With the exception of fetching the public timeline,
Zend_Service_Twitter requires authentication as a valid
user. This is achieved using the OAuth authentication protocol. OAuth is
the only supported authentication mode for Twitter as of August 2010. The OAuth
implementation used by Zend_Service_Twitter is
Zend_Oauth.
Example 839. Creating the Twitter Class
Zend_Service_Twitter must authorize itself, on behalf of a user, before use with the
Twitter API (except for public timeline). This must be accomplished using OAuth since
Twitter has disabled it's basic HTTP authentication as of August 2010.
There are two options to establishing authorization. The first is to implement the
workflow of Zend_Oauth via Zend_Service_Twitter
which proxies to an internal Zend_Oauth_Consumer object. Please refer to
the Zend_Oauth documentation for a full example of this
workflow - you can call all documented Zend_Oauth_Consumer methods
on Zend_Service_Twitter including constructor options. You may also
use Zend_Oauth directly and only pass the resulting access
token into Zend_Service_Twitter. This is the normal workflow
once you have established a reusable access token for a particular Twitter user. The resulting OAuth
access token should be stored to a database for future use (otherwise you will need to
authorize for every new instance of Zend_Service_Twitter). Bear in mind
that authorization via OAuth results in your user being redirected to Twitter to give their
consent to the requested authorization (this is not repeated for stored access tokens). This will
require additional work (i.e. redirecting users and hosting a callback URL) over the previous
HTTP authentication mechanism where a user just
needed to allow applications to store their username and password.
The following example demonstrates setting up Zend_Service_Twitter
which is given an already established OAuth access token. Please refer to the Zend_Oauth
documentation to understand the workflow involved. The access token is a serializable object, so you may
store the serialized object to a database, and unserialize it at retrieval time before passing the objects
into Zend_Service_Twitter. The Zend_Oauth documentation
demonstrates the workflow and objects involved.
<?php
/**
* We assume $serializedToken is the serialized token retrieved from a database
* or even $_SESSION (if following the simple Zend_Oauth documented example)
*/
$token = unserialize($serializedToken);
$twitter = new Zend_Service_Twitter(array(
'username' => 'johndoe',
'accessToken' => $token
));
// verify user's credentials with Twitter
$response = $twitter->account->verifyCredentials();
Note
In order to authenticate with Twitter, ALL applications MUST be registered with Twitter in order to receive a Consumer Key and Consumer Secret to be used when authenticating with OAuth. This can not be reused across multiple applications - you must register each new application separately. Twitter access tokens have no expiry date, so storing them to a database is advised (they can, of course, be refreshed simply be repeating the OAuth authorization process). This can only be done while interacting with the user associated with that access token.
The previous pre-OAuth version of Zend_Service_Twitter
allowed passing in a username as the first parameter rather than within an array.
This is no longer supported.