Twitter OAuth beta is open for public. Before I start coding support for it into twitter module I'm just wondering if there was a decision made how this should be done. Is twitter module going to use oauth module and simply use code in oauth test client for twitter purposes, use oauth php code, some third option.

Heine - This issue is now locked. Please create a new issue for additional problems.
Members fund testing for the Drupal project. Drupal Association Learn more


Rok Žlender’s picture

18.63 KB

I created initial patch very rough around the edges but it works it uses for oauth stuff. Not sure yet how old users will be converted. To test the patch you need:

Rok Žlender’s picture

Status: Postponed (maintainer needs more info) » Needs work
Rok Žlender’s picture

Issue of converting old pass authenticated users is also being discussed on twitter dev list

GreenSkunk’s picture

+1 subscribing

edmund.kwok’s picture

+1 subscribing too, OAuth is the future :D

Rok Žlender’s picture

23.75 KB

Rerolled with recent twitter changes and a bunch of cleanup. Also more functions now use oauth. Problems still in the code

  • No upgrade from regular users
  • No way to only specify account name for non privileged access. Every user must approve account through twitter page.
Leeteq’s picture


Anonymous’s picture

did you do that for a site called ''?
at least that website name appears in my admin.

tbartels’s picture

Yes, it looks like the site is hard-coded into the description and success messages for account setup. It should be changed to use variable_get('site_name')

jjeff’s picture

I've applied this patch, installed twitter.module on my site and have found the following:

- Yes, once you get the settings set up correctly while registering the Twitter application, it seems to authorize correctly.

- The string 'Now Public' appears to be hardwired in to the module/patch. So you get a message something like "You've successfully authorized Now Public to access your account." I'm guessing this should be a setting which defaults to the site name.

- I get the following error on the first page I load after running cron.php: "Unknown column 'tu.password' in 'field list' query: SELECT tu.screen_name, tu.password, ta.protected FROM twitter_user tu LEFT JOIN twitter_account ta ON tu.screen_name = ta.screen_name WHERE tu.import = 1 ORDER BY ta.last_refresh ASC LIMIT 0, 20 in sites/all/modules/twitter/twitter.module on line 188."

I did not patch an existing install of the Twitter module, so I'm guessing this error has something to do with a problem in the .install file.

- Schema module reports the error: "twitter_user.screen_name is part of the primary key but is not specified to be 'not null'."

- Schema module also reports (this may be same as above):

  column screen_name:
    declared: array('type' => 'varchar', 'length' => 255)
    actual: array('type' => 'varchar', 'length' => '255', 'not null' => TRUE, 'default' => '')
jjeff’s picture

34.79 KB

Also, the user/{uid}/edit/twitter page does not show anything in the Name or Description column:

pribeh’s picture


NikLP’s picture


Rok Žlender’s picture

Ups NowPublic shouldn't be there :). I'll update patch with latest changes I made. Twitter is still actively changing stuff here and there but we don't have any problems with authenticating with oauth or authorizing accounts.

@Jjeff that screenshot indicates something didn't go as planned. Probably change to twitter oauth is not in patch yet.

Rok Žlender’s picture

25.85 KB

New patch with some more debugging and code that works with authorizing account with twitter. NowPublic branding removed. Marketing attempt failed :)

Rok Žlender’s picture

With latest version of twitter module I don't get any schema module warnings. Also I can reproduce cron error. I missed cron func and it still tries to select password from db which does not exist anymore new patch is coming tmrw.

Anonymous’s picture

does it mean i can already use twitter as login for my drupal page?

Rok Žlender’s picture

@bara.munchies No, sign in with twitter is not supported in this patch. It only changes way your site calls twitter api.

NikLP’s picture

At the risk of sounding like a tool, is the above question & code re twitter credentials powering drupal authentication actually part of the roadmap? I could really use some of that about now.

Happy to do some small amount of sponsorship if necessary - hit me up if you're interested.

Gold’s picture

Hey all,

Just wondering what the status of this patch is?

I have a client that needs what this provides. I don't usually use dev modules but this is the only option that I have. So... I'm about to start code review.

I'm applying twitter_4.patch to the DRUPAL-6--2 CVS tag. If I'm going about this wrong could someone say so?

Also, is there any central chat location (irc etc.) where development/testing/etc can be discussed in real time?

Gold’s picture

1.49 KB

Not sure if this is the right place to post this but it's related to the OAuth side of the project.

During testing I was getting an error from Twitter when trying to authorise an account via oauth and realised that I'd not setup the keys. This patch tests for the presence of both oauth keys and if either is absent it mentions that setup is required and provides a link to the setup form. It's assumed that this would happen during setup by the site owner/developer so there's no checking for permissions or anything.

twitter_4.patch should be applied before applying this patch.

Gold’s picture

I've noticed that when you return from the Auth process there's 2 things that need fixing.

The first is a call to twitter_fetch_statuses() which fails. It looks like this is using the old user/pass approach. This is the error;

warning: Missing argument 2 for twitter_fetch_statuses(), called in /home/gold/web/ts2/sites/ts2/modules/twitter/ on line 491 and defined in /home/gold/web/ts2/sites/ts2/modules/twitter/ on line 256.

The other is that when you return it takes you to the user edit page. I would expect to return to the user edit twitter page and see that my new account is actually in the list.

I'm about to start on this. If anyone is already working on this or has a patch in need of review please let me know.

Otherwise, there will hopefully be a patch posted soon.

Gold’s picture

twitter_fetch_statuses() calls _twitter_convert_xml_to_array().

This last function fails every time with "Exception: String could not be parsed as XML in /path/to/drupal/sites/ts2/modules/twitter/ on line 541" This is thrown by SimpleXMLElement::__construct().

I've run the XML returned from Twitter through the W3C validator and that claims it's fine. I'm able to parse it through simplexml_load_string() okay. I'm currently rewriting the guts of this function to use this instead.

