Categories
PHP

Fun with Twitter OAuth: The Source Code

In my previous post, I mentioned about the twitter OAuth app hosted at: https://masnun.com/twitter-app/ . Here it comes, the source code.

I am not going to include the Twitter OAuth Library source. You have to download it from Github. The link is available in my previous post.

consumer.php

index.php

return.php

Notes On OAuth:
First we, construct the twitter object with the consumer details.
Then we ask for a request token. We build the authorization url with this token.
We send the user to the auth URL.
When the user returns, again construct a twitter object with consumer details and the request token we retrieved previously.
Now that the user is authorized, we ask for access tokens.
We have the access tokens now, so build a new twitter object that has full access to the API.

Now, we can make API calls.

The steps may seem a bit odd at first look. Just go through a couple of times and you’ll get it clearly.

Enjoy OAuthentication, Enjoy Twitter enginnering !!

Categories
PHP

Facebook Integration to Mobile Web App

I feel so happy today — at this very moment ! I have been finally able to integrate Facebook into my mobile site — http://jotil21.net. It’s been a mobile community site running on the J21Community software I wrote back at my college life.

I have been thinking of adding some sort of social interaction to it for a long time but never I got that much time. Today afternoon, I felt a dashing urge to do something with the facebook developers API. I started learning the basics of the API and soon gathered adequate knowledge to start writing an app. But I couldn’t come up with a good idea to implement. So I chose to integrate facebook with my mobile site.

First of all, I went through the R&D to find out which API calls I might need. Hopefully, there were only a few those would be required for what I wanted to do. So I registered a new app and fired off into coding.

The design is very simple. The app would collect the user’s unique facebook user ID and store in my database against a JOTIL21 username. You have to perform this linking action using your J21 ID and Password. Once your credentials are verified, your unique facebook id is stored into my database and linked with the corresponding J21 ID.

Now, to let J21 update your status for you, you need to allow special “extended permission”. So after successful link up, you’re provided with an URL to authorize that bit. Now, you’re totally done.

For this I used the official php5 facebook client library and used iframe as the default rendering method. The client uses an user’s unique facebook ID to to update his status using the $facebook->users_setStatus(“Status”,”Facebook_User_ID”) method.

It was really cool but looks like I am forgetting WML coding these days. Had to mess up a lot with the syntax. But finally, it’s running fine. It’s still in a beta mode, just a proof-of-concept that WML apps can have facebook connection as well.

Well, enough of that today. Gotta go for Iftari… Hope to write more on these topics really soon 🙂

Categories
PHP

Twitter OAuth Fun :D

My University is off for about a month and I am thinking of passing this huge time in some sort of productive work. I love coding and experimenting. Twitter and PHP being my favourites, I decided to check out the Twitter API and cook something up with PHP. I have already used the Basic Authentication API calls in the past (to develop the twitter mobile publisher at https://masnun.com/twitter/ which is my major tool to tweet while I am on the go). This time I decided to try the OAuth API mainly for two reasons — 1) I need to explore the OAuth system and 2) I have a project coming on based on the twitter OAuth API.

So, I started studying the Twitter OAuth API and learnt it pretty well. Then I thought what kind of application I could build with this very newly gathered knowledge ? Why not make some fun ? Yeah, I just can’t help making fun every now and then.

Finally, here it is — https://masnun.com/twitter-app/ 🙂

It’s a little devil app that automatically takes you to the authorization URL and asks for OAuth based authentication. If you allow it, it will automatically make a tweet using your account. The tweet will be nothing bad though, just a link back to the app 😉

To develop this app, I have used the official Twitter OAuth library for PHP written by Abraham. Download it: http://github.com/abraham/twitteroauth .

Points to Ponder:

  • An application can do almost anything to your twitter account once you approve it.
  • Twitter says, the access token they provide doesn’t expire. That means once you approve an application, it can use your account forever if they are clever enough to store your access token details.
  • While approving an application, you never know what kind of permission the application has — read only or read-write both. I think this option should be left upon the users. The users should be able to choose whether he wants to provide write access or not.

I have seen some web sites exploit Twitter accounts. TweeterFollow is a decent example of such nasty practices. Once you provide your credentials, they’ll regularly tweet their links from your account. So think twice before you approve an application though OAuth is safer than providing password since you can choose to withdraw your permission to an application.

I will write detailed about OAuth and provide the source code in another post. Just now, I am feeling extremely sleepy. Woke up to have my Sehri and didn’t return to bed. It’s time I had a nap… 😉