const apiKey = '【Consumer Key(API key)】';
const secretKey = '【Consumer Secret (API key secret)】';
const callbackURL = '【登録したコールバックURL(スキーム)】';
const signatureMethod = "HMAC-SHA1";
const requestTokenURL = "https://api.twitter.com/oauth/request_token";
const loginURL = "https://api.twitter.com/oauth/authorize"
const accessTokenURL = "https://api.twitter.com/oauth/access_token";
const updateURL = "https://api.twitter.com/1.1/statuses/update.json";
const usersShowURL = "https://api.twitter.com/1.1/users/show.json";
function percentEncode(str) {
return encodeURIComponent(str).replace(/[!'()*]/g, char => '%' + char.charCodeAt().toString(16));
const array = new Uint8Array(32);
window.crypto.getRandomValues(array);
return Array.from(array).map(uint => uint.toString(16).padStart(2, '0')).join('');
function oauthSend(url, method, accessTokenSecret, data, oauth_params, cb) {
const timestamp = (Math.floor(Date.now() / 1000)).toString(10);
const parameters = Object.assign(
oauth_signature_method: signatureMethod,
oauth_timestamp: timestamp,
const signature = oauthSignature.generate(method.toUpperCase(),
const authorizationHeader = "OAuth " + Object.keys(parameters).map((key) => {
return percentEncode(key) + '="' + percentEncode(parameters[key]) + '", '
}).join('') + 'oauth_signature=\"' + signature + '\"';
const urlWithParams = method.toUpperCase() === "GET" ?
url + "?" + Object.keys(data).map(function(k) {
return encodeURIComponent(k) + '=' + encodeURIComponent(data[k])
cordova.plugin.http.sendRequest(urlWithParams, {
headers: {'Authorization': authorizationHeader},
oauthSend(requestTokenURL, 'post', "", {}, {
oauth_callback: callbackURL,
oauth_consumer_key: apiKey,
openLoginDialog(res.data);
function openLoginDialog(res) {
const oauth = res.split('&')[0];
const url = loginURL + "?" + oauth;
const ref = cordova.InAppBrowser.open(url, "_blank", 'location=yes,beforeload=get');
ref.addEventListener('beforeload', beforeLoad(ref));
function beforeLoad(ref) {
return function (event, cb) {
if (event.url && event.url.startsWith(callbackURL) ) {
const url = new URL(event.url);
const params = Array.from(url.searchParams.entries()).reduce(
function getAccessToken(params) {
oauthSend(accessTokenURL, 'post', "", {}, {
oauth_verifier: params.oauth_verifier,
oauth_token: params.oauth_token,
oauth_consumer_key: apiKey,
const params = Array.from(new URLSearchParams(res.data).entries()).reduce(
document.getElementById('tw-id').innerHTML = params.user_id;
document.getElementById('tw-name').innerHTML = params.screen_name;
model.oauth_token = params.oauth_token;
model.oauth_token_secret = params.oauth_token_secret;
model.user_id = params.user_id;
const text = document.querySelector("#tweetText").value;
oauthSend(updateURL, 'post', model.oauth_token_secret, { "status": text }, {
oauth_token: model.oauth_token,
oauth_consumer_key: apiKey
oauthSend(usersShowURL, 'get', model.oauth_token_secret, { "user_id": model.user_id }, {
oauth_token: model.oauth_token,
oauth_consumer_key: apiKey
const profile = JSON.parse(res.data);
document.querySelector("#tw-profile").innerHTML =
"name: " + profile["name"] + "<br>" +
"screen_name: " + profile["screen_name"] + "<br>" +
"location: " + profile["location"] + "<br>" +
"description: " + profile["description"] + "<br>";
document.querySelector("#tw-profile-image").src = profile["profile_image_url_https"].replace("_normal", "");