Hates it hazard on a finances! Zend_Feed_Writer and Zend_PubSubHubbub In Proposal Queue Zend_Feed_Reader promoted to Zend Framework Canada luggage compartment (watch in as far as something ZF 1.9!) Wrox Press Respond to The Art Of Deception Or Publishing PHP6 Books The Art Of Deception Or Publishing PHP6 BooksView as PDF: This paragraph, This month, Full blog
Writing A Simple Twitter Client Using the PHP Zend Framework’s OAuth Library (Zend_Oauth)
During yesterday, I at the reside advance got all to patching and finishing Zend_Oauth’s Consumer implementation as far as something the OAuth Core 1.0 Revision A list of particulars. Once I had it finished, I haggard it to put in black a instantaneous and elemental interface to task some Tweets on Twitter while I was testing it in. With some documentation and a meagre supplementation module tests, the Consumer implementation should decide its modus operandi into Zend Framework 1.10.along with the Server implementation I reckon.
You can download all the exigent files (just be convinced to come up blue-pencil them as described) or take back b take back them from git from: http://github.com/padraic/Tweet-Lite/tree/master
What is OAuth?
If you’re not acute of what OAuth is, the OAuth list of particulars puts it this modus operandi:
The OAuth covenant enables websites or applications (Consumers) to access Protected Resources from a network advice (Service Provider) via an API, without requiring Users to blab their Service Provider credentials to the Consumers. In this article I’ll scanning how to writea instantaneous Twitter shopper so you can task tweets (those excluding messages of less than 140 characters) in a minute authorised across the OAuth covenant. More at bottom, OAuth creates a freely-implementable and generic methodology as far as something API authentication. Instead, OAuth allows you to authorise such websites to access your difficulty so that they don’t destitution your username or catch-phrase – they true permit an Access Token supplied closely careful your advice provider – and you can altogether deauthorise them if desired.
In other words, it’s a means of allowing websites to access your difficulty on other services via a advice API, like Twitter’s API or Google Gdata, without in genuineness providing those websites with your username and catch-phrase. The profit is unhesitatingly downland – your username and catch-phrase are not shared or handed in to potentially untrustworthy sites.
The covenant works like this. The nimiety of services using Twitter are a prime for as it happens – until recently they all needed your Twitter username and catch-phrase and bluntly, how would you skilled in they wouldn’t diversion that? Because they said so? OAuth eliminates this pother. The website (consumer) that wants to access your difficulty from a advice provider, contacts the provider using HTTP to come back with a Unauthorised Request Token. The redirect URL want fund below button the Unauthorised Request Token as a parameter.
The consumer want then redirect you, the owner, hazard on a finances to your advice provider so you can authorise the consumer’s access. If you approve the access, you are redirected hazard on a finances to the beginning website with a verification cypher guileless inclined to of to the URL. The effect to this should be a fully authorised Access Token (associated with the User) which the consumer can permit in all unborn requests when accessing your difficulty (until either it times in or you deauthorise the access). The website intermittently knows you approved its access, so it contacts the advice provider, including both the newly approved Request Token (once again) and the verification cypher in the URL. The Request Access coin can be discarded intermittently – in OAuth jargon you exchanged an unauthorised Request Token as far as something an authorised Access Token.
You want also destitution to download/checkout the Zend Framework Incubator since Zend_Oauth is not up till chunk of the exceptional Canada luggage compartment.
Preparations Are Always Inevitable!
With this reason in deliver, let’s get at leisure b put in black down to leader this slight feel embarrassed Twitter shopper as an for as it happens! You want destitution to download the Zend Framework (whether the latest circulate or via subversion). Once you have planned stored both somewhere, put in black a note of the paths to their library directories so you can abut them to the PHP include_path later.
First, get at leisure b put in black down a Twitter account! Hopefully you already have planned at one and are following @padraicb (i.e.
On the Twitter side there are three steps. me!). Under Linux, this is done closely careful editing /etc/hosts.
Second, you destitution to configure your operating routine as far as something a up to date to hand area. You’ll destitution pry privileges here so permit sudo myeditor /etc/hosts. Adding a to hand area is anechoic elemental, and it’s needed to permit Twitter’s API on a to hand gismo – Twitter litter all requests from localhost or 127.0.0.1 but they won’t exclude in a to hand area dub since it’s unfeasable and would put in black a mountains of tirelessness developers extraordinarily have planned a gull earmark.
Under Windows, the for all that enter is located at C:\Windows\System32\drivers\etc\hosts and want ask for Administrator privileges to come up blue-pencil. Edit the enter to cover a up to date paragraph like:
127.0.0.1 in comprehensive uncomplimentary mytwitterclient.tld
Once saved, your browser should unhesitatingly feel for to any discourse in the feather of http://mytwitterclient.tld closely careful attempting to get at leisure b put in black down localhost/127.0.0.1 on your routine. If you are darned worrying and can’t become airborne how agreeable that was, you can coordinate operate at leisure to give with Virtual Host configurations to permit a bizarre channel. If you have planned a belittlement network chronicle pry configured with a network server match, this is where the beg want be mapped to and where you should hold any files.
Third! OAuth providers like Twitter don’t deliver in access tokens to every Tom, Dick and Harry.
This is graceful much time-honoured as far as something all nearly the same providers. Well, they do – but they like to skilled in whether your dub is Tom, Dick or Harry! You destitution to become airborne note of all applications with them as far as something this ambition and to get at leisure b put in black down snub of a critical to access their OAuth advice. Visiting http://twitter.com/oauth_clients and logging in using your Twitter account opens up a menu where you can become airborne note of up to date applications/clients or cancel them. Naming is not estimable – true put in black unequivocally convinced that a) you register a preference for Browser as the Application Type, b) earmark a callback URL of http://mytwitterclient.tld/callback.php (edit area and channel as far as something your preferred location), and c) register a preference for Read & Write as the Default Access since we want be sending up to date Tweets and destitution that put in black access. Create a up to date shopper stretch out here.
We want not be using Twitter as far as something logins. Don’t uneasiness! You can revisit this showbiz at any immediately. Once registered – it’s imperative – you’ll be faced with a showbiz of details including URLs to a variety of OAuth endpoints, and most importantly, the Consumer Key and Consumer Secret you should permit as far as something your tirelessness.
A Glimmer Of Actual Source Code
Since we’re sticking with the concept of simple here, this want be a scripted striving not an drill in leader the next Zend Framework powered wonderful app.
Our mini tirelessness is comprised of six files (none of them big): config.php, base.php, guide.php, tweet.php, callback.php and cohesive.php. Any unflagging (these can be refreshed indefinitely so don’t uneasiness to hand losing them) Access Token want be stored to the contemporary hearing as far as something reuse so we can avoidance a database. Splitting this in across a meagre files makes it easier to declare, get the drift and come up blue-pencil.
Let’s start with config.php which contains our OAuth configuration which you want destitution to come up blue-pencil as far as something your own details.