How to quickly set up a test for Twitter OAuth authentication from your local machine

Working with API’s such as Twitter from your local machine can be a pain. A problem that comes up is Twitter does not let you set your callback URL to hit your localhost. If you are working with OAuth on your local machine and want to test the user authorization flow, you are screwed. I will explain how to circumnavigate this issue on Mac OS X with Firefox. This tutorial assumes you have set up a Twitter oauth application and specified a callback url in the application settings. At the end of the tutorial, I will present a much faster way to accomplish this task.

Important Update:
As Mark Puig mentioned in the comments below, Twitter is currently allowing you to register URL’s like “http://127.0.0.1:8000/twitter_callback” as your Twitter callback URL (pretty sure this was not allowed before) . That being said, this article is still useful for those using API’s that do not allow you to register your local host as a callback and for those who want to learn more about hacking your DNS settings. And if Twitter restricts this in the future…

Step 1 (optional): Force Firefox to expire your DNS cache.
Expiring your DNS cache will force Firefox to take a fresh look at your /etc/hosts file on each request. Otherwise you may have to wait a minute forchanges to /etc/hosts to take effect. This step isn’t necessary but it will save you time if you edit /etc/hosts often.

  1. Type “about:config” into your browser address bar.
  2. When you get to the config options, right click and go to “New” -> “Integer”. Enter “network.dnsCacheExpiration” as the preference name and “0″ as the integer value.
  3. Repeat for Step 2 preference name “network.dnsCacheEntries” and the integer value “0″.

The integer value “0″ for dnsCacheExpiration is the number of seconds it will take for the DNS cache to expire. As a side note, you can increase the performance of Firefox by expiring the cache much less often (set dnsCacheExpiration to “3600″ for once per hour). Obviously you do not want to do this if you are messing around with your DNS settings such as in this example.

Step 2: Trick your browser
Open up /etc/hosts and add a line like the following:
127.0.0.1 xyz.com
where xyz.com is your real host.

If your Twitter callback URL has “www” like www.xyz.com, you must use www.xyz.com instead of xyz.com. This line forces your browser to resolve xyz.com to your localhost instead of visiting the actual website. If you completed step 1 you can type http://xyz.com into your browser address bar and watch it hit your localhost. If you skipped step 1, flush your browser’s DNS cache or wait a minute for the settings to pick up.

Step 3: Add directory and port redirection
Chances are your application’s twitter callback URL is not http://xyz.com, but rather something like http://xyz.com/twitter_callback …plus the oauth_token GET parameter. If this is true, you need to create an identical path on your localhost to a callback directory and forward to wherever you want. This is best explained by example.

My callback URL is http://xyz.com/twitter_callback and Twitter appends the oauth_token to the URL so it looks something like:
http://www.xyz.com/twitter_callback?oauth_token=pyOYM5tbvK71fvt…
Since my localhost points to “/Library/WebServer/Documents”, I created a directory “/Library/WebServer/Documents/twitter_callback/” which is where my browser will go when Twitter redirects me to the callback URL. Of course my browser will be looking for an index.php file, so I created one that looks like this:

<?php
	if($_SERVER['HTTP_HOST'] == 'xyz.com'){
                //$_SERVER['REQUEST_URI'] makes sure the oauth_token is appended 
		header("Location: http://localhost:3000".$_SERVER['REQUEST_URI']);
	}
?>

This file forwards the request to port 3000 which you cannot accomplish through DNS settings. Now I have the Twitter callback URL pointing to the proper directory in my Ruby On Rails application. Again, if your Twitter callback URL is of the form www.xyz.com, you must use www.xyz.com instead of xyz.com for the HTTP_HOST check.

Update:
There is actually a much easier way to accomplish this assuming you don’t need any URL parameters passed from the service to your application upon callback. You can use bit.ly, a URL shortening service. Just shorten the url “http://localhost:3000/twitter_callback” and register the shortened URL as the callback in your Twitter app. For this method, you have to create another Twitter OAuth app for development so that the callback URL’s can differ. Using bit.ly is faster and easier than the 3-step method above, but I will leave that method posted because it allows parameters to be passed back if necessary and it teaches you a little bit about FF and OS X.

No TweetBacks yet. (Be the first to Tweet this post)
Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • Google
  • MySpace
  • Slashdot
  • StumbleUpon
  • Technorati
  • TwitThis

If you enjoyed this post, make sure you subscribe to my RSS feed!

