PHP Classes

Twitter sign-in implementing

Recommend this page to a friend!

      PHP OAuth Library  >  All threads  >  Twitter sign-in implementing  >  (Un) Subscribe thread alerts  
Subject:Twitter sign-in implementing
Summary:Step 2: Redirecting the user
Messages:7
Author:Kasper
Date:2015-07-21 13:02:34
 

  1. Twitter sign-in implementing   Reply   Report abuse  
Picture of Kasper Kasper - 2015-07-21 13:02:34
I have just implemented PHP OAuth API class and used login_with_twitter.php and it works great.

I'm implementing the Twitter sign-in process (see it here: https://dev.twitter.com/web/sign-in/implementing).

Therefore my question, how would you implement the Twitter sign-in process: Step 2: Redirecting the user, when we have obtained the request token?

Step 1: Obtaining a request token

// This works:
$client->CallAPI('https://api.twitter.com/oauth/request_token', 'POST', array(), array('FailOnAccessError'=>true), $user);

Now the $user["oauth_token"] is available and we could make a link for Step 2. The question, how to make the re-direct and capture the response?

Re-direct to:
api.twitter.com/oauth/authenticate? ... echo $user["oauth_token"]?

Thank you.

Brgds.,
Kasper

  2. Re: Twitter sign-in implementing   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2015-07-21 15:56:57 - In reply to message 1 from Kasper
No, the class obtains the token and makes the redirection for you.

The CallAPI should only be used for calling actual API functions to access the Twitter API, not for the OAuth process.

The authorization process should follow these steps described in this article:

phpclasses.org/blog/package/7700/po ...

  3. Re: Twitter sign-in implementing   Reply   Report abuse  
Picture of Kasper Kasper - 2015-07-21 18:21:31 - In reply to message 1 from Kasper
Thank you for a quick reply ;-)

I think you misunderstand my question.

When the user wants to sign in using twitter on my site, I need to complete the following steps: https://dev.twitter.com/web/sign-in/implementing
to get a valid working access token for the user.

This token, I can then use, to call the API using your class.

But first, I need to implement https://dev.twitter.com/web/sign-in/implementing

How would you do that?

Brgds.,
Kasper

  4. Re: Twitter sign-in implementing   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2015-07-21 19:14:38 - In reply to message 3 from Kasper
That is precisely what the login_with_twitter.php example script implements.

If you look at the CallAPI function call there, when PHP is going to execute that function, the class already redirected the user to login with his twitter account, got the returned information from Twitter and stored the access_token and access_token_secret in class variables and also session variables (by default).

From then on you can call the Twitter API to obtain details of the user account or perform other actions.

  5. Re: Twitter sign-in implementing   Reply   Report abuse  
Picture of Kasper Kasper - 2015-07-21 19:39:11 - In reply to message 4 from Manuel Lemos
Thx. again Manuel for a quick response.

That sounds great but I cannot see where does the script ask me to login using twitter?

First I need to create an request_token, then I need to use the oauth_verfier returned from the request_token call to get real access_token. Where is this done?

I have done the following to get access_token that works.

/* This is twitter redireict from Step 2: Redirecting the user */
if( isset($_REQUEST["oauth_token"]) && isset($_REQUEST["oauth_verifier"])) {
if( strlen($_REQUEST["oauth_token"]) > 0 && strlen($_REQUEST["oauth_verifier"]) > 0) {
$oauth_token = $_REQUEST["oauth_token"];
$oauth_verifier = $_REQUEST["oauth_verifier"];
}
}


if(!isset($oauth_token) && !isset($oauth_verifier)) {
/* Step 1 */
$success = $client->CallAPI(
'https://api.twitter.com/oauth/request_token',
'POST', array(), array('FailOnAccessError'=>true), $user);

} else {
/* Step 3 */
$client->access_token = $oauth_token;
$success = $client->CallAPI(
'https://api.twitter.com/oauth/access_token',
'POST', array('oauth_verifier' => $oauth_verifier), array('FailOnAccessError'=>true), $user);
}


  6. Re: Twitter sign-in implementing   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2015-07-21 20:36:56 - In reply to message 5 from Kasper
The script just calls the class script oauth_client.php . The class redirects the browser to Twitter. If the user has not authorized your application, the user will be prompted to login and authorize.

If the user has previously authorized your application, the user may not even see Twitter asking to authorize again.

When the browser is redirected back to your site, the class will look at the parameters returned by Twitter to complete the process. This is done inside the class, so your script is as simple as possible.

  7. Re: Twitter sign-in implementing   Reply   Report abuse  
Picture of Kasper Kasper - 2015-07-22 07:07:15 - In reply to message 6 from Manuel Lemos
Hi Manuel,

Thank you for great feedback.

Now I understand, and Yes it works perfectly the way you have described.

I think the reason for my initial confusion was due to the fact that I was logged in with the twitter account from where I also created the app (probably pre-approved, hence no reason to sign in etc.). When logged in with different twitter account it all works as I expect.

Thank you!

Brgds.,
Kasper