With the exception of fetching the public timeline,
Zend_Service_Twitter requires authentication as a valid
user. This is achieved using the OAuth authentication protocol. OAuth is
the only supported authentication mode for Twitter as of August 2010. The OAuth
implementation used by
Example 839. Creating the Twitter Class
Zend_Service_Twitter must authorize itself, on behalf of a user, before use with the
Twitter API (except for public timeline). This must be accomplished using OAuth since
Twitter has disabled it's basic HTTP authentication as of August 2010.
There are two options to establishing authorization. The first is to implement the
which proxies to an internal
Zend_Oauth_Consumer object. Please refer to
Zend_Oauth documentation for a full example of this
workflow - you can call all documented
Zend_Service_Twitter including constructor options. You may also
Zend_Oauth directly and only pass the resulting access
Zend_Service_Twitter. This is the normal workflow
once you have established a reusable access token for a particular Twitter user. The resulting OAuth
access token should be stored to a database for future use (otherwise you will need to
authorize for every new instance of
Zend_Service_Twitter). Bear in mind
that authorization via OAuth results in your user being redirected to Twitter to give their
consent to the requested authorization (this is not repeated for stored access tokens). This will
require additional work (i.e. redirecting users and hosting a callback URL) over the previous
HTTP authentication mechanism where a user just
needed to allow applications to store their username and password.
The following example demonstrates setting up
which is given an already established OAuth access token. Please refer to the
documentation to understand the workflow involved. The access token is a serializable object, so you may
store the serialized object to a database, and unserialize it at retrieval time before passing the objects
demonstrates the workflow and objects involved.
* We assume $serializedToken is the serialized token retrieved from a database
* or even $_SESSION (if following the simple Zend_Oauth documented example)
$token = unserialize($serializedToken);
$twitter = new Zend_Service_Twitter(array(
'username' => 'johndoe',
'accessToken' => $token
// verify user's credentials with Twitter
$response = $twitter->account->verifyCredentials();
In order to authenticate with Twitter, ALL applications MUST be registered with Twitter in order to receive a Consumer Key and Consumer Secret to be used when authenticating with OAuth. This can not be reused across multiple applications - you must register each new application separately. Twitter access tokens have no expiry date, so storing them to a database is advised (they can, of course, be refreshed simply be repeating the OAuth authorization process). This can only be done while interacting with the user associated with that access token.
The previous pre-OAuth version of
allowed passing in a username as the first parameter rather than within an array.
This is no longer supported.