Today I have spent my day working on a small application, simple thing, that would allow a Twitter (oAuth) user to connect to the Twitter application and then allow them to update status from this application.
The basic principle of this construction can be used to any application that you want to construct.
First things first. The first step for the application to work, and by far the most important piece, is the oAuth token request, authorization and access. The process is not complex to do it and writing the whole class on this post would only make it boring, so check this class, made for CakePHP, that holds this precise logic: http://github.com/abraham/twitteroauth/tree/master and if you want to create your own, check out oAuth website for more info.
Now considering that you have all the logic for requesting the tokens, access, etc to oAuth, the next step is to make your twitter application to talk to Twitter and get / post the info.
Step 1 – Passing your KEY and SECRET to the Twitter API and request the token.
Now comes a special trick. The request token is done once, so keep it in Session after you get it.
Step 2 – Request authorization. How many times you have seen a small pop-up where you would allow the application to access your information? Well, that is precisely what you will be doing. Once you have the oAuth request back, pass the key and secret from that request to the authorization to get a extremely important piece for the last part of this puzzle.
Once the authorization is successful on Twitter, it will return, on the callback url, the oauth token and oauth verification code. Keep those in session, you will be using those constantly.
Step 3. The last step is to get access to the application and then, in our case, post the new status on Twitter. This is the part that you might get stuck, and, yours truly, lost a couple of hours to understand this.
The Twitter API Documentation is not one of the best things on the planet and it is understandable, it is not a best seller novel. Reading the documentation, blogs and sources online, the basic understanding is that, for each time you would submit a request to post or get data from Twitter you would need to get access again and then post or get the info that you desire.
Well, that is a mislead. Once you get access, just like the authentication and the request, keep that info into your session because if you try to get access again, the token that you have requested will be invalidated. Currently the token is set to expire at Twitter in 1 hour, so this is another thing that you need to keep track also.
How do you know if your token is invalid or has been revoked? One of the messages that Twitter will respond, quite often when that happens is:
<error>Invalid Token / Revoked</error>
When you see this you get either a token that expired at their server or you did another access request that will revoke the previous token.
With this 3 pieces of info kept on your session you will be able to easily construct any application that will have full interaction with the Twitter API.
If your are planing an application to simply tweet / retweet a url, use their widget. It is good and there is no need to reinvent the wheel.
Finalizing the full of Tweets post, there is a Tweet / Retweet button on the bottom of this post, so retweet…