Twitter Oauth Php Tutorial

Foreword

Trying lớn get a dial tone with Twitter’s new OAuth can be a frustrating và daunting task. Especially when it comes khổng lồ the utter lack of proper documentation with regards khổng lồ just connecting to lớn Twitter using OAuth. This tutorial will walk you through the steps required to be able to make calls using Twitter’s OAuth in PHP.

Bạn đang xem: Twitter oauth php tutorial

Getting Started

OK, first things first. You’ll need to have your website application registered with Twitter, as well as the associated username and password of the account. If you haven’t registered your application with Twitter yet, here’s what you’ll need khổng lồ do:

First visit http://dev.twitter.com/

Click on the “Register an app” link.

Then fill out all the appropriate information requested. Make sure that you’ve selected “Browser” as your “Application Type”.

You will also need lớn register a callback URL. This is the URL where people will be redirected khổng lồ after they have authorized your website/application for use with their Twitter account. This is also where you will receive validation information directly from Twitter which will be required to lớn make calls on behalf of the Twitter user.

Once you have filled out the form and registered your application, you’ll be presented with the details of your registration including your “Consumer Key” & “Consumer Secret”. You’ll be using those shortly so keep a browser instance xuất hiện or copy them down.

*
Twitter Application Registration

Now that the prerequisites are done, it’s time to lớn being the battle with OAuth.

Beginning OAuth

First let’s understand what needs lớn happen lớn get OAuth working.

The gist is simple enough, we need to create a header with authorization data in it. Post it to Twitter, get a token back from twitter letting us know we’re registered và everything is groovy. Next we’ll retrieve the authorization URL khổng lồ allow users khổng lồ authorize our application with their account và finally, vị something…Uh Twittery, Twitter-esc…I don’t know, don’t ask.

Xem thêm: What Is Php? The End Is Near For Zend Server Basic Php

Now, the most important thing lớn remember here is Twitter is super picky about how everything is encoded…super picky. So if you make one mistake, you’ll get a forbidden & get rejected with very little help response message wise from Twitter.

So let’s start by getting the request token from Twitter, which will let us know we’re on the right track.

Getting The Request Token

To get the request token from Twitter we need to POST a gọi to:

https://api.twitter.com/oauth/request_token

But first we need lớn sign and encode an authorization header, & yes..it is a pain. Lucky for you I’ve already been through this so you don’t have to khuyễn mãi giảm giá with figuring it all out. Here we go.

The authorization header required for the request token requires the following fields:

oauth_callback – the url to lớn be redirected lớn after authorizationoauth_consumer_key – this is the consumer key you get after registering your application with Twitteroauth_nonce – this is a unique value that you generate to lớn reduce the chance of someone hijacking your sessionoauth_signature_method – this is the method used khổng lồ sign the base string, we’ll get to lớn this in a bit, but for now the default value is “HMAC-SHA1”oauth_timestamp – this is the current timestamp.oauth_version – this is going to be “1.0”

An easy way to khuyến mãi with the authorization header và it’s nuances is khổng lồ load all the oauth header values into an associative array và pass them khổng lồ functions that will sign, encode, etc.

$nonce = time();$timestamp = time();$oauth = array("oauth_callback" => "http://yourdomain.com/callback_page", "oauth_consumer_key" => "yourconsumerkey", "oauth_nonce" => $nonce, "oauth_signature_method" => "HMAC-SHA1", "oauth_timestamp" => $timestamp, "oauth_version" => "1.0");Just khổng lồ clarify what I’ve done so far. The $nonce variable can be pretty much whatever you want, I thought for the purpose of this tutorial however time() would be the easiest to understand. The $timestamp, well that should be pretty obvious. The $oauth is our associative array containing all the fields và values required to get us started.

Now that we have our oauth array, we need khổng lồ create our base string. The base string is basically a signature of the action we want khổng lồ perform which later we will sign using HMAC-SHA1 & our composite key. The result of which will be our oauth_signature. I know it sounds a bit confusing, but don’t worry. I’ll walk you through the entire process step by step.

So let’s build the base string. The base string has the format of:

METHOD&BASEURI&OAUTH_PARAMS_SORTED_AND_ENCODED

For example, here’s a fully encoded base string:

POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id%253D11%26oauth_consumer_key%3DGDdmIQH6jhtmLUypg82g%26oauth_nonce%3DQP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1272323042%26oauth_version%3D1.0

Yeah, it’s ugly. And here’s how you create it. As I said before Twitter is very picky about encoding, etc. So khổng lồ ensure everything is encoded the same way each & every time, let’s use a function that will vì chưng it for use using our $oauth array.