Zend OAuth With Twitter: Making The Sign In With Twitter Button

Zend released version 1.10.0 last month, this version includes a class which I bet most of us have been waiting for: an easy to use and flexible OAuth library. In this part of the series we will configure the files we will need and make the sign in interface of a twitter app, in part two I will show you how validate and update a user’s status.

The first things you will need of course are your twitter api keys and install zend.

Our application will have the following five files:

  • oauthConfig.php – We will store our api keys in this file along with an array that Zend_OAuth requires
  • login.php – This is where we will render the &qout;sign in with Twitter" button
  • callback.php – Your users will be redirected to this page after they have signed in
  • updatestatus.php – This script will update your twitter status
  • logout.php – Will be used to clear sessions in your app and log the user out of twitter

Your Global Variables File:

Put the keys you obtained from twitter in your oauthConfig.php file. Note that although twitter asked you to specify a callback url it allows you to change this address in your script, this address will be yourdomain.com/callback.php

$consumerKey='xxxxxxxxxxxxxxxxxx';
$consumerSecret='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';

$config=array(
	'callbackUrl'=>'http://yourdomain.com/callback.php',
	'siteUrl' => 'http://twitter.com/oauth',
	'consumerKey'=>$consumerKey,
	'consumerSecret'=>$consumerSecret
);

We will include the configuration file in each and every one of the other files in the list.

Let’s Make The Sign In With Twitter Button:

You can download the button’s image from this page or make your own.

Sign in with twitter buttons

This image will be put inside an anchor tag to be linked to twitter’s authorization page.


http://twitter.com/oauth/authorize

But this page needs the parameter oauth_token, let’s see how we can get that using zend.

Since we will be working with sessions the first thing you need to do is start the session engine. You will also need to include Zend’s Zend_Oauth_Consumer class and your config file.

<?php
session_start();
// include the oauth consumer class
require_once 'Zend/Oauth/Consumer.php';
require_once 'oauthConfig.php';

Now we need to make an oauth object with your $config array.

<?php
session_start();
// include the oauth consumer class
require_once 'Zend/Oauth/Consumer.php';
require_once 'oauthConfig.php';
// creat oauth object
$oauth=new Zend_Oauth_Consumer($config);

The next step might be a little confusing to you, so I have decided to give you the full code for this file (login.php) and explain to you what it all means right below it.

session_start();
// include the oauth consumer class
require_once 'Zend/Oauth/Consumer.php';
require_once 'oauthConfig.php';

// creat oauth object
$oauth=new Zend_Oauth_Consumer($config);
// get request token
try{
$request_token = $oauth->getRequestToken();
}
catch(Exception $e)
{
echo 'Error: '.$e->getMessage();
exit (1);
}
// store request token in session
$_SESSION['request_token']=serialize($request_token);

// explode request token to extract oauth token
$exploded_request_token=explode('=',str_replace('&','=',$request_token));
// get oauth token from exploded request token
$oauth_token=$exploded_request_token[1];
// show sign in with twitter button
echo "<a href='http://twitter.com/oauth/authorize?oauth_token={$oauth_token}'><img src='sign-in-with-twitter-button.png' alt='Twitter button' /></a>";

We will need the request token in our callback script to get the twitter’s access token so we saved it in the session request_token. The access token will then allow us to call twitter’s API methods.

Explanation for the bold part in the previous snippet:

You see, Zend’s OAuth class has this method call redirect() which can be called on your $oauth object. This method will automatically redirect your users to the twitter authentication page, but I wanted to use the cool sign in button so I had to extract the string right after oauth_token= and right before &oauth_secret from the $request_token variable.

In other words, if you prefer to have your users redirected to twitter right away you can replace all that is bold with $oauth->redirect(), but if you want to use the button leave it like it is.

At this point if you run the script and click on the button you will be redirected to twitter, we’ll pick it up from here in the next post.

blog comments powered by Disqus