Ruby Weekly is a weekly newsletter covering the latest Ruby and Rails news.

Building OAuth Compliant Twitter Related Apps in Ruby (with Rails or Sinatra)

By Peter Cooper / March 24, 2009

twitterauth.jpgTwitter - the lifestreaming-meets-microblogging social site - has exploded in the last year and lots of applications have been developed that can take advantage of Twitter accounts. The downside is that many have required users to put their own Twitter username and password credentials into the third party apps.. a security minefield!

Luckily, Twitter has recently implemented OAuth, an open protocol that allows third parties to gain authorized access to APIs without giving up all of your credentials (you basically "approve" them to gain access on an ad-hoc basis). And.. there are already two options for rapidly putting together Ruby applications that can take advantage of the new OAuth feature to roll out secure, third party Twitter apps: TwitterAuth and Sinitter.

TwitterAuth: The Rails Approach

TwitterAuth is a Rails plugin by Michael Bleigh (of Intridea) that provides an authentication stack for Rails that relies upon Twitter. It can deal with both OAuth and regular HTTP POST, although the former is preferable for the reasons hopefully made clear above ;-) Note that the primary focus of TwitterAuth is to just provide an authentication stack that's built off of Twitter (Michael refers to it as a "Twitter Connect" for Rails).

Michael has put together a great run through of how to install and use the plugin to build a simple third party Twitter app in several minutes. It's a must read.

TwitterAuth seems to rely on the Ruby OAuth library (which you might choose to use separately, if you want to really get deep and dirty).

Sinitter: The Sinatra Approach

Sinitter provides a quick, lightweight solution to rolling out an OAuth powered Twitter app by using the Sinatra DSL / micro-framework / library (or whatever one decides to call it). The majority of the app bakes down to just one file.

Sinitter relies on the Twitter OAuth library - a REST API client library for Ruby. If you want to try rolling out an OAuth powered Twitter app in, say, Ramaze, this is probably where you'd want to start instead.

If you're interested in a Ruby framework for building Twitter bots, check out Twibot - which we wrote about just a week ago.


  1. awesome says:

    fekja! awesome! I was looking in to OAuth a while back for fun... now I really need something like this for a project. Good to see it's still alive and kickin'

  2. Jonathan Nelson says:

    I just completed full integration of Twitter OAuth on my site. Very well done Michael! Thank you for your contributions.

Other Posts to Enjoy

Twitter Mentions