I've not been able to find an explanation as to why this doesn't work.

If _anyone_ knows why this doesn't work please let me know. I hate having to change things this way without a good explanation.

Gold’s picture


simplexml_load_string() is loading the XML okay but calling ->getName() says I'm trying to access a method on a non-object.

print_r() says it's an Object.

get_class_methods() returns a list of methods too. One of which is getName(). :/

Giving up on this. Trying DOMDocument. :/

Gold’s picture

Okay... This is getting a little retarded... I was just (okay, two days ago) on ##php on freenode and was asked to show the original error. I swapped out the file with an untouched one and everything worked. Now I have the mystery of why it didn't work and why it does work.

Code forensics commence. :/

Gold’s picture

okay... If I take the debug output from a shell and hardcode the data being fed into SimpleXMLElement it parses fine. This suggests that it's a character encoding issue. Following this path of inquiry now. :/

Gold’s picture

I'm giving up on this. It's doing my head in. It's not a character encoding issue as far as I can tell. Headers from the server claim utf-8. xml tag claims should be utf-8. Ensuring it's UTF-8 with mb_convert_encoding() and iconv() doesn't help. w3c claims the XML is well formed. xmllint claims it's well formed.

These all say to be the character encoding and the xml format are fine. I have no more ideas.

I'm not actually wanting to use the twitter module for managing the status messages anyway. All this time when I could have just worked around it. Ah... well.

I'm wanting to use the Twitter/Oauth facility to auth/approve/manage the accounts and sending messages only. To this end the fetching of statuses is redundant for me.

Instead I'm going to add a check box to the admin area that asks if the twitter module needs to manage the import of Tweets. This will allow for third party modules to be able to manage tweets themselves.

If anyone else has a similar problem as what I've been pulling hair over for the last few days I'd love to know what you figure out.

NikLP’s picture

The new GoTwitr site (currently on the d.o front page) implements some sort of twitter/oauth business - is that worth a look? Some of the code is freely available there.

radj’s picture


geerlingguy’s picture


xurizaemon’s picture

Title: Authenticate Twitter API via oAuth instead of Basic Auth » Twitter and oauth

This issue is not about authenticating Drupal users via Twitter oAuth; it's about transitioning the Drupal twitter module from Twitter's Basic Auth (username/password) to oAuth (tokenised) for API requests.

That said, @NikLP (& others interested in Drupal signin using Twitter creds), you may want to check out the JanRain Engage (aka/fka "RPX") or Gigya Socialize projects which implement this (for multiple providers, one of which is Twitter).

Both are commercial products with free offerings, and if privacy issues are a factor for you, review the service terms; at least Gigya's T&C states that they gather data for ad purposes, and both involve trusting a third party with auth provision. I've used RPX and been happy with the results to date.

calvintennant’s picture


dewolfe001’s picture

Subscribing too.

Will these patches be rolled into an upcoming release of the Twitter module?

calvintennant’s picture

Status: Needs work » Fixed

This is actually already done, in the 3x version of this module. You've gotta install with the 2x version of OAuth though (for now)..

bayousoft’s picture


g.k’s picture


xurizaemon’s picture

Title: Twitter and oauth » Authenticate Twitter API via oAuth instead of Basic Auth
Status: Fixed » Needs work

Reverting status change by @calvintenant in #34.

Calvin is correct that you can sign Drupal users in via the new Twitter Signin module in 3.x.

However, AFAIK this issue is not about signing Drupal users in via Twitter oAuth, it's about migrating the Twitter module from Basic Auth to oAuth.

(please correct issue subject if you can make it clearer/more accurate!)

geshan’s picture

Title: Twitter and oauth » Authenticate Twitter API via oAuth instead of Basic Auth

Can't use twitter module to post to twitter account: . this must come in the main module not as a patch very soon.

juliangb’s picture

Priority: Normal » Critical


Sounds like all installations of this module will need to be updated once this is committed for them to work again, hence marking this critical.

Gerard’s picture


TCRobbert’s picture

The whole change came to me with a surprise as well this morning. Unfortunately I am only using "Twitter Actions". Did anyone manage to get that working yet with oAuth?

I looked at the 3.0 beta2 and 3.0 dev, but neither seem to be updated regarding actions.

KingMoore’s picture

ah yes... my Twitter posting has stopped working today! Thanks for the heads up Twitter.

KingMoore’s picture

I am wondering... is there currently a combo of the TWITTER module and OAUTH module that will allow me to update statuses on Twitter? That is the only function I use from the entire twitter module.

I have been using twitter module 2.6 but I just now upgraded to the 3.x-dev and it is crashing (Call to a member function get_auth() on a non-object). I looked briefly at the OAUTH module, but it looks like it requires all kinds of other modules to be installed and I don't really want to go down that path not knowing if it will work.

sterndata’s picture


chezwel’s picture

unable to post anymore, when trying to setup twitter for account gives error: Twitter authentication failed. Please check your account name and try again. Able to sign in to twitter just fine so I'm assuming this is part of the Oauth issue.


jeni_dc’s picture

Using Oauth 6.x-2.02 and Twitter 6.x-3.0-beta2 I was able to successfully ad an admin (global) Twitter account and use that account to post updates to my twitter account. This was only done when submitting the node, though, any actions still seem to be broken. When trying to update my Rules that were automatically set up to post to twitter, I get a white screen of death when submitting the action portion of the rule.

Updating the Oauth and Twitter modules to the latest versions and dev versions did not help.

No errors were showing up in the Drupal logs after that, but upon inspecting my server log I noticed a PHP Fatal error: Call to undefined function twitter_authenticate() in ... /twitter_actions.module on line 80


tryitonce’s picture

... it seems the problem is Twitter - changing to full use of Oauth - they changed over on the 31.08.2010 and sent the email on the 02.09.2010. Big boys can do that - obviously.

