I am trying to write an php twitter script which will be run by crontab, what the script does is to get the tweets from a dedicated twitter account.
I have looked at some of the php twitter oauth libraries, all of them seem to use redirect to a twitter page to get a token, then goes back to a callback link. In my case I don't want to have any user interaction at all.
Could anyone please tell me what I should do?
Regards
James
Twitter provides a single access token feature on dev.twitter.com designed just for this use.
http://dev.twitter.com/pages/oauth_single_token
You shouldn't need to be using the Twitter API at all. Tweets are public resources, accessible via HTTP.
Here's the official Twitter account's last 10 tweets, available as JSON or XML.
I use oAuth for my Twitter bot. I got the oAuth token by making a web interface and signing it up. I then pass the token with my calls.
I use Abraham's oAuth library:
http://twitteroauth.labs.poseurtech.com/connect.php
You can use the example from the library to get the token. Just have it echo the token from the $_SESSION it creates on the callback.
Unless the account is private, you don't need to be authenticated.
Or use OAuth, and authenticate using an admin screen.
We do not currently expire access
tokens. You access token will be
invalid if a user explicitly rejects
your application from their settings
or if a Twitter admin suspends your
application. If your application is
suspended there will be a note on your
application page saying that it has
been suspended.
http://apiwiki.twitter.com/OAuth-FAQ
Related
I am implementing the hybrid sign in flow got login with Google+. What I want to achieve is this:
One a user has authorized the app, the next time he comes back on the website, I want to log him in automatically.
In hybrid flow, google automatically logs the user in and displays a welcome back message (javascript sdk) along with returning access token. But this process requries one ajax call to be sent to gogole api.
I want to make this call through the backend itself using Google's PHP client library. Since the app has been authorized already, it should simply return the access token as it does when using javascript sdk. But I am not able to figure out how to achieve this using client library. Can anyone please help me out?
In your call parameters set access_type: 'offline', then need to get a new token using the refresh_token that is provided ONCE at the FIRST time of authorisation. You will have to store that refresh_token somewhere in your database and pair it up with the user's already expired access token ID or somehow and make another call for a valid access token.
For the time being you can set approval_prompt: 'force' but that's merely a development trick not a real solution.
More is explained here refresh token with google api client php
We are building an enterprise application, and we are trying to integrate linkedIn API for authentication, but as I see in the linkedIn API developer, the authentication can be possible only from the client side ... that is after I load the page, I can check whether there is a linkedIn session by making necessary calls as given in the linkedIn API.
But how do I do that same from the server itself, so that I can directly take the user to the home page?
Regards
Using the REST API, you can use LinkedIn for authentication, there are just a couple more steps you need to take.
Essentially, you need to get the user to initiate 'connecting' with LinkedIn from your application, have them authorize the application, and when they have, you can then store the returned user token locally if need be.
Once the user has authorized your application, and assuming you are using the LinkedIn 'authenticate' endpoint, returning users will see the following behavior on clicking the 'connect/sign-in' button: for users that currently have a valid session with LinkedIn, they will be returned immediately back to your site with their OAuth token. For those that have singed out of LinkedIn, they will need to sign-in first, then will be returned to your site with their token.
You can see this basic userflow on the Simple-LinkedIn demo page:
http://simplelinkedin.fiftymission.net/
i have looked over the internet on some information about this but all that i've found is for the SDK version 2.X.X, now with the 3.0.0 version it ain't working.
What i need is to get the user info and use it as a server to be posting anytime without rellying on cookies.
Any idea of how to do this? The old tutorials sugests something like this:
$facebook->getSession()
and on the sessions, i would get the keys but this method doesnt exists anymore. Any idea how to get the sessions keys and to re-use it?
Thank you!
If you need an "infinite" session, ask for the offline_access permission. From there, you'll have to take the access_token from the session and store it in a database.
The SDK provided by Facebook for PHP is intended to be called and utilized while a user browses your site - actions that perform facebook API calls without the users direct involvement require something more robust that uses the same approach but with saved tokens and initiated by cronjobs or background processes.
The oAuth 2.0 flow for validation and granting permissions is detailed in Facebook's documentation.
http://developers.facebook.com/docs/authentication/
You can perform the logic described here manually without even using the SDK using a standard HTTP request library like CURL. Basically what's entailed is sending a request to facebook when the user first looks to grant access, at which point the browser should redirect fully to the FB Login/permissions dialog. It is in this query that you specify what permissions you will require. You can use the redirect_uri parameter to point this back to an endpoint in your application that then takes the data Facebook returns, sends it back for an access token, and then saves that final oAuth token to a file or database row associated with that user.
For the kind of actions you have described, you'll need to request the offline_access permission when you make your URL call to Facebook. This generates a token that will be permanently valid until the user revokes its permissions in their facebook account using the 'Aps' interface.
You can learn more about oAuth here:
http://oauth.net/2/
I also highly suggest subscribing to Facebook's Developer RSS feed. They very regularly make huge shifts in how they operate their API and typically only announce them there.
http://developers.facebook.com/blog/feed
I am creating a website that integrates with Facebook's graph API using the PHP SDK. However, i am looking for a way i can pass variables like user id, location, likes etc between pages (maybe using php's session_start. And when the user logs out of facebook the session gets deleted.
Thanks.
The session needs to be managed by your php application. Once facebook authenticates you using it's API you are given an access token for further requests using the graph api. Facebook doesn't authenticate you again and again. The session and the params that you need are the responsibility of you application. If you want to interact with facebook data, you use graph API in that case, else your application runs independently.
I have a site written in PHP.
I need to get a list of events from a Facebook page and publish them on a page of the PHP site.
This call works but but it require an access token:
https://graph.facebook.com/mtv/events?access_token=....
I want publish the list on the PHP site without requiring an user to login with Facebook.
Is this possible? Is there any way that I can get a permanent token to hardcode in my PHP code?
offline_access Enables your
application to perform authorized
requests on behalf of the user at any
time. By default, most access tokens
expire after a short time period to
ensure applications only make requests
on behalf of the user when the are
actively using the application. This
permission makes the access token
returned by our OAuth endpoint
long-lived
.
I don't know if this is valid for Graph API.
EDIT:
I think your only chance is to use DOM Parser and parse http://www.facebook.com/MTV?v=app_2344061033, this shouldn't be hard at all.
If it is a public page you should be able to get the events using any access token with offline_access rights.