Saturday Hackathon: Integrating Twitter, oAuth, Twilio, And ColdFusion

In the last couple of months, I've taken to running my own, solo hackathons - a solid day of coding with almost no interruptions. So far, I have found this process to be tremendously awesome. This latest "hackathon," however, took this concept and pushed it a little bit further than expected: I couldn't get it done in one day, so I ended up distributing the code over about 3 days of effort (about 20 hours in total). The final project - Twitio - was a learning project that integrated Twitter, oAuth, Twilio, and ColdFusion.

To try this out for yourself, visit http://twitio.tw.

To download the code for the demo site, click here.

The concept behind Twitio is simple: you log into the website using your Twitter account (via oAuth authentication). Once logged-in, you activate your phone number. Then, you can call the Twitio phone number, leave a voice message, and Twitio will automatically post a status update to your Twitter account (on your behalf) with a link back to the voice message. In essence, Twitio allows you to leave "audio tweets" in your timeline.

Typically, in a learning project like this, I start out with the design - I'm a firm believer that a project needs to look good inside and outside in order to be the most effective learning tool. However, because I knew that oAuth would be such a bear to wrap my head around, I decided to start immediately with the ColdFusion code, trying to get the oAuth "dance" (as it is often referred to euphemistically) to work.

I know there are a number of ColdFusion and Java Twitter libraries that abstract oAuth interaction; however, when I'm learning about something, I tend to like to build things from scratch in order to figure out how they actually operate. All in all, getting oAuth to work took about 12 hours - more than 50% of the overall project effort. In the end, though, I was able to distill oAuth down to just two ColdFusion components - OAuthService.cfc and OAuthRequest.cfc. These components deal very narrowly with oAuth and know nothing about Twitter itself.

Luckily, I've used HMAC-SHA1 hashing with Twilio and HMAC-SHA256 hashing with Pusher App in the past; so, the hashing required in the oAuth requests was not entirely new. I do have to say, however, that I definitely reviewed Matt Gifford's incredibly robust Twitter library - MonkehTweets - whenever I hit a wall. His library helped me get over some hurdles regarding Base64 and request-parameter encoding. Matt, you rock!

Because I like to distribute the code that I write during my hackathons, I like to make the applications that I create as portable as possible. In order to do that in this case, I needed to create database-like functionality without an actual database. Luckily, ColdFusion provides in-memory SQL functionality that rocks the party that rocks the body. The database tables that I use are actually in-memory ColdFusion query objects. Of course, these contain sensitive information (oAuth access tokens and phone numbers); as such, when I serialize these queries as WDDX packets, the data gets encrypted using a context-sensitive encryption key. In this approach, not even the encryption key is hard-coded in the application.

While ColdFusion provides amazing in-memory SQL functionality through its query-of-queries, I do find myself getting very frustrated with the "guessing" that ColdFusion makes about the query column data types. Even when I explicitly type my query objects (using QueryNew() and cf_sql_XYZ types), I find that string values (such as phone numbers) are often viewed as numeric values. I would absolutely love to see future releases of ColdFusion be more strict about the implicit (and often times unwanted) runtime type-casting of column data values.

The Twilio aspect of the application was the easiest to implement. Between the online Twilio debugger and my own local input/output logging, there's really no mystery as to how the Twilio client is interacting with the ColdFusion application. Twilio continues to be a joy to work with. I am constantly blown away by how much mobile-integration functionality can be provided with such a minimal amount of effort. Of course, that's the same reason I love ColdFusion.

As part of the demo application, I am having Twilio transcribe the phone calls in order to provide an in-page textual preview of the voice tweet. Ultimately, however, when I take this beyond a demo app, I'll get rid of this functionality. Not only does transcription limit the phone call to 2 minutes, it also costs more money and is not all that accurate.

Once again, I have found my solo hackathons to be incredibly productive. This one took way longer that I had wanted; but, when you sit down and plan to code without interruption, it awesome how much you can actually get done. This approach has also completely removed any fear that I have about tackling projects that might end up being total failures. As long as I know I'll have enough time to learn, I almost don't care what ends up happening. In Any case, I hope this code might help some people get more comfortable with oAuth, Twitter, and Twilio integration.

You Might Also Be Interested In: