How to use OAuth Authentication For Twitter Windows Applications

Download Sample Project

In my last post Using OAuth Authentication For Twitter Applications, I showed it with the help of a console application how you can use OAuth for twitter applications. Your real world applications are not going to be console applications. You are developing either desktop (windows) or Web applications. In this post I will show how you can use OAuth authentication in desktop or windows applications.

The fundamentals for using OAuth in console application or windows application remain the same. The steps involved are as follows:

  1. Get a request token from twitter authorization site.
  2. Send a request to twitter site for authorization.
  3. Use the PIN supplied from above step to get access token from twitter authorization site
  4. Save the access token from above step for later use.

Step #4 is something that is very anoying. In console application, default browser was launched to allow user to provide their twitter login information and then get authorization pin. And then manually enter that PIN. You will end up doing the same for windows application as well.

But there is a solution available that extracts this authorization PIN from the page and then automatically get the access token. Let's see how this happens.

WebBrowser Control

In stead of letting your desktop or windows application launch default browser, make use of handy WebBrowser control. Create a new windows form and put this WebControl on it. Do not set Source of browser yet because we do not know URL that is going to be used to authorize the user. During loading of WebControl form, get RequestToken same way as we did in our console application. Now use this request token to get authorization URL from twitter. Use this URL to call Navigate method on WebBrowser control. Your windows form will have authentication page from twitter open. Make sure that you have registered an event handler for LoadCompleted event for WebBrowser control. This will get called every time a new page is loaded into WebControl. This is where you will be performing the checks.

Check Response

After a user enters twitter credentials and authorizes your application, a new page will be loaded in WebControl in your form. In event handler for LoadCompleted you will check URL of the page along with a DIV that has ID of oauth_pin. If this PIN is there, that means user has authorized your application and extract this PIN to be used to get access token. If there is no PIN then user has not authorized the application.

Use this extracted PIN to request AccessToken from twitter authorization site as was done in console application. Serialize the returned access token for later use.

Following code snippet shows how PIN was extracted in LoadCompleted event of WebControl.

private void OnUrlLoadCompleted(object sender, 
  System.Windows.Navigation.NavigationEventArgs e)
 if (string.Compare(e.Uri.AbsoluteUri, "", true) == 0)
  if (!e.Uri.Query.Contains("oauth_token"))
   // Check if there is DIV with id="oauth_pin"
   var doc = this._authWebBrowser.Document as mshtml.HTMLDocument;
   var oauthPinElement = doc.getElementById("oauth_pin") as mshtml.IHTMLElement;
   if (null != oauthPinElement)
    var div = oauthPinElement as mshtml.HTMLDivElement;
    if (null != div)
     var pinText = div.innerText;
     if (!string.IsNullOrEmpty(pinText))
      // We have validation
      OAuthPin = pinText.Trim();
      Authorized = true;
    // Uses has deined access.
    Authorized = false;
   this.DialogResult = true;

Sample Project

Attached sample is a VS2010 WPF application. I use TwitterSharp library to perform all twitter related operations. The binaries for that library are containied in BIN folder of the project.




15.9 °C / 60.5 °F

weather conditions Clouds

Monthly Posts

Blog Tags