compared with
This line was removed.
This word was removed. This word was added.
This line was added.

Changes (39)

View Page History

Zend_Auth_Adapter_Twitter Zend\Authentication\Adapter\Oauth

1.0 - 17 November 2010: Initial Draft.
1.1 - 1 December 2010: Conversion to Zend\Authentcation\Adapter\Oauth

Zend_Auth_Adapter_Twitter is an authentication adapter designed to use twitter's OAuth service to authenticate a user.
Zend\Authentication\Adapter\Oauth is an authentication adapter designed to authenticate to third party OAuth providers such as Twitter, Facebook, etc.

* [Twitter OAuth Documentation|]


* This component *will* conform to the requirements of the Zend_Auth_Adapter Zend\Authentication\Adapter component (class Zend_Auth_Adapter_Twitter Zend\Authentication\Adapter\Oauth implements Zend_Auth_Adapter_Interface). Zend\Authentication\Adapter).
* The Zend_Auth_Adapter::authenticate() method *will not* return Zend_Auth_Result::SUCCESS unless a valid OAuth access token is obtained from twitter
* The Zend\Authentication\Adapter\Oauth::authenticate() method *will not* return Zend\Authentication\Result::SUCCESS unless a valid OAuth access token is obtained from the configured source
* This adapter *will not* throw exceptions for conditions that may occur during normal operation with a properly configured adapter (i.e. authentication failure). All such exceptions will be caught in the adapter's authenticate method and translated into an appropriate Zend_Auth_Result::FAILURE Zend\Authentication\Result::FAILURE response.
* This adapter *will* throw exceptions for configuration errors, environmental issues and invalid usage such as invalid configuration options for OAuth settings (i.e. consumer key/secret).
* This adapter *will* return Zend_Auth_Result::FAILURE Zend\Authentication\Result::FAILURE if access was not granted by the end user from twitter's access challenge the OAuth provider (i.e. they deny access to the application)
* This adapter *will* take advantage of the existing Zend_Oauth component to obtain and exchange tokens from twitter.
* This adapter *will* require configuration of an OAuth consumer via the existing Zend\Oauth component
* This adapter *will* take advantage of Zend_Session_Namespace Zend\Session\Namespace to save state while the user is taken away to twitter's the OAuth providers site, then back to the application
* This adapter *will* provide ability to change the Zend\Session\Namespace option
* This adapter *will* provide a mechanism to pass the OAuth return parameters (typically passed in the $_GET var) to the adapter for Zend\Oauth acquisition of an access token


The component will be used as an instance of Zend_Auth_Adapter_Interface, Zend\Authentication\Adapter, implementing the authenticate() method. What makes this component unique is it's need to leave the user's application to authenticate with twitter's a third-party OAuth service, provider, then return back to a state within the application.

The workflow would be something like:

* Create an options array containing 'consumerKey', 'consumerSecret', and 'callbackUrl'
* Create an instance of Zend\Oauth\Consumer, specifically containing 'consumerKey', 'consumerSecret', 'siteUrl' and 'callbackUrl'
* Instantiate Zend_Auth_Adapter_Twitter, Zend\Authentication\Adapter\Oauth, passing the options array to the constructor as well as the instance of Zend\Oauth\Consumer
* Call the authenticate method

'consumerKey' => '2342kljv23onv34ij34',
'consumerSecret' => '23lkjalkjoij408afkljjr09j4afseaf',
'callbackUrl' => '',
'siteUrl' => ''

$adapter = new Zend_Auth_Adapter_Twitter($options);
use Zend\Oauth\Consumer as OauthConsumer;
$consumer = new OauthConsumer($options);

$auth = Zend_Auth::getInstance();
use Zend\Authentication\Adapter\Oauth as OauthAdapter;
$adapter = new OauthAdapter();

$result = $auth->authenticate($adapter);

* Authenticate method would acquire a request token
* Store the request token in a Zend_Session object
* Redirect the user to twitter the OAuth provider to authenticate
* User will allow or deny access from twitter's website
* Twitter OAuth provider will redirect the user back to the application through the callbackUrl passed in the options
* Obtain an access token based on the request token stored in the Zend_\Session object
* Unset the Zend_\Session object
* Return twitter's uid in a Zend_Auth_Result object
* Return a key=>value array of the body returned from the acquisition of the Access Token

Sample code can be found here: [] []


* Zend_Auth_Adapter_Twitter Zend\Authentication\Adapter\Oauth

class Zend_Auth_Adapter_Twitter implements Zend_Auth_Adapter_Interface
use Zend\Authentication\Adapter as AuthenticationAdapter,

class Oauth implements AuthenticationAdapter
public function __construct($options)
public function __construct($options = array, Zend\Oauth\Consumer = null)