter API from the client without any work on the server side. Can I do that without Anywhere? Can you help me with some directions?

Thanks a lot!

Fer


#4

@Anywhere supported this kind of purely client-side authentication, but now that it’s deprecated you essentially have no purely client-side means to accomplish this. You will have to use server-side OAuth to provide similar functionality.


#5

Thanks again for the answer. Then, and just to better understand the new way of doing twitter things and also because i’m not at all a master with OAuth… Doing the server side authentication is perfectly clear but my question now is, can I do authentication in the server side for each customer and then send to each customer some identification or token so upcoming calls from the customer are made directly from the client side (javascript from a web browser) using that token?

Thanks a lot!


#6

Happy to help.

Unfortunately, client-side API calls are very difficult in the OAuth 1.0a model. You’re right that you’d perform the token negotiation server side and then persist a user’s access token and associate it with whatever server-side representation you have for that user. The main difficulty is around keeping your consumer secret secured – you need to it to sign requests, but you can’t put it in public Javascript without exposing the key.

As for direct REST API calls, the only means you have to perform the requests client-side are to securely first use a server-side signing component – you’d make a client side request to your own server with the “ingredients” then on your server put those together to form the various OAuth header components you need to make a client-side request. Then you’d use those details to build a client-side request to the API.

As you can see, if you’re going to the trouble to sign things server-side but then making the request client-side, you’re not really getting any of the benefit of client-side development. You may as well just sign and execute all of your requests server-side and just use client-side Javascript to tell your own servers to make those calls.

Hope this helps!


Chrome extension authentication with Twitter
#7

I can say that a more detailed answer would have been impossible :slight_smile:

Although, your explanation in some way killed my new development :slight_smile: as some new features were based on running all the calls to Twitter API from each client just to skip charging our servers with tremendous high processing as I would expect from twitter users. Our idea was based on that and everything was good (but insecure, as you said because we were publishing the secret key on the client side) so this restriction as I said killed the project. Anyway, it was good to know that now as we are in the discovery phases and almost no cost were spent.

Thanks a lot for all the answers and we will continue trying to discover how we can do things without authenticated javascript calls…


#8

So how are developers supposed to build mobile apps that authenticate via Twitter? Same as your recommendation for websites: eg, do the auth server-side and ship custom tokens between client and server?

Seems even more of a kludge on mobile (html5) since most of the dev is pure Javascript, of course. This is really unfortunately in that it necessitates an active server connection for an app that might not otherwise need one at all.


#9

Hi Taylor,

Please reintroduce the client side javascript @Anywhere js, as many of our websites works on it. All of them are down now. At least enable it for the existing users.

Otherwise please introduce a client side javascript oauth like @Anywhere js
Can I use WebIntent instead of @Anywhere for authorizing a user.


#10

@Anywhere was really convenient to avoid the 1354 Steps auth process from twitter … i really don’t understand why they are not ABLE to allow a simpler oauth process like offered by Facebook and Google …


#11

so, we are still not able to login user using only javascript?


#12

Hi taylor,
I am new one to integrate twitter login in mysite. I have finished my application and got keys.
after that i dont know what will i do. But I download some source code file.It will work login successfully but i logout in mysite, twitter is login thats not logout. Help me pls…


#13

can you please share your code, here i am not able to login to twitter from there redirect back to my application. please help me, its urgent.
you can mail me at rajeshacharya65@gmail.com


#14

so does the codbird.js not allow this? client side authentication? https://github.com/mynetx/codebird-js

This was available from the javascript library. So this cannot be used either?


#15

This new way of Oauth made me quit using it.
For all the folks out there… You can use Connect with Facebook!
Clearly explained + Easy to implement.


#16

Yes I would like to know too if @Codebird.js is a good Client Side Authentification library or if it is deprecated as @anywhere ? And if it using Oauth 2.0 !?

Thanks you very much


#17

Hi karthik,
Can you plz sent the code for me… i tried to develop it for my mobile application in IOS but i can’t and getting prob with the Oauth and childbrowser linking…plz help me to resolve thanks in advance
this is my mail maniya0205@gmail.com


#18

Can someone give me a clue about this workflow? I’m developing a html5 app with an API in PHP. I get the part that everything will be done as server-side, but I’m not getting the first step of the process.

E.g
User clicks on ‘Sign up with twitter’, what should I call to the user enter twitter credentials? This new process it’s very confusing I think

Thank you,
Mário


#19

someone give me a detailed explanation on how to implement twitter login in my website using codebird.js


#20

can anyone give me the explanation on how to implement twitter in my web site as i implemented facebook login in my website using javascript file.