That's the story from the email from Twitter:
Update 1: New authorization rules for applications
Starting August 31, all applications will be required to use “OAuth” to access your Twitter account.

What's OAuth?

  • OAuth is a technology that enables applications to access Twitter on your behalf with your approval without asking you directly for your password.
  • Desktop and mobile applications may still ask for your password once, but after that request, they are required to use OAuth in order to access your timeline or allow you to tweet.

What does this mean for me?

  • Applications are no longer allowed to store your password.
  • If you change your password, the applications will continue to work.
  • Some applications you have been using may require you to reauthorize them or may stop functioning at the time of this change.
  • All applications you have authorized will be listed at
  • You can revoke access to any application at any time from the list.

So, what does this realy mean for the Drupal users less professional with coding and patching things up?

KingMoore’s picture

All I really need right now is a version of twitter_set_status that works with the new Oauth. I tried looking at the code but the scope is beyond me.

Is there a simple fix?

nedwardss’s picture

Same issue...subscribing.

KingMoore’s picture

To anyone who simply wants to post status updates like you did before, very simply from your drupal site, the whole Oauth process seems like a bit of overkill (but sadly we have no choice now!).

For cases like ours, twitter refers to it as a "single user" case. Meaning we simply want our website to post status updates to our twitter account. The standard case seems to be where any user on your site can authenticate with twitter and then post things to their twitter profile from your site.

For anyone in a "single user" case, things can be much simpler, but the twitter documentation is confusing. For a single case, we don't need to do all the Oauth authentication, simply register your app:

Then from your app control panel there is an option on the right "My Access Tokens". From there you will get access tokens to post status updates to your account, allowing us to bypass the handshake/login process. This was all rather confusing to me at first.

Since I need a more immediate solution, I am currently working on just implementing this library:

Like I said before, the only part of the twitter module i use is the twitter_set_status, so I am looking at making myself a new version of that one function.

Hopefully this is helpful to someone was I am trying to wrap my brain around this oauth stuff that seems much more complicated (and powerful) than what I want/need to do at this time.

I simply put the twitteroauth folder in my twitter module folder, define the 4 constants from the page and then do this to post my status message. It is working!

module_load_include('php', 'twitter', 'twitteroauth/twitteroauth');
$connection->post('statuses/update', array('status' => 'TEST'));

I know this is a quick and dirty hack, but some may need it.

scandi’s picture


pbull’s picture


greenSkin’s picture

Version: 6.x-2.x-dev » 6.x-3.x-dev
2.35 KB

Here's some work I've done to get OAuth to work with rules. I haven't actually tested this yet, but it still needs at least a little bit more work like the form error messages. This was against the 3.x-dev (2010-Jul-11).

davepoon’s picture


designerbrent’s picture

Glad to see some movement. This is critical to actually make this module usable now. Short of oAuth working, this module does nothing.

g.k’s picture


kenwest’s picture


kjholla’s picture

It is interesting to see so much discussion happening on this.

I recently upgraded my site to 6.x-3.0-beta2 from 6.x-2.6.

Initially, the twitter posts failed since even after upgrading the Twitter User accounts that had been setup previously continued to use only Basic Auth.

However, I got around this by following these steps:
1. Upgrade the code files from 6.x-2.6 to 6.x-3.0-beta2 and install OAuth 2.0 (OAuth 3.0 doesn't work with Twitter 6.x-3.0-beta2)
2. Run update.php -> this will basically update the database for the new version of the twitter module
3. Register your application with twitter
4. Setup Twitter Module on your website to use the registered Consumer Tokens
5. Login as the user whose twitter account has been setup
6. Go to My accounts -> Edit -> Twitter Accounts
7. Delete the pre-existing setup of your Twitter account (this will delete the twitter account but not the tweets)
8. Re-create the twitter account. This time, Twitter will ask you to authorize access for the application. Allow access here.
9. You should now be able to post to twitter using OAuth. Twitter should also show that the tweet has been made via your application name
10. Optionally, you could choose the apply the patches I listed in this thread to get your Global Tweets block working again

Hope this helps.

I agree that this process should be automated somehow, perhaps through the twitter admin setting as a one-time migration for all twitter accounts that were setup using the verison 2.6 of the module. Alternatively, each user could be prompted to upgrade his twitter settings at first login after the twitter module is updated so that the user can grant access to the new application to use OAuth.


heacu’s picture


tajabosc’s picture


KingMoore’s picture


Thanks for that detail. It is encouraging to know there is a solution using existing parts. What about a use case like I have, and I'm sure many others have as well:

- we have a website that automatically posts updates to one specific twitter account

- we have multiple users posting content to the site, and don't want them to have to "sign in" to a twitter account because... well we want it to always post to the website's twitter account and don't pass that login info around

I am using the "Access Tokens" strategy above, which bypasses the logging in to twitter step and always tweets to my one account, but I'm not sure how this would be accomplished using the parts available?

rizz23’s picture

suscribing to a solution and not a workaround...

Jerimee’s picture

I could use some clarification on this:

6. Go to My accounts -> Edit -> Twitter Accounts

I'm sorry where is that?

Update: oh I found it - like this

jeni_dc’s picture


As per my comment in #46, I got this working with Oauth 6.x-2.02 and Twitter 6.x-3.0-beta2.

As the site admin (user 1) add a twitter account and make it the global twitter account. Under the Twitter setup enable the node types you want to post to twitter. Give permission to the roles who are posting the items to use the global twitter account, but no other permissions.

Those nodes now have a "Post to" fieldset with the option to post to twitter which is ticked by default. Your users just have to leave that alone and when they post their node it will update the global twitter account you had specified.

EDIT: Oh yeah, you need to make sure you add your site as an app with your twitter account, and set up the callback, key and secrets on the twitter setup page

chezwel’s picture

Thanks for the info kjholla got it working.

