ColdFusion and Twitter OAuth

Posted on 2010-09-09
Last Modified: 2012-05-10
I'm current writing a script that will get any new post from my forum and post it to our Twitter account. I had this script working before, but since Twitter moved to OAuth I need some help.

I'm using the following code

<cfset TwitterConsumerKey = "xxxxx">
<cfset TwitterConsumerSecret = "xxxx">
<cfset StoredAccessToken = "xxxxx">
<cfset StoredAccessSecret = "xxxx">

<cfset Twitter = createObject("java", "twitter4j.Twitter")>
<cfset Twitter.setOAuthConsumer(TwitterConsumerKey,TwitterConsumerSecret)>
<cfset Twitter.setOAuthAccessToken(StoredAccessToken,StoredAccessSecret)>
<cfset Twitter.updateStatus("My first custom Twitter update! Thanks @RobOBrien!")>

Open in new window

Now if I use this code it does work. I don't see the difference since the StoredAccessToken, and StoredAccessSecret  is always the same. But this code now the user need to Accept the application.

<cfset Twitter = createObject("java", "twitter4j.Twitter")>
<cfset Twitter.setOAuthConsumer(TwitterConsumerKey,TwitterConsumerSecret)>
<cfif structKeyExists(url,'oauth_token') IS FALSE>
<!--- // 2. Authorize --->
	<cfset RequestToken = Twitter.getOAuthRequestToken()>
	<cfset Session.oAuthRequestToken = RequestToken.getToken()>
	<cfset Session.oAuthRequestTokenSecret = RequestToken.getTokenSecret()>
	<cflocation url="#RequestToken.getAuthorizationURL()#" addtoken="No">	
	<!--- // 3. Authenticate // --->
	<cfset AccessToken = Twitter.getOAuthAccessToken(Session.oAuthRequestToken,Session.oAuthRequestTokenSecret)>
	<cfset session.StoredAccessToken = AccessToken.getToken()>
	<cfset session.StoredAccessSecret = AccessToken.getTokenSecret()>
    <cfset Twitter.setOAuthAccessToken(Session.StoredAccessToken,Session.StoredAccessSecret)>
	<cfset Twitter.updateStatus("My first custom Twitter update! Thanks @RobOBrien!")>
    <cfdump var="#session#">    

Open in new window

Question by:Medrise
  • 4
  • 3
LVL 59

Accepted Solution

Kevin Cross earned 500 total points
ID: 33652117
My initial response was going to be that AccessToken/RequestToken are objects of their own and not just strings, but the method you are using does appear to take string literals as parameters, though it is listed as deprecated.  Per Rob O'brien tutorial on the topic, the credentials have to be stored in session or the like for reuse so maybe the issue is not object versus string, but local versus session scoped variable.

Try setting session level string literals and see if that works the same.  


Author Comment

ID: 33663106
Kevin... you are correct.. they problem is with the session object... When I store the results in the session it works... but the problem is that my session will expire every 20 minutes... is it possible to store that permanently in the server?
LVL 59

Expert Comment

by:Kevin Cross
ID: 33663525
Try storing it at the Application level.
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.


Author Comment

ID: 33663731
How can I do that?

LVL 59

Expert Comment

by:Kevin Cross
ID: 33663817
These are variables you access as Application.VariableName similar to Session.VariableName.  I am a bit of an old school ColdFusion developer (I need to get up-to-date as I miss CFML), so I would put them in the Application.CFM file.

However, it would appear that you need to use Application.CFC for newer versions of ColdFusion.

Hope that helps!

Author Comment

ID: 33663839
Thanks... that helped... :D
LVL 59

Expert Comment

by:Kevin Cross
ID: 33663852
And this is probably a better reference for CF 9.x or higher:

It shows using the onApplicationStart function of Application.CFC.  You will see in the code example that they set (at the start of the application) the values of two application scoped variables.


You can reference those variables later on as #Application.availableResources# like you would your session variables.

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Hi, I will be creating today a basic tutorial on how we can create a Mail Custom Function and use it where ever we want. The main advantage about creating a custom function is that we can accommodate a range of arguments to pass to the Function and …
Sometimes databases have MILLIONS of records and we need a way to quickly query that table to return the results me need. Sure you could use CFQUERY but it takes too long when there are millions of records. That is why SOLR was invented. Please …
This video discusses moving either the default database or any database to a new volume.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now