使用Twitter OAuth API进行身份验证

Question

I am currently trying to integreate twitter into a php web app that I am working on with OAuth.

I have an HTML page which provides a link to the twitter app authentication url which appears to be working fine and is showing the authentication screen.

Below is the code that calls the function.

if (!isset($_GET['oauth_token']))
{
    //include("phpHandler/twitterLib/secret.php");
    getTwitterURL($consumer_key, $consumer_secret);
}

The consumer_key and consumer_secret are included within a php file.

Below is the code that gets the twitter authorisation url.

function getTwitterUrl($consumer_key, $consumer_secret)
{
    $twitterObj = new EpiTwitter($consumer_key, $consumer_secret);
    $url = $twitterObj->getAuthorizationUrl();
    echo '<a class="linkButtons" href="'.$url.'">Add Twitter</a>';
}

This redirect back to the page fine and then I call the authentication method to retrieve info like twitter username. Below is the function that does the authentication

function authenticate($consumer_key, $consumer_secret)
{
    require ("twitterLib/EpiCurl.php");
    require ("twitterLib/EpiOAuth.php");
    require ("twitterLib/EpiTwitter.php");
    require ("twitterLib/secret.php");*/
    $twitterObj = new EpiTwitter($consumer_key, $consumer_secret);
    $twitterObj->setToken($_GET['oauth_token']);
    $token = $twitterObj->getAccessToken();
    $twitterObj = new EpiTwitter($consumer_key, $consumer_secret);
    $twitterObj->setToken($token->oauth_token, $token->oauth_token_secret);
    $token = $twitterObj->getAccessToken();
    $twitterObj->setToken($token->oauth_token, $token->oauth_token_secret);
    $_SESSION['ot'] = $token->oauth_token;
    $_SESSION['ots'] = $token->oauth_token_secret;
    $twitterInfo= $twitterObj->get_accountVerify_credentials();
    echo '<pre>';
    print_r($twitterInfo->response);
  }

The echo and print_r is to show the response return from twitter.

I am getting the following error printed out in the array

Array ( [error] => Invalid / expired Token [request] => /account/verify_credentials.json )

How can I fix this error. I don't know why its invalid or expired, I have closed the browser and started again but get the same error appear.

Thanks for any help you can provide.

Answer 1

Your access token will be invalid if a user explicitly rejects your application from their settings or if a Twitter admin suspends your application. If your application is suspended there will be a note on your application page saying that it has been suspended.

Many users trust an application to read their information but not necessarily change their name or post new statuses. Updating information via the Twitter API - be it name, location or adding a new status - requires and HTTP POST. We stuck with the same restriction when implementing this. Any API method that requires an HTTP POST is considered a write method and requires read & write access.

Whatever your storage system may be, you'll need to begin storing an oauth_token and oauth_token_secret (collectively, an "access token") for each user of your application. The oauth_token_secret should be stored securely. Remember, you'll be accessing these values for every authenticated request your application makes to the Twitter API, so store them in a way that will scale to your user base. When you're using OAuth, you should no longer be storing passwords for any of your users.

require '../tmhOAuth.php';

require '../tmhUtilities.php';

$tmhOAuth = new tmhOAuth(array(

  'consumer_key'    => 'YOUR_CONSUMER_KEY',

  'consumer_secret' => 'YOUR_CONSUMER_SECRET',

  'user_token'      => 'AN_ACCESS_TOKEN',

  'user_secret'     => 'AN_ACCESS_TOKEN_SECRET',

));



// we're using a hardcoded image path here. You can easily replace this with an uploaded image-see images.php example)

// 'image = "@{$_FILES['image']['tmp_name']};type={$_FILES['image']['type']};filename={$_FILES['image']['name']}",



$image = "./dickvandyke.jpg';



$code = $tmhOAuth->request('POST', 'https://upload.twitter.com/1/statuses/update_with_media.json',

  array(

    'media[]'  => "@{$image}",

    'status'   => "Don't slip up" // Don't give up..

  ),

  true, // use auth

  true  // multipart

);



if ($code == 200) {

  tmhUtilities::pr(json_decode($tmhOAuth->response['response']));

} else {

  tmhUtilities::pr($tmhOAuth->response['response']);

}

Answer 2

I worked on new Twitter API. It is working fine for me with following code I did.

<?php
require "vendor/autoload.php";
use Abraham\TwitterOAuth\TwitterOAuth;
$consumer_key = "XXXXXXX";
$consumer_secret = "XXXXXXX";

$connection = new TwitterOAuth($consumer_key, $consumer_secret);

 $request_token= $connection->oauth('oauth/request_token', array('oauth_callback' => "http://callbackurlhere.com/callback.php"));
$url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));

header('Location: '. $url);
?>

callback.php code below to obtain the permanent oauthToken and save it in database for further use:

<?php
require "vendor/autoload.php";

use Abraham\TwitterOAuth\TwitterOAuth;

    // session_start();
    if(isset($_REQUEST['oauth_verifier'])){

    $oauth_access_token = $_REQUEST['oauth_token'];
    $oauth_access_token_secret = $_REQUEST['oauth_verifier'];
    $consumer_key = "XXXXXXXXXXXXXXXX";
    $consumer_secret = "XXXXXXXXXXXXXXX";
    $connection = new TwitterOAuth($consumer_key, $consumer_secret,$oauth_access_token , $oauth_access_token_secret );

    $access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $oauth_access_token_secret));
    var_dump($access_token); die("--success here--");// Obtain tokens and save it in database for further use.
    }

    ?>

Answer 3

I've managed to find the problem. I always creating two new EpiTwitter objects in the authenticate function.