Twitter Friend Feed Authentication

I’m a twitter n00b. I joined up a month or so ago just to try it out, and occasionally i post something technology or work related. Turns out that I joined up right after they disallowed being able to subscribe to your “friends feed” feature without authenticating first. This is naturally a PITA because I use Google Reader, and it doesn’t pass down any credentials for me. Shit.

So my first reaction was to write a script in PHP which proxys the request on my behalf and authenticates me at the same time (hey it is silly-code Thursday after all). And that’s what this post was meant to be about. I was planning on blogging about my Thursday night somewhat learning PHP over again. In case you care, the code and links will come later.

As I was writing this to look up some references, I stumbled across this page which describes how you can use Yahoo Pipes to authenticate to Twitter and achieve the same result. What took me a few hours to learn and do in PHP, took me seriously less than 10 minutes using Yahoo Pipes. Absolutely remarkable. I’ll be spending more time playing around with that, now!

So if you care, the PHP version looked something like this:



$client = new HttpClient('');
$client->setUserAgent('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/2008092417 Firefox/3.0.3');
$reqHeaders["Accept-Charset"] = "ISO-8859-1,utf-8;q=0.7,*;q=0.7";
$reqHeaders["Keep-Alive"] = "300";
$reqHeaders["Connection"] = "keep-alive";

if (!$client->get('/statuses/friends_timeline/16832429.rss')) {
    die('An error occurred: '.$client->getError());
$pageContents = $client->getContent();
$requestArray = array_values(explode(';', $client->getHeader('Set-Cookie')));

$split = explode('=', $requestArray[0]);
$cookieArray[$split[0]] = $split[1];

$client->setAuthorization('username', 'password');
if (!$client->get('/statuses/friends_timeline.rss')) {
    die('An error occurred: '.$client->getError());
echo $pageContents = $client->getContent();


I used the HttpClient class to make the requests, which was the first result that came up in Google. Turns out this code hasn’t been updated since 2003 (incidentally that’s around the same time when I last did PHP), and there was a bug that the Authorization request header came AFTER the Cookie header, which (as it turns out) will be rejected by the webserver with a 401. That oddity alone took me an hour to figure out. *sigh*

Leave a Reply

Your email address will not be published. Required fields are marked *