THE FILES
The tmhOAuth.php class is found here:
You can download the tmhOAuthExample class too, which extends tmhOAuth:
MY APP
Just to clarify, I am running an apponly_request to search tweets. That is it, nothing more.
https://dev.twitter.com/docs/api/1.1/get/search/tweets
THE SHORT ANSWER
Getting authenticated is a two step process. The confusing part is that the API uses the same variable name for both: the bearer credentials to get the oauth2 token, and the bearer token which is the oauth2 token you get back.
First you have to request the oauth2 token (or bearer token) by using your encoded keys and secrets as the bearer token (or credentials).
https://dev.twitter.com/docs/auth/application-only-auth
Then, you can start a new request to search tweets by using the oauth2/bearer token instead of the encoded keys and secrets. Let me explain in more detail…
THE LONG ANSWER WITH CODE
With minor changes (described below), I put all the tmhOAuth files and the tmhOAuthExample.php in a sub-folder on the site (I used /twitter). The files could go anywhere, but I like organization, and having them close to the root makes it easier to include.
The example class contains comments that say, “In production you shouldn’t use this file, but you could use the idea…”
However, I do not know what reason there is to not use this file.
I slightly modified tmhOAuthExample.php. Since this class extends the tmhOAuth, I replaced “tmhOAuthExample” text with “tmhOAuthExt”, and renamed the file to “tmhOAuthExt.php”.
I also replaced the location of “require” statements at the top of the file with a more simple require since the tmhOAuth.php is in the same folder and I am not using composer.
require ‘tmhOAuth.php’;
Then through trial and error, I came up with some code that I could put in a separate function to get the oauth2/bearer token.
function twitter_bearer_token(
$tw_consumer_key,
$tw_consumer_secret,
$tw_user_token,
$tw_user_secret
) {
@$tmhOAuth = new tmhOAuthExt(array(
'consumer_key' => $tw_consumer_key,
'consumer_secret' => $tw_consumer_secret,
'token' => $tw_user_token,
'secret' => $tw_user_secret,
'bearer' => base64_encode($tw_consumer_key.':'.$tw_consumer_secret),
'curl_cainfo' => $_SERVER['DOCUMENT_ROOT'].'/twitter/cacert.pem',
'curl_capath' => $_SERVER['DOCUMENT_ROOT'].'/twitter/',
));
session_start();
$bearer = $tmhOAuth->bearer_token_credentials();
$params = array(
'grant_type' => 'client_credentials',
);
$code = $tmhOAuth->request(
'POST',
$tmhOAuth->url('/oauth2/token', null),
$params,
false,
false,
array(
'Authorization' => "Basic ${bearer}"
)
);
if ($code == 200) {
$data = json_decode($tmhOAuth->response['response']);
if (isset($data->token_type) && strcasecmp($data->token_type, 'bearer') === 0) {
$new_bearer = $data->access_token;
}
} else {
return $tmhOAuth->render_response();
}
return $new_bearer;
}
Now that we have a function to get the bearer token, here is the code I used to search tweets:
$tw_consumer_key = 'xxxxxxxxxxxxxxxxxxxxxx';
$tw_consumer_secret = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$tw_user_token = 'xxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$tw_user_secret = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
// tmhoauth
require_once $_SERVER[‘DOCUMENT_ROOT’].’/twitter/tmhOAuthExt.php’;
$tw_bearer_token = twitter_bearer_token(
$tw_consumer_key,
$tw_consumer_secret,
$tw_user_token,
$tw_user_secret
);
@$tmhOAuth = new tmhOAuthExt(array(
‘consumer_key’ => $tw_consumer_key,
‘consumer_secret’ => $tw_consumer_secret,
‘token’ => $tw_user_token,
‘secret’ => $tw_user_secret,
‘bearer’ => $tw_bearer_token,
‘curl_cainfo’ => $_SERVER[‘DOCUMENT_ROOT’].’/twitter/cacert.pem’,
‘curl_capath’ => $_SERVER[‘DOCUMENT_ROOT’].’/twitter/’,
));
// get tweets
$code = $tmhOAuth->apponly_request(array(
‘method’ => ‘GET’,
‘url’ => $tmhOAuth->url(‘1.1/search/tweets’),
‘params’ => array(
‘q’ => $q
)
));
// display tweets
if ($code == 200) {
// code to display tweets
}
I hope this helps a lot of people. Let me know if this needs any clarification.
Good luck!
