Surviving the OAuthpocalypse with Retweeter

A while back I hacked together a script for automatically reposting all tweets matching a given hashtag, called Retweeter. It’s useful for conferences and other events where you want to see a stream of info regarding a given topic, but don’t want to catch the attention of spammers. (To use retweeter, you set up a twitter account in the name of the hash tag, and retweeter only reposts tweets from those it follows – so if someone starts spamming, just have that retweeter account stop following them).

All was well and good until the OAuthpocalypse arrived:

The OAuthpocalypse was the end of basic auth, the mechanism involving storing your username and password, which earlier versions of ReTweeter used. Well, Twitter did shut off basic authentication, though in reality it took a bit longer than the announced August 31:

Photo by Bruno Pedro

Luckily this weekend I found time to update ReTweeter to accomodate OAuth – get the new ReTweeter 1.0 and give it a try. I’ve used Abraham Williams’ OAuth for Twitter library, which itself relies on Andy Smith’s OAuth library for PHP. Both are MIT licensed and are included in the download.

You’ll need to register your retweeter with Twitter at the register an application page, which will give you a “Consumer Key” and a “Consumer Secret” – you’ll need to copy these values into the configuration section at the top of retweeter.php.

Twitter Application Settings (Click for Full Size)

Then, making sure you are logged in to Twitter as the username for which you will run Twitter (the account which will follow people and where the retweets will be posted), click on the “My Access Token” button in the right rail of the Application Settings page. Here you’ll need to copy the Access Token and Access Token Secret to the appropriate places in retweeter.php:

OAuth Tokens for ReTweeter

Now that you’ve got all the info, open retweeter.php and (in addition to the existing configuration like username, database username, database password, database host, and database name) fill out the OAuth section of the configuration:

// we'll need some OAuth stuff here
// register your retweeter at
$consumer_key = 'Consumer Key';
$consumer_request = 'Consumer Secret';


// then click on "my token" on the resulting page and get these (make sure
// you are logged in AS THE USERNAME you intend to use, as these keys are
// specific to the user:
$retweeter_oauth_token = 'Access Token';
$retweeter_oauth_secret = 'Access Token Secret';

That should do it!

I’ve also updated Retweeter to follow the RT convention, so retweeted tweets will now look like this:

(@drunkjeckman is an old account which I no longer use except for testing. I expect my twitter followers to determine my level of sobriety based on the content of my tweets, not my username).