My University is off for about a month and I am thinking of passing this huge time in some sort of productive work. I love coding and experimenting. Twitter and PHP being my favourites, I decided to check out the Twitter API and cook something up with PHP. I have already used the Basic Authentication API calls in the past (to develop the twitter mobile publisher at https://masnun.com/twitter/ which is my major tool to tweet while I am on the go). This time I decided to try the OAuth API mainly for two reasons — 1) I need to explore the OAuth system and 2) I have a project coming on based on the twitter OAuth API.
So, I started studying the Twitter OAuth API and learnt it pretty well. Then I thought what kind of application I could build with this very newly gathered knowledge ? Why not make some fun ? Yeah, I just can’t help making fun every now and then.
Finally, here it is — https://masnun.com/twitter-app/ 🙂
It’s a little devil app that automatically takes you to the authorization URL and asks for OAuth based authentication. If you allow it, it will automatically make a tweet using your account. The tweet will be nothing bad though, just a link back to the app 😉
To develop this app, I have used the official Twitter OAuth library for PHP written by Abraham. Download it: http://github.com/abraham/twitteroauth .
Points to Ponder:
- An application can do almost anything to your twitter account once you approve it.
- Twitter says, the access token they provide doesn’t expire. That means once you approve an application, it can use your account forever if they are clever enough to store your access token details.
- While approving an application, you never know what kind of permission the application has — read only or read-write both. I think this option should be left upon the users. The users should be able to choose whether he wants to provide write access or not.
I have seen some web sites exploit Twitter accounts. TweeterFollow is a decent example of such nasty practices. Once you provide your credentials, they’ll regularly tweet their links from your account. So think twice before you approve an application though OAuth is safer than providing password since you can choose to withdraw your permission to an application.
I will write detailed about OAuth and provide the source code in another post. Just now, I am feeling extremely sleepy. Woke up to have my Sehri and didn’t return to bed. It’s time I had a nap… 😉
One reply on “Twitter OAuth Fun :D”
Nice… I am looking for twitbot that can do automation over my accounts, like autofollow who follow me and other great work 🙂 I hope i can find the resource here.. Thanks for all your great posting.. Sorry for my bad english