Jerimee’s picture

Neither the twitter action nor the Oauth verification seems to work. Got stumped by these steps:

6. Go to My accounts -> Edit -> Twitter Accounts
7. Delete the pre-existing setup of your Twitter account (this will delete the twitter account but not the tweets)
8. Re-create the twitter account. This time, Twitter will ask you to authorize access for the application. Allow access here.

6. I can't seem to add a twitter account to user id 1
7. I don't have a pre-existing setup - I can't add a twitter account to being with
8. When I attempt to add a twitter account to user id 1 I get the twitter message asking me authorization - I hit allow and then... nothing happens - I still show no accounts at /user/1/edit/twitter - there is nothing there but the "Add account" button and it doesn't seem to do anything....

I'm using Twitter 6.x-3.0-beta2 and OAuth 6.x-2.02

jeni_dc’s picture

I just tried the patch in #53 against 3.x-dev and couldn't get it to post to twitter via a rule. When setting up the rule it no longer goes to a WSOD when saving, but the rule doesn't seem to have any effect.

chezwel’s picture


In your Twitter application settings make sure you have Application Type set to Browser and your callback URL should be

Also in the your Drupal Oauth settings be sure to set OAuth cryptography as HMAC-SHA1. The steps provided by kjholla #58 should work after that.

lammertsm’s picture

Using OAuth 6.x-2.02 and Twitter 6.x-3.0-beta2.

Works fine

jeni_dc’s picture

2.42 KB

Just went through the diff file from #53 and found a typo. Fixed the typo that was created in the twitter_actions.module file and tested it again and was able to successfully post to Twitter via a rule. So this may now fix other actions issues as well.

The typo that needed to be fixed was

$twitter_account = twitter_account_load($context['twitter_id']);

and should be:

$twitter_account = twitter_account_load($context['twitter_uid']);

I've attached the modified diff file with the typo fixed. As in #53 this was against 6.x-3.x-dev

mwetmore’s picture

Just wanted to drop a note and let you know the beta version of the Twitter module is working great for me with OAuth.

If you follow everything exactly like its outlined it should work fine.

bradjones1’s picture

Agreed - this doesn't require a patch. If you're used to where things were at with twitter's previous/traditional auth process, this can be a little confusing at first, but following the process at #64 will get this working without having to patch or hack.

jeni_dc’s picture

Just to make this clear: this DOES require a patch if you're using Rules/Actions

It DOES NOT require a patch if you're NOT using the actions portion of the module.

Either way, more testers of the patch would be great so we can keep all of the functionality of the module

mwetmore’s picture

Upon further testing though, it looks like the import could possibly be not working, anyone else have issues with that?

On another note, how do I remove the login with twitter link that now appears on my login block?

jeni_dc’s picture

mwetmore, what versions are you running? I just tried using a patched 6.x-3.x-dev with the patch from #70. I hadn't had importing set up, when I enabled it on the twitter settings, and the individual account settings in My Account > Edit > Twitter Accounts, then ran cron, it pulled in all the latest tweets from my account.

Also, this issue is already getting quite distracted, please open another issue or post in the forum for your second question.

mwetmore’s picture

Looks like 6.x-3.0-beta2, perhaps I should move to the 3.0 dev release?

jeni_dc’s picture

I'd give it a shot, but before doing that though is the "Import Twitter statuses" box ticked on the twitter setup page? Is the Import box ticked on the twitter account info page in your account settings? Then make sure you run cron.

mwetmore’s picture

Yeah, both of those are checked, even disabled and re-enabled them and then ran cron. Still not importing.

I'm gonna set out for a bit and then try the dev release to see if that has any impact to it...

mwetmore’s picture

Looks like it randomly started working, not sure what happened, but everything seems to be working fine now.

Also solved my other question, thanks for the help!

Rhino’s picture

I have exactly the case #61 KingMoore describes.

Great to see so much movement on this!

kjholla’s picture


Did you get this working? As @chezwel suggested in the thread, you need to check if you have registered your application correctly with twitter.

1. Make use of Twitter 6.x-3.0-beta2 with OAuth 2.02
2. You will need to go to first register your Website as an application with Twitter. The steps for doing this is available here.
3. When you register, make sure you provide the correct call back URL:
4. Once this is done, setup the twitter module on your website with the Consumer Key and Secret provided by Twitter.
5. Now, try adding your Twitter user onto the website as you have described. It should work.


kjholla’s picture


Thanks for that detail. It is encouraging to know there is a solution using existing parts. What about a use case like I have, and I'm sure many others have as well:

- we have a website that automatically posts updates to one specific twitter account

- we have multiple users posting content to the site, and don't want them to have to "sign in" to a twitter account because... well we want it to always post to the website's twitter account and don't pass that login info around

I am using the "Access Tokens" strategy above, which bypasses the logging in to twitter step and always tweets to my one account, but I'm not sure how this would be accomplished using the parts available?

I don't see any reason why this use case should be any different from what I have described.

What you are essentially talking about is a Global account at the website level and not user specific accounts. The twitter module supports both types of setup.

In case of Global accounts, the administrator of the website would have to setup the account and in case of user-specific accounts, each user would have to do it.

In the use-case you describe all that needs to be done is for the site-admin to go into the global twitter account, delete that account and set it up again using the mechanism that I described earlier.

I haven't tried it myself. However, I think it should work.


David Stosik’s picture

Following #58, and setting OAuth to HMAC-SHA1, I was not able to post to Twitter.. Wondering if I am doing something wrong...

Working now. My message was more than 140, but Twitter module does not throw any error at this time. I this there is a bug here. :)

kiwad’s picture


Cardo’s picture

Posting to Twitter from Drupal works like a charm using #58's directions. Using 6.x-3.0-beta2 is less buggier than the 6.x-2 implementation.

#83, and everyone interested, usually if your title or field posted into Twitter es longer than 140 characters (including added links or hashtags) the Twitter module won't show an error, but won't publish anything either. A good solution is to calculate the available space for the field, minus the tinyurl'ed link and any other suffix or prefix, from the 140 chars available, and use the MaxLength Module to control the input in a better way.

