Serverless implementation of Twitter's OAuth to Alexa's Account Link flow. Inspired by Big Nerd Ranch's Ruby/Sinatra example, which served as a great reference.

• AWS
  • Lambda
    • request_token.js - Gets request tokens and redirects to Twitter authorize app page.
    • callback.js - Gets access tokens and redirects to Alexa skill link page.
  • API Gateway
    • provides HTTPS endpoints for the Lambdas
  • DynamoDB
    • Session store

• Node 6.10 and npm
• Serverless Framework
  • npm i -g serverless
• Twitter App
  • Create app to get consumer key and consumer secret key.
• Alexa Console
  • Set Account Linking to 'Yes'
  • Set Authorization Grant Type to 'Implicit Grant'
  • Note the Redirect URLs. You'll need it for configuring the build.

Run npm install after navigating to the directory with the files.

A template configuration file has been provided. Make a copy called env.yml, which is registered under in the .gitignore to prevent accidental checkins.

cp env.yml.template env.yml

The Twitter Key and Secret can be found under the Keys and Access Tokens tab:

Edit the env.yml file with your Twitter Key and Secret. The Redirect URL is found in your Alexa Skill's Configuration section under Account Linking. Once these settings are configured, deploy using the serverless library.

default_env: &default_env
  TWITTER_KEY: 'ShoUlDbeS0m3thIngL1keTh15'
  TWITTER_SECRET: 'AnDth3N50m3th1nGlik3Thi5555555555555555'
  REDIRECT_URL: 'https://pitangui.amazon.com/spa/skill/account-linking-status.html?vendorId=ALEXASKILLCONFIG'
dev:
  <<: *default_env
prod:
  <<: *default_env

To deploy, run:

sls deploy

Output will look something like:

$ sls deploy
Serverless: Packaging service...
Serverless: Excluding development dependencies...
Serverless: Uploading CloudFormation file to S3...
Serverless: Uploading artifacts...
Serverless: Uploading service .zip file to S3 (5.58 MB)...
Serverless: Validating template...
Serverless: Updating Stack...
Serverless: Checking Stack update progress...
....................
Serverless: Stack update finished...
Service Information
service: twitter-oauth
stage: dev
region: us-east-1
stack: twitter-oauth-dev
api keys:
  None
endpoints:
  GET - https://somegibberish.execute-api.us-east-1.amazonaws.com/dev/request_token
  GET - https://somegibberish.execute-api.us-east-1.amazonaws.com/dev/callback
functions:
  request_token: twitter-oauth-dev-request_token
  callback: twitter-oauth-dev-callback

Note the endpoints. You will use the request_token endpoint in the Authorization URL field of your Alexa Skill's Account Linking configuration, and the callback endpoint in the Callback URL field of your Twitter App settings.

By default, serverless framework uses the dev stage. You can choose a different stage and other options. See documentation for details.

Here's some sample excerpt code from an Alexa skill to verify it's working:

const Twit = require('twit');

const launchRequentHandler = function() {
  const {session, request} = this.event;
  if(session.user.accessToken) {
    const [accessToken, accessSecretToken] = session.user.accessToken.split(',');
    const client = new Twit({
      consumer_key: process.env.CONSUMER_KEY,
      consumer_secret: process.env.CONSUMER_SECRET,
      access_token: accessToken,
      access_token_secret: accessSecretToken
    });

    //... your awesome twitter code here...

    this.emit(':tell', 'Test done');
  } else {
    this.emit(':tellWithLinkAccountCard', 'Please link your Twitter account to use this skill.');
  }
};

export const Handlers = {
  LaunchRequest: launchRequentHandler
};