Implementing XAuth

When Twitter deprecated basic authorization in favor of OAuth, they created a new feature named XAuth. One way to look at XAuth is that it's a blend of OAuth and basic authentication. This page describes how to use XAuth.

Reminder: You need permission from Twitter to use XAuth. If you don't have permission, LINQ to Twitter will return an exception based on the error generated by the Twitter API.

To get started, you'll need to instantiate an authorizer. Credentials must be populated with ConsumerKey, ConsumerSecret, UserName and Password which identify both your application and the user to Twitter. Heres how you can instantiate an authorizer:

            var auth = new XAuthAuthorizer
                CredentialStore = new XAuthCredentials
                    ConsumerKey = ConfigurationManager.AppSettings["consumerKey"],
                    ConsumerSecret = ConfigurationManager.AppSettings["consumerSecret"],
                    UserName = "YourUserName",
                    Password = "YourPassword"
The example above instantiates a XAuthCredentials, which is an implementation of IOAuthCredentials. The ConsumerKey and ConsumerSecret credentials are being read from a config file, which is fine because they generally don't change for your application. The UserName and Password are for the Twitter account of the user the application is operating on behalf of.

Next, you'll need to authorize the user. This allows LINQ to Twitter to get the OAuthToken and AccessToken for this user:

After Authorize returns, you can read OAuthToken and AccessToken and store them in the database for this user. On subsequent LINQ to Twitter queries on behalf of this same user, you can retrieve OAuthToken and AccessToken from your database and populate Credentials with all four tokens. By loading all four tokens, LINQ to Twitter will not redirect the user for authorization and you can simply perform queries on behalf of that user.

To perform queries, you need to instantiate a TwitterContext with the XAuthAuthorizer that has all four credential tokens, like this:

            using (var twitterCtx = new TwitterContext(auth, "", ""))
                twitterCtx.Log = Console.Out;

                var users =
                    (from tweet in twitterCtx.User
                     where tweet.Type == UserType.Friends &&
                           tweet.ScreenName == "JoeMayo"
                     select tweet)

                users.ForEach(user =>
                    var status =
                        user.Protected || user.Status == null ?
                            "Status Unavailable" :

                        "ID: {0}, Name: {1}\nLast Tweet: {2}\n",
                        user.Identifier.UserID, user.Identifier.ScreenName, status);
You now have a TwitterContext instance that has been properly authorized and can see how to use it to make queries.
The XAuthAuthorizer allows you to use UserName and Password to operate on behalf of a user. The process is less involved than with other authorizers, such as WebAuthorizer, because the process only involves instantiating the authorizer, calling Authorize, and then assigning the authorizer to a TwitterContext instance.

Last edited Sep 24, 2014 at 5:05 PM by JoeMayo, version 2