David Stosik’s picture

#85: the ideal will be to propagate the TwitterExceptions and two show the exception message (in my case, it clearly says "Tweet is more than 140 characters"), instead of "Successfully posted to Twitter". ;)
Oh, and I just realize my URL didn't get tinied this time...

tomcatuk’s picture


ArthurC’s picture

No success so far.

Until August 31, every time a new page was added to the website, a tweet would be posted to the website's companion Twitter. There was only a single user - the administrator - doing the posting. On September 1, as with everyone else, the Twitter postings failed.

I followed kjholla's "10 step program", and when creating a new page now, am told that it posted successfully to Twitter. But the tweet isn't there. Where could it have gone?

On the Twitter side, the configuration is now for "browser", "Read & Write", and "Yes, use Twitter for login", and the callback is to "". I've also tried "Read-only" and not using Twitter for login.

On the Drupal side, I've done everything as kjholla directs. At least, I'm pretty sure I did.

check 1. Upgrade the code files from 6.x-2.6 to 6.x-3.0-beta2 and install OAuth 2.0
check 2. Run update.php
check 3. Register your application with twitter
check 4. Setup Twitter Module on your website to use the registered Consumer Tokens
check 5. Login as the user whose twitter account has been setup [the administrator]
check 6. Go to My accounts -> Edit -> Twitter Accounts
check 7. Delete the pre-existing setup of your Twitter account
check 8. Re-create the twitter account.
check 9. You should now be able to post to twitter using OAuth. ["Successfully posted to Twitter"]
This is not happening >> Twitter should also show that the tweet has been made via your application name

OAuth is set to HMAC-SHA1

I know I'm really close, just don't know what to do next. Any help gratefully received.

walwyn’s picture

Same problem as ArthurC #88 above.

Actually if I create a new twitter account then posts do show up. The problem maybe that I didn't get the option to delete the old twitter connection. I think I'd set it up as an shared admin posting account.

hagzag’s picture

I think If someone could post a Twitter setup screen shot ( that will shed some light on things I guess the issue has something to do with the callback url setup - please advise.

xurizaemon’s picture

@hagzag, as per #68 I think you just need to set the callback URL to - that should be the only setting Drupal needs you to get "right". You *probably* want App Type = "browser" as well.

kjholla’s picture

@ArthurC, when you re-created the twitter account, did it take you to the twitter website and ask you to allow access?

Can you go into your twitter account on and confirm that your website (the application that you registered on twitter) has access to your account?


tryitonce’s picture

with the Callback URL: (copied from the twitter config page) all I get is an error telling me Not a valid URL format

plus a message on top:

You might be wanting to put a custom protocol in your callback url.
Please leave this field blank and email us at with your desired callback url and this application's consumer key and we'll add it for you. 

Why would that be?

I can also see a problem with multi-lingual sites:
the twitter config page (in my case suggest to use Callback URL with /en/ -

Further down I will post all the required settings in twitter and hope someone could enlighten us what to put where - thanks ....

tryitonce’s picture

Here is a list of things to fill in on twitter to create a new apps.
Only after filling this in correctly will we get the keys - obviously -
But what is what? This might help the less experienced here - thanks:

Application Icon:
Application Name: 	
Application Website: 
Application Type: 	Client Browser
Callback URL:
Default Access type: 	Read & Write Read-only
Use Twitter for login: 	Yes, use Twitter for login 

I attach a screenshot - blank - maybe some can post a correctly filled in one.

kjholla’s picture

I have the following setup as part of my application:

Application Name:
Application Type: Browser
Callback URL:
Default Access Type: Read & Write
Use Twitter for Login: No (Unchecked)

I am not too sure why you should get a Not a valid URL format message. Did you try registering the application AFTER you upgraded the Twitter module and installed the OAuth Module on your website?


tryitonce’s picture

Thanks kjholla,

yes, I did a fresh installation of Twitter and Oauth in the combination you suggested.

Then I went to twitter and set-up the application.

I just noticed that with Twitter module 6.x-3.0-beta2 I am not getting the option to unselect on the Content Types I defined to post to twitter under - has that option diappeared or is there something missing on my site?

I will change "Use Twitter for Login: No (Unchecked)" to "No".

When I changed the Use Twitter for Login: No (Unchecked) - I noticed that the Application Type: reverts to Client without the URL.
That obviously doesn't work.

When I changed Application Type: to Browser and tried to enter the Callback URL as or - I cannot save and I get the message that the app could be save and I needed to review the app data entered - with the message mentined above:

You might be wanting to put a custom protocol in your callback url.
Please leave this field blank and email us at with your desired callback url and this application's consumer key and we'll add it for you. 

I did send the email - but no effect.

So, still a long way from twittering again.

kjholla’s picture

I believe twitter module 6.x-3.0-beta2 adds two additional sub-modules: Twitter Post and Twitter Sign-In.

Ensure that you have enabled the sub-module Twitter Post.

Once you have done that, you should be able to select the content types under


tryitonce’s picture

I did and selected the Content Types.

My question on this is: "Is there an override option on the Content Type nodes when you create them - to allow or to un-click Twitter posting?"

In my set-up I can't see this override option that was there previously. If it should be there, then something is wrong in my set-up of twitter.

The other problem I have is the Callback URL - that twitter is not accepting. Multi-lingual problem? or what else could it be?

Thanks ...

tryitonce’s picture

One more thing:

When I go to My Account - Twitter accounts -

I have an Add account button and when I hit it I get to Twitter and have the option to Allow or Deny access. When I allow access I get a PIN number and the advice to go back to my app and enter it. But nothing is there when I go back to the account - nowhere to enter the pin and no account created. I guess this is because I cannot use the Callback URL option in twitter ????????

