“Sign in with Twitter” using Zend Framework

By , Thursday 17th March 2011 1:07 am

Despite all the twitter hate at the moment, I’ve set out to create a new twitter-based application. Being someone who manages several accounts (both personal and for my charity work) I’ve been needing a tool for sometime that I’m just getting around to writing (more of that in the near future…).

I’ve read up on Zend_Oauth_Consumer and how it can be used to get authorisation for interacting with twitter using oauth. All well and good, I have my access key and I can merrily post away on a user’s behalf. There’s plenty of resources out there to do this so I won’t bore people.

The next step was to allow people to return to the website, log in and modify their account. This is where I reached a slight problem. Using the code examples on websites meant that I’d have twitter asking me for access authorisation again for each login, not good. Scanning through the framework I couldn’t see anything which would allow me to just request authentication. That isn’t to say its not there, but there didn’t seem to be an authentication mechanism that could be invoked without knowing the access token already.

The alternatives were to implement a site-based log in or somehow store the user’s access token on the client (encrypted of course). Neither of these seemed like a good/suitable solution.

Having a look at the requests made by my code I knew that all that was required was to change the URL to which Zend_Oauth_Consumer redirects. It seemed the easiest way to do this was to override the authorizationUrl parameter with the authentication URL from twitter. This was done as follows:

$config = array(
'callbackUrl'    => ...callback-url...,
'siteUrl'        => 'https://twitter.com/oauth',
'consumerKey'    => ...consumer-key...,
'consumerSecret' => ...secret-key...,
);
$consumer = new Zend_Oauth_Consumer($config);

$token = $consumer->getRequestToken();
// persist the token to storage
$_SESSION['TWITTER_REQUEST_TOKEN'] = serialize($token);
$consumer->setAuthorizeUrl('https://twitter.com/oauth/authenticate');
$consumer->redirect();

On return to the application from twitter we process the response as so:

$token = $consumer->getAccessToken(
$_GET,
unserialize($_SESSION['TWITTER_REQUEST_TOKEN'])
);

echo $token->user_id . ' :: ' . $token->screen_name;

How you validate/store the authentication is up to you, but this should successfully implement a ‘sign in with twitter’ system.

If anyone knows of a more correct/more elegant solution to this I would be very much interested in hearing. There seems to be a lack of information on ‘sign in with twitter’ using PHP/Zend Framework on the internet

Liked this post? Follow this blog to get more. 

One Response to ““Sign in with Twitter” using Zend Framework”

  1. […] been doing this with Twitter’s service and you can see a quick piece on that here – Sign in with Twitter using Zend Framework. I’m using my implementation where I set the “Authorize URL” as I don’t […]

Leave a Reply

You must be logged in to post a comment.

Panorama Theme by Themocracy

1 visitors online now
0 guests, 1 bots, 0 members
Max visitors today: 16 at 08:14 am UTC
This month: 17 at 19-09-2017 09:35 pm UTC
This year: 45 at 02-01-2017 10:28 pm UTC
All time: 130 at 28-03-2011 10:40 pm UTC