Sounds easy enough, but it turned out to be a little more
challenging that I had originally anticipated.
Twitter recently updated their API and now requires authentication on
every request, using OAuth. It’s
actually fairly simple once you know what it’s expecting, so I thought I’d
share.
If you are using SharePoint 2013 there is a good library on
CodePlex. It’s called Tweetinvia and it’s
a nice C# library that takes care of everything for you. You can download it here and then proceed to the security
sections below.
If you are still using SharePoint 2010 this library will not
work for you, as it was compiled in .NET 4.0 and uses a lot of features that
are only available in .NET 4 and higher.
Unfortunately I was in this boat, so I had to build my own .NET 3.5 library
to do this. I created two projects: Twitter and
TwitterTest. The first one contains all
the code required to post an update to Twitter.
The second is console application to test it with. This project is not as robust as the
Tweetinvia project. I only required the
ability to post, so that is all I built.
Ok, so how did I do this and what was required.
The basics:
The Twitter API is basically a set of REST web
services. To make an update you must
send a POST request to this address: https://api.twitter.com/1.1/statuses/update.json?status=[tweet]&trim_user=False. Replace the [tweet] with your message and you
are almost there. Not bad so far.
As I mentioned above the Twitter API now requires
authentication, which is provided in the HTTP authentication header. Twitter is looking for 4 keys, the values are
unique per Twitter application and are provided by Twitter (see below for more
details):
- Consumer key
- Consumer secret
- Access token
- Access token secret
So all you need to do is send a tweet to the API, using the
URL above, and ensure you have the proper OAuth Authentication token from the
above keys.
To do all this I used the Tweetinvia library as a map. I ripped our required methods from the
OAuthToken, OAuthWebRequest projects.
Ripped out the required Utilities, Enums and Interfaces and created
my own Tweet class that wired them all together as required. Fortunately for the most part the methods I
needed did not have any dependencies on .NET 4.0 and the little bit that did
was easy enough to rewrite in .NET 3.5.
At a high level the OAuthToken class is responsible for OAuthToken and leveraging
the OAuthWebRequest methods to send a proper request. The OAuthWebRequest generates the web request
with the proper authentication header.
Security, Getting the Key values from Twitter:
To do this you need to go https://dev.twitter.com,
login as your twitter account (BTW: at imason you can use imasontest, Alice…). Go to My applications. To get there in the top right hand corner there
is your profile picture (or the beautiful egg if you haven’t updated it), click
on the drop down arrow and select my applications. Create a new Application, fill out the
fields, it doesn't seem to matter what the website or callback URLs are
(disclaimer: it didn't for my project and I don’t actually know what they are
used for…so it may for you). Once
created, on the settings tab there is a section called Application Type: make
sure it’s set to Read and Write (assuming you want to POST) and click the
update this Twitter applications settings.
Now on the OAuth Tool tab you will see the 4 keys and their values. If you use these and try to POST to this
account, it should work.
Security, the SharePoint Twist
So at this point, the console application will work…but when
you try to call this from SharePoint it fails…of course it does, there is
always a “helpful” SharePoint twist. The
missing piece of the puzzle is configuring SharePoint to trust the Twitter API
URL. To do this you need to get the Root
CA Certificate that Twitter uses. You
can grab this directly from Verisign
or you get it from Twitter,
you are looking for the Class 3 Public Primary Certification Authority – G2.cer
file.
Once you have this file you can configure SharePoint to
trust it. Open Central Admin. Go to the Security Section. Click on Manage Trust. Click New.
Fill in a name, I used “Twitter”.
In Root Certificate for the trust relationship, click browse and locate
the Class 3 Public Primary Certification Authority – G2.cer file.
With that the communication between SharePoint and Twitter
should now work.