Summit’s picture

Hi, thanks for directions Oath 2 and Twitter 3-beta2 did the job!
You need to make a new application in twitter to get it working.
greetings, Martijn

kjholla’s picture

That is strange.

I have setup two applications on Twitter with Application Type as Browser and Use Twitter for Login unchecked. I don't think the two need to be connected.

Just to be sure, I registered one more application just now with Application Type as Browser and it went through just fine.

Can you tell me exactly what you are putting in while registering the application? A screenshot perhaps with the values entered?


ArthurC’s picture

@kjholla, yes, it did take me to twitter as you describe in #92.

I don't understand how to confirm that my application/website has access - unless by this you mean that I have entered the details correctly, which I have. I am set up just as you describe in #95 (though I don't get the "not valid URL" message that tryitonce describes in #93).

It would be great if there were "ping" function for testing, wouldn't it?

The Twitter Post submodule is definitely on (re #97) - otherwise we couldn't select node types for the Twitter functions.

Thanks so far, AC

kjholla’s picture

@ArthurC, I re-read your earlier posts and saw that you were getting the "Successfully posted to twitter" message. See which talks about this message coming up even when genuine errors are encountered. Perhaps the next version of the Twitter Module will fix this bug.

To check if your application has access to your twitter account

1. Go to -> Login -> Settings -> Connections
2. On the Connections page, you should see your website as an application and it should have Read and Write access
3. You can also go into your Website database and check the twitter_account table. If you see your twitter Screen Name and password in this table, then your setup is not using OAuth and possibly won't work. What you should see is the Screen Name, OAuth Token and OAuth Token Secret; the password should be NULL.


tryitonce’s picture

Sorry to be boring - but could I resubmit the question from #98 regarding what I should see on the node page for a Content Type that has been clicked to be posted to twitter:

My question on this is: "Is there an override option on the Content Type nodes when you create them - (default checked) allowing the user to override the posting to Twitter per node?"

This might help me to work on the twitter set-up on my site.

Thanks for all the great help - I guess I should try implementation on another site to see if the same problems are coming up there as well.

walwyn’s picture

OK as said yesterday I have the same problem as ArthurC. I have two accounts which have authorized with the app I set up on twitter. One of the accounts is an Admin account the other is a just an Authorized user account. The twitter_account table is similar for both users.

Call the twitter account that created the app TA. The admin account has been setup to tweet to the TA account. The regular user account is set up to tweet to a different account. Both accounts get a "Successfully posted to twitter" message when posting a blog entry. Only the regular user has the tweet turn up on twitter. Now if I change the Admin account to post to a different twitter account from the TA account then the posts show up in the different twitter account.

It seems that you can't tweet out to the account that was used to set up the app.

I've sorted things at my end by creating a dummy twitter account simply to register the app. Now every thing is working fine.


designerbrent’s picture

Title: Authenticate Twitter API via oAuth instead of Basic Auth » Authenticate Twitter_Actions.module via oAuth instead of Basic Auth
Status: Needs work » Reviewed & tested by the community

After testing this on several sites, it seem to be working fine with the 6.x-3.x line (both dev and beta2). The only thing that I have found to be missing is the integration with oAuth for the twitter_actions portion of the module. The patch is #70 seems to work great for the twitter_actions integration. I have tested it multiple times on both upgraded sites as well as new installs. Below are the basic steps to get both basic integration working as well as the twitter_actions with Rules working.

Steps to Get Twitter.module working with Rules:

Required Modules:

Take the following steps:

  1. Install a few modules: To start with, install the following modules:

    • oAuth
    • Twitter
    • Twitter Post
    • For using Rules (optional)
      • Twitter actions
      • Token
      • Rules
      • Rules Administration UI
  2. OAuth settings: Visit the oAuth setting page (admin/settings/oauth) and under OAuth cryptography select “RSA-SHA1” and click “Save configuration”.

  3. Register with Twitter: On the Twitter settings page (admin/settings/twitter) you now need to register your application with Twitter (

    • Application Name: a simple name to identify what you are doing.
    • Description: Minimum of 10 characters is required.
    • Application website: The URL of the website your are registering.
    • Organization: Your organization name.
    • Website: Your homepage URL.
    • Application Type: Browser
    • Callback URL: This is provided by the Twitter module (admin/settings/twitter) http://{your_url}/twitter/oauth
    • Default Access type: Read & Write
  4. Secrets: Once the application has been registered, Twitter will provide you with the Consumer key and Consumer secret. Enter those on the Twitter module settings page back on your site (admin/settings/twitter) and click “Save configuration”.

  5. Post to Twitter (Optional): If you wanting an option to post to Twitter when you add new content to your site, click the “Post” tab and select the node types you want it to show on as well as set the default format of the post.

  6. Setup your account: This next step is critical. Edit your account page and select the sub-tab of “Twitter accounts” (user//edit/twitter) and click “Add account”. This will take you to the page to authorize and allow access to your account.

    • If you want to use the “Post to Twitter” form at the bottom of the new node’s you can make this account global to the site by clicking “make global”. This will not effect the rules module.
  7. Time to add a rule (Optional: Rules integration): Go to the “Add a new rule” page (admin/rules/trigger/add), set the name, and set the Event for “After saving new content”. On the next page, add and action of “Post a message to Twitter”. On the setting page, enter the Twitter account name that you authorized in step 6. Enter the message that you want to tweet. If you installed the Token module you will be able to add tokens like “Node Title”.

  8. Watch it work! Now all you need to do is create a new node and it will post a message to the Twitter account you specified.

designerbrent’s picture

For those having problems registering the callback url with Twitter: Twitter does not remove any white space before submitting the form. Make sure there are no trailing spaces in the URL field. I just ran into that with a submission.

ArthurC’s picture

@kjholla - it's great that you are willing to work through this with me, but I quite understand if you have to get back to your own life.

