In about 7 weeks, the OAuthocalypse is coming. Twitter will turn off Basic Authentication for accessing their API and you have to use OAuth. I assume, there are a lot of php scripts out there, which still use the Basic Authentication approach and not OAuth. The Basic Authentication way also breaks the password anti-pattern and is therefore very bad practice. You have been warned now :)
Here I present my little rss2twi.php script, which posts new entries from an RSS feed to Twitter with OAuth. It is certainly far from perfect, but may be a starting point for some. It is also part of my Real Time Web With A Real World Example Setup.
It has the following features:
- It uses OAuth for authentication. You need the pecl/oauth extension for that. Maybe someone could port it to use PHP Userland OAuth
- It can handle more than one RSS feed
- Configuration is via a YAML file (uses sfYaml)
- It can push updates to Prowl
- It has a customizable URL Shortener (defaults to liip.to)
- Also has a very basic Pubsubhubbub Subscriber for immediate updates.
- It is Open Source (Apache Software Licensed) and available at Github
I won't go into details how it's all done. The main class is only 245 lines of code, sample URL shorteners are also included in the code.
To use it, you first have to get the oAuth Tokens. For that you call the getOAuthToken.php file from a command line and do what it tells you to do (basically to approve the App with Twitter). You add those lines to conf/feeds.yml and then just call “rss2twitter.php” to send your RSS items to Twitter. There are more options for feeds.yml, they are described in feeds.yml-dist. You can also define the defaults in conf/defaults.yml and add more than one feed.
If you want to act as a Pubsubhubbub Subscriber you need to adjust and use “subscribe.php” and “callback.php”.
The whole script certainly could be extended and some things polished, but it works for me since quite some time and pushes all updates of this blog, Planet PHP and my private blog quite flawlessly to Twitter (and if all goes well even in real time). Feel free to use it, fork it, extend it and do whatever you want. And I hope, it helps spreading OAuth instead of the bad “asking for passwords” pattern a little bit more.