PhpRiot
Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...


When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store

Authentication

With the exception of fetching the public timeline, Zend_Service_Twitter requires authentication as a valid user. This is achieved using the OAuth authentication protocol. OAuth is the only supported authentication mode for Twitter as of August 2010. The OAuth implementation used by Zend_Service_Twitter is Zend_Oauth.

Example 862. Creating the Twitter Class

Zend_Service_Twitter must authorize itself, on behalf of a user, before use with the Twitter API (except for public timeline). This must be accomplished using OAuth since Twitter has disabled it's basic HTTP authentication as of August 2010.

There are two options to establishing authorization. The first is to implement the workflow of Zend_Oauth via Zend_Service_Twitter which proxies to an internal Zend_Oauth_Consumer object. Please refer to the Zend_Oauth documentation for a full example of this workflow - you can call all documented Zend_Oauth_Consumer methods on Zend_Service_Twitter including constructor options. You may also use Zend_Oauth directly and only pass the resulting access token into Zend_Service_Twitter. This is the normal workflow once you have established a reusable access token for a particular Twitter user. The resulting OAuth access token should be stored to a database for future use (otherwise you will need to authorize for every new instance of Zend_Service_Twitter). Bear in mind that authorization via OAuth results in your user being redirected to Twitter to give their consent to the requested authorization (this is not repeated for stored access tokens). This will require additional work (i.e. redirecting users and hosting a callback URL) over the previous HTTP authentication mechanism where a user just needed to allow applications to store their username and password.

The following example demonstrates setting up Zend_Service_Twitter which is given an already established OAuth access token. Please refer to the Zend_Oauth documentation to understand the workflow involved. The access token is a serializable object, so you may store the serialized object to a database, and unserialize it at retrieval time before passing the objects into Zend_Service_Twitter. The Zend_Oauth documentation demonstrates the workflow and objects involved.

<?php
/**
 * We assume $serializedToken is the serialized token retrieved from a database
 * or even $_SESSION (if following the simple Zend_Oauth documented example)
 */
$token unserialize($serializedToken);

$twitter = new Zend_Service_Twitter(array(
    
'accessToken' => $token
    
'oauth_options' => array(
        
'username' => 'johndoe',
    ),
));

// verify user's credentials with Twitter
$response $twitter->account->verifyCredentials();

Note

In order to authenticate with Twitter, ALL applications MUST be registered with Twitter in order to receive a Consumer Key and Consumer Secret to be used when authenticating with OAuth. This can not be reused across multiple applications - you must register each new application separately. Twitter access tokens have no expiry date, so storing them to a database is advised (they can, of course, be refreshed simply be repeating the OAuth authorization process). This can only be done while interacting with the user associated with that access token.

The previous pre-OAuth version of Zend_Service_Twitter allowed passing in a username as the first parameter rather than within an array. This is no longer supported.

If you have registered an application with Twitter, you can also use the access token and access token secret they provide you in order to setup the OAuth consumer. This can be done as follows:

<?php
$twitter 
= new Zend_Service_Twitter(array(
    
'access_token' => array( // or use "accessToken" as the key; both work
        
'token' => 'your-access-token',
        
'secret' => 'your-access-token-secret',
    ),
    
'oauth_options' => array( // or use "oauthOptions" as the key; both work
        
'consumerKey' => 'your-consumer-key',
        
'consumerSecret' => 'your-consumer-secret',
    ),
));

If desired, you can also specify a specific HTTP client instance to use, or provide configuration for the HTTP client. To provide the HTTP client, use the http_client or httpClient key, and provide an instance. To provide HTTP client configuration for setting up an instance, use the key http_client_options or httpClientOptions. As a full example:

<?php
$twitter 
= new Zend_Service_Twitter(array(
    
'access_token' => array( // or use "accessToken" as the key; both work
        
'token' => 'your-access-token',
        
'secret' => 'your-access-token-secret',
    ),
    
'oauth_options' => array( // or use "oauthOptions" as the key; both work
        
'consumerKey' => 'your-consumer-key',
        
'consumerSecret' => 'your-consumer-secret',
    ),
    
'http_client_options' => array(
        
'adapter' => 'Zend_Http_Client_Adapter_Curl',
    ),
));

Zend Framework