To check if your application has access to your twitter account

check 1. Go to -> Login -> Settings -> Connections

check 2. On the Connections page, you should see your website as an application and it should have Read and Write access
[AHA - it says it has "read-only access", even though the apps configuration is Read & Write]

check 3. You can also go into your Website database and check the twitter_account table. If you see your twitter Screen Name and password in this table, then your setup is not using OAuth and possibly won't work. What you should see is the Screen Name, OAuth Token and OAuth Token Secret; the password should be NULL.
[Screen Name, OAuth Token and OAuth Token Secret; Password are all correct, with the password set to NULL.]

@designerbrent (and all) - in #106 you say OAuth should be RSA_SHA1. Others in this thread say it should be HMAC-SHA1. Twitter says HMAC-SHA1 - how can we argue with that?

Thanks, AC

Thomasr976’s picture


modctek’s picture


nirad’s picture

Status: Reviewed & tested by the community » Needs work

Using Twitter 3.0-beta2 and oAuth 2.02, I've tried the steps suggested in #58 and #106 several times. Each time I try to setup the Twitter account for user #1, I get a WSOD from the callback URL and the error message "Invalid Twitter OAuth request." (Just as in this bug report: I have tried both HMAC-SHA1 and RSA-SHA1. I have tried resetting the keys. I checked the database and both the "twitter" and "twitter_account" tables are empty.

The only issues I can think of:
1) The twitter account I am trying to connect is the same account as the one that created the application.
2) This application is not new. It was originally created for a different purpose quite a while back(I was trying out the Gigya Socialize module). But I don't see why that would matter. I did try resetting the tokens.
3) Some other module is interfering with the Callback URL. Pathauto?

kjholla’s picture

@ArthurC, not a problem. Glad to be able to help the community from which I have received so much.

You definitely need Read & Write access on your Twitter Application. Otherwise, Twitter will not allow the application to write (post) to your account.

You could try changing that and retrying?

As for the authentication, I just went with what was provided in this page and it worked fine for me.


kjholla’s picture

@tryitonce, the answer to your question is Yes.

Yes, there should be an option to override the default selection when you create content.

1. Make sure you have enabled the Twitter, Twitter Post and Twitter Actions modules

2. Select the content types which should have the option to Tweet when a node of that type is created under

3. You should now see a "Post to Twitter" block when creating any node of the selected types. Here, you can choose to override the default option and uncheck the checkbox to prevent a tweet being posted

4. However, if you have chosen not to include a particular content type under, then this override option will not be provided for those content types


kjholla’s picture


1. There should not be a problem using the same account for tweeting as that that created the application. I have created applications using a twitter account and then am tweeting using the same account without problems.

2. More than the application being old, I believe the application could be incorrectly configured. Please ensure that you have put in the correct Consumer Key and Consumer Secret into

3. I am using Pathauto with Twitter and have seen no interference.

You said your Twitter and Twitter_Account tables are empty. This means you haven't setup any accounts to work with Twitter. Please can you try putting in the correct Consumer Key and Consumer Secret (as per #2 above) and then setup a Twitter account? When you try adding a Twitter account, Twitter should prompt you to provide access to your application.


ArthurC’s picture

The website I have been working on can live without Twitter, but I have more urgent things to do with my time. I have removed the OAuth and Twitter modules and will come back to this at another time.

Thanks especially to kjholla, and everyone else who pitched in on this thread.


kjholla’s picture


I honestly don't believe there is any issue in using the same account to tweet as the one that was used to create the application.

I have used my twitter account to create the application and am now using the same twitter account to post my messages.


walwyn’s picture


All I can say is what eventually worked. I'd setup two accounts one the updates were getting posted to twitter, the other they weren't. So I'm fairly sure that I had the twitter side set up correctly or neither would be posting. I'd deleted all the twitter files from the website and reuploaded the new version, uninstalled and reinstalled the twitter module just in case there was anything left from the previous version in the database, cleared the site caches just in case. The database entries looked OK for both accounts. When I used a different twitter account for the application both accounts started posting correctly.

coloryan’s picture

@designerbrent post 106 - great post, it worked like a charm and got my sites back to Tweeting! Also, I'm using [RSA-SHA1]

erahbee’s picture


Thanks for all the input here.
I have folowed what has been said in post #58 and #81

The problem I have is when I want to go to the My Account for the admin user. I get the following error message:
Fatal error: Cannot redeclare class OAuthException in /home/erahbee/public_html/sites/all/modules/oauth/oauth.lib.php on line 17

When I deactive the oauth module, I can access My Account.

Any suggestions how to solve this are welcome. Especially those fsuggestions that can be followed by a non-techie.

I am using the Gigya module on the site to allow users to log in via different social networks amongst others twitter.
Even after I disconnected the Admin user from the different social network connections, I kept getting this error message.
I haven't deactived the Gigya module yet and would prefer not to do that since it is some work to set it up again.

As said, suggestions welcome.

erahbee’s picture

Following on post #119. Since then I have to no avail:
- Cleared Cache
- Uninstalled Twitter and Oauth
- Reinstalled both
- Update.php
- Checked all settings in Drupal and Twitter

No success. What's next?

kjholla’s picture


Can't really comment on whether or not the other modules are interfering with your setup.

Perhaps you can setup a test site with only the OAuth and Twitter modules installed? If that works, then you know for sure that it is one of your other modules that is causing issues for you.


erahbee’s picture


I have managed to get the whole set up working on another site where I did not use Gigya and where I did not post from Drupal to twitter before. So that is OK. Thanks kjholla for all explanations here.

For the site talked about above where I had the problems, I did the following: by pass the user/1 view (that is where I got the error message) and went straight to user/1/edit/twitter
That worked. I could get the twitter account authorized. All fine. Only problem is still that when going to My Account user/1 I get this fatal error:

Fatal error: Cannot redeclare class OAuthException in /home/erahbee/public_html/sites/all/modules/oauth/oauth.lib.php on line 17

Anybody any idea where I should start to look for a solution for this?

tryitonce’s picture

Status: Needs review » Needs work

.... thanks to all and especially kjholla (#113)

I got it cracked - at least partially - for user1.

