Skip to content

feat(twitter): add extended Twitter/X operations: posting, DMs, engagement#47

Closed
Charlsz wants to merge 6 commits into
wespreadjam:mainfrom
Charlsz:main
Closed

feat(twitter): add extended Twitter/X operations: posting, DMs, engagement#47
Charlsz wants to merge 6 commits into
wespreadjam:mainfrom
Charlsz:main

Conversation

@Charlsz

@Charlsz Charlsz commented Mar 2, 2026

Copy link
Copy Markdown
Contributor

#22

Adds 7 new Twitter/X operation nodes, an OAuth2 PKCE credential definition, Zod schemas for all inputs/outputs, and unit tests. Also adds OAuth 1.0a (HMAC-SHA1) signing so write operations (tweet, like, retweet, DM) work with consumer key + access token credentials.

I built a complete Twitter/X integration layer on top of the existing twitter-monitor node. The codebase now supports the full lifecycle of Twitter interactions — reading tweets, posting content, engaging with tweets (likes, retweets), sending direct messages, and looking up user profiles. All of this is backed by a shared twitter-client.ts that handles authentication, retries, and error handling in one place.

The biggest technical addition beyond the 7 nodes themselves is OAuth 1.0a support. Twitter's API v2 requires user-context authentication for any write operation (posting, liking, retweeting, DMs). The original codebase only had Bearer token auth, which is read-only. I implemented full HMAC-SHA1 signature generation following RFC 5849 directly in the client — no external OAuth libraries needed. When all four OAuth 1.0a credentials are present (consumer key, consumer secret, access token, access token secret), the client signs requests automatically. If they're missing, it falls back to Bearer token auth for read-only operations. This means existing read-only workflows won't break.

I also wired everything through the full stack: the core NodeCredentials type, the CLI playground (env-provider, credential prompts, run command), and the web playground (credential UI, node registry). A user can set their Twitter credentials via the .env file, the CLI jam credentials set twitter command, or the web UI — all three paths work.

Important notes

  • Twitter API credits: Twitter's API v2 uses a paid credit system. The Free tier allows ~1,500 tweet reads and ~50 tweet posts per month. If you see a 402 CreditsDepleted error, it's not a code issue — your developer account has used its monthly quota. Check your usage at https://developer.twitter.com/en/portal/dashboard.
  • OAuth 1.0a is required for writes: Bearer tokens (app-only auth) can only read data. To post tweets, like, retweet, or send DMs, you must provide all four OAuth 1.0a credentials: consumerKey, consumerSecret, accessToken, accessTokenSecret. These come from the "Keys and Tokens" tab in your Twitter Developer Portal app.
  • OAuth2 PKCE is defined but not the primary auth path: The credential definition includes the full OAuth2 PKCE flow config (authorization URL, token URL, scopes) as specified in the issue. However, the actual API requests use OAuth 1.0a signing because that's what Twitter's v2 endpoints require for user-context operations. The OAuth2 PKCE credential is there for future use when a host application implements the full browser-based authorization flow.
  • No external dependencies added: The OAuth 1.0a signature generation uses Node.js built-in crypto module (createHmac, randomBytes). No new packages were added to package.json.
  • Rate limits: Twitter has per-endpoint rate limits (e.g., 200 tweets/15min, 300 likes/15min). The client has built-in retry logic with exponential backoff (3 retries, 1s base), but it won't retry on 429 (rate limit) responses indefinitely. Callers should handle rate limiting at the workflow level if needed.
  • The test-twitter.ts file at the repo root is a manual smoke test for verifying live credentials. It's not part of the automated test suite and can be removed before merging if preferred.

New operations

Node What it does
twitterCreateTweet Post a tweet (with reply, media, quote tweet, poll support)
twitterDeleteTweet Delete a tweet by ID
twitterLikeTweet Like a tweet
twitterRetweet Retweet a tweet
twitterSearchTweets Search recent tweets by query
twitterSendDM Send a direct message
twitterGetUserByUsername Get a user profile by handle

Environment variables

# Required for write operations (post, like, retweet, DM)
TWITTER_CONSUMER_KEY=...
TWITTER_CONSUMER_SECRET=...
TWITTER_ACCESS_TOKEN=...
TWITTER_ACCESS_TOKEN_SECRET=...

# Optional
TWITTER_BEARER_TOKEN=...       # Read-only fallback
TWITTER_CLIENT_ID=...          # OAuth2 PKCE
TWITTER_CLIENT_SECRET=...      # OAuth2 PKCE

Charlsz and others added 6 commits February 27, 2026 21:59
@Charlsz
feat(discord): add Discord integration nodes and credentials
641a833 
- Introduced Discord Bot and Webhook credentials in NodeCredentials.
- Added new nodes for sending messages, sending webhooks, and creating threads in Discord.
- Implemented input and output schemas for Discord message and webhook nodes.
- Created utility functions for handling Discord API interactions with retries.
- Added tests for Discord nodes and credentials using Vitest.
- Updated package.json to include Vitest for testing.
@Charlsz
feat(discord): add README for Discord integration nodes and operations
cae974e
@Charlsz
Merge branch 'wespreadjam:main' into main
022a16d
@Charlsz
Merge branch 'wespreadjam:main' into main
dc580d9
@Charlsz
feat(twitter): enhance Twitter integration with OAuth 2.0 and extende…
6d7c49c 
…d API support

- Updated environment variable mappings for Twitter credentials to include access tokens, consumer keys, and secrets.
- Introduced new OAuth 2.0 credential definition for Twitter with PKCE support.
- Implemented Twitter client for handling OAuth 1.0a signature generation and API requests.
- Added nodes for creating, deleting, liking, and retweeting tweets, as well as sending direct messages and searching tweets.
- Created tests for the new Twitter integration features to ensure functionality and reliability.
- Added a smoke test script to verify Twitter credentials and basic API interactions.
@Charlsz
Merge branch 'feat/twitter-extended-operations'
b3ced31
@MAlshaik

MAlshaik commented Mar 3, 2026

Copy link
Copy Markdown
Contributor

Merged in commit bf33d7a. Thank you for the extended Twitter/X operations with OAuth 1.0a support! 🎉

@MAlshaik MAlshaik closed this Mar 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Charlsz @MAlshaik