This entry was posted in Software and tagged , , , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.

14 Comments

  1. Posted August 28, 2009 at 1:41 pm | Permalink

    An easier solution is to use http://127.0.0.1:8000 as Callback URL instead of fake domain or URL redirects. I’ve been testing and it works awsome!

  2. Posted August 28, 2009 at 2:04 pm | Permalink

    That does work. I wonder if they recently started allowing you to set that as a callback because I am pretty sure it didn’t work a couple weeks ago…hence this article. I will update the article to let people know. Thanks!

  3. Posted February 28, 2010 at 3:20 pm | Permalink

    I’m just trying out the Bit.ly method but it doesn’t preserve the query string that Twitter attaches to the callback URL. Does something specific need to be done to achieve this?

  4. Posted February 28, 2010 at 8:24 pm | Permalink

    As mentioned in the article, I haven’t gotten the bit.ly method to work with parameters. I would recommend using the other method described. Let me know if you figure out something else.

  5. Posted April 2, 2010 at 9:47 pm | Permalink

    Tony,
    Thanks for the write up. I had success using Abraham’s twitteroauth
    http://github.com/abraham/twitteroauth

  6. Posted September 7, 2010 at 1:37 pm | Permalink

    Hi, there is an even easier method to solve the described problem. Just use the domain smackaho.st (e.g. smackaho.st:3000/oauth/callback) it resolves to 127.0.0.1 and preserves the query string.

  7. Posted June 2, 2011 at 8:15 am | Permalink

    The bit.ly solution is not accepted for Google Domains :-(

    I’ll try 3 steps solution later :-)

  8. Anil
    Posted September 6, 2011 at 10:11 am | Permalink

    Important Update:

    this update you posted saved my entire day….you should probably make font color to RED….

    thanks a lot

  9. Posted December 10, 2011 at 6:09 am | Permalink

    I tried to shorten the link ‘http://localhost/’ using bit.ly but “An error occurred shortening that link” :(

  10. Posted December 10, 2011 at 6:09 am | Permalink

    I tried to shorten the link ‘http://localhost/’ using bit.ly but “An error occurred shortening that link”

  11. Posted December 10, 2011 at 6:35 am | Permalink

    Anyway, thanks for the advice in step 2 it worked charmingly :)

  12. Roman
    Posted May 31, 2012 at 3:07 pm | Permalink

    What if I don’t want it going to my local box, what if I want the callback to go to a development server, but the dev server is only visible internally to the company not externally? I’m getting a “Sorry that page doesn’t exist” error from twitter.

  13. Earth 2 Eddie
    Posted September 3, 2012 at 3:10 pm | Permalink

    Hi, I’m working through Sam’s Teach Yourself Twitter API.. In Hour 8, there are simple instructions of setting up the consumer key, consumer secret (I already had a different php program using these succesfully). Plugged those into config.php, used the define(’OAUTH_CALLBACK’, ‘http://localhost/callback.php’); with localhost and created a tinyurl for it (your workaround, right?). Get the sign in to Twitter screen and then it goes to the redirect page that says:

    “Could not connect to Twitter. Refresh the page or try again later.”

    I’m completely dead in the water here. Once I get this working, I’ll be off and running, but I’m completely stuck. Any help would be appreciated.

  14. Ashish Gupta
    Posted December 11, 2012 at 12:59 am | Permalink

    I am using oauth for twitter authentication. After authorizing the application twitter is providing me a pin and says go back to your application and enter this pin to complete the access to this application.

3 Trackbacks

  1. By GoTop’s Blog » Twitter API 的OAuth认证 on September 10, 2010 at 1:20 pm

    [...] 其中填写Callback URL这一项后,记得用"authorized callbacks"这个链接将http://127.0.0.1 和 http://localhost 这两个网址也认证了,这样才能在本机上进行测试. 具体可以参考这篇文章:How to quickly set up a test for Twitter OAuth authentication from your local machine [...]

  2. [...] just read the following article: http://www.tonyamoyal.com/2009/08/17/how-to-quickly-set-up-a-test-for-twitter-oauth-authentication-f…, which was linked to from this question: Twitter oAuth callbackUrl – localhost [...]

  3. [...] descobrir lendo aqui, aqui e aqui que é possível configurar o seu localhost como Callback URL no Twitter, assim não será [...]