All the advice here helped me - thanks - great community - but in my case the crack was surprising. I went through the process on another site successfully (user1 so far).
When I compared the difference between the two sites I found that the problematic site did not have the messaging module - Messaging 6.x-2.2 - activated. When I reloaded / activated it the problem was resolved. No - seems not to make a difference after all.

My earlier reported Callback URL problem was also connected to this - as soon as I had Messaging 6.x-2.2 active it worked. Looks unlikely now - seems to have been resolved through going through full reinstallation of Twitter. But tthe following was a problem at one point along the way:
And I confirm that you have to be careful when you copy it from - - make sure there are no white spaces, etc. - if it doesn't work when you copy it - type it from scratch.

With all of this going I have the twitter block in the node of the enabled ones under "Post" -

Finally - I used the suggested multi-lingual Callback URL path from and it worked fine.

Next step - but not so urgent the setting up of the per user access to their individual twitter accounts - obviously you have to make it available for them on a role based under permissions first - more later when ready ....

Thanks again and another encouraging experience how the community can resolve things quickly - just great!!!!!!

ahhh - still need to get my LinkedIn integration back up and running - probably along the same lines ....

designerbrent’s picture

@AuthurC - I found the reference to RSA_SHA1 on this post: I haven't tried it any other way but it is working well for me now on 3 different sites.

JimSmith’s picture

Status: Needs review » Needs work

The configuration described in @designerbrent's comment #106 only clears up errors. It does not allow a triggered action using Twitter to authenticate with the Twitter account.

greggles’s picture

Status: Needs work » Needs review


It seems that the patch here is helpful for a lot of the cases and the issue has grown long and hard to understand. My suggestion is that these patches get committed and then followup issues could fix any rough edges.

JimSmith’s picture

Status: Needs work » Needs review

UPDATE to #125:

I updated from 6.x-3.0-beta2 to 6.x-3.x-dev and applied the patch again. This time my triggered rule validated the Twitter account password and correctly posted to Twitter.

tryitonce’s picture

.... I need LinkedIn and Twitter module for some websites. Both need Aouth module.

One site works perfect and got me on the track to make sure that the LinkedIn module is installed first - then Twitter.

Another site showed that if you don't follow this sequence a particular error gives you a white screen with this:
Fatal error: Cannot use object of type TwitterUser as array in ......\sites\all\modules\messaging\messaging_twitter\messaging_twitter.module on line 58

- see


Well - it didn't work - it just came back - investigating and back through the process - what a drag.


humanoid’s picture

Status: Needs work » Needs review


rizz23’s picture

Thanks everybody who contributed, Your help was unbelievably good for me, I have the twitter module working again.

TomChiverton’s picture


The Twitter module is dead unless it implements OAuth, which Twitter now requires. This should be committed and released ASAP.

kirkcaraway’s picture


TomChiverton’s picture

Despite installing the OAuth module (v6.x-3.0-beta2), and enabling all three parts of it, I still don't see where to enter the Consumer key etc. ?

/admin/settings/oauth has some stuff to do with Contexts, but creating one didn't help.

TomChiverton’s picture

Forgot to say, this is twitter-6.x-3.0-beta2.tar.gz, and /admin/settings/twitter is silent on the Consumer key matter too. I'm trying to follow the instructions from #106 - should I need to patch the twitter module (still) or something ?

ezra-g’s picture

5.23 KB

I found that the patch in #70 needed some additional fixes, specifically:

- The module_exists() checks on OAuth in _twitter_use_oauth() and twitter_admin_form() were incorrect because we were checking for the wrong machine name for oauth -- we want oauth_common -- not just oauth. One effect of this was the missing form elements for configuring Twitter OAuth information that folks mentioned above.
- The included twitter.api.php needed an update to use OAuth correctly
- OAuth needs a patch to not WSOD that I provided at #899506: Missing class in oauth_common_autoload_info()

I agree with greggles' point in #126 that this thread has become difficult to follow and that it would be great to commit this and start new issues for places where the OAuth functionality may be rough around the edges.

tryitonce’s picture

#106 refers to:

# twitter - 3.0-beta2
# oAuth - 2.02

the keys have to be entered into Twitter - not Oauth.

Augusto Ellacuriaga’s picture


jpromeo’s picture

I followed the directions in post #106 to get the Twitter announcements working. There was small user issue that I ran into however--the first time I created the application on Twitter, I did not set it as 'read/write'. Even after making the change to the app, the announcements were not posting to Twitter. I deleted the app and re-created with 'read/write' permissions and it is working perfectly now.

marshallbu’s picture


elvis2’s picture


alain-it’s picture

Please pay attention when you create your Twitter application. It has to be READ/WRITE. The default is Read Only, and there is no way to change that after you have made a mistake.

In facts, after applying #106 (and #70) I was still unable to see my triggered rules based tweets coming out. Then I noticed #138 and I realized that I had made the same mistake: my application was Read Only instead than Read/Write.

Initially I tried to update the application properties, but no luck. Apparently there is a bug in twitter because even after changing the type to Read/Write, generating new keys and reconnecting the application I still saw the following: 'TwitterException' with message 'Read-only application cannot POST'

Just like in #138 I had to erase the application and make it from scratch and after that everything worked just fine.

Two things I need to point out:

1) This module really needs to clearly sort the oAuth problem out otherwise it becomes completely useless. This thread is a guaranteed headache
2) The issue on #103 need to be addressed. There is no sense in having a message that says "Successfully posted to twitter" when instead there was an error

Cyberwolf’s picture

I can confirm that the patch from #70 (twitter_actions_2.diff) seems to fix the issue with the action "Post a message to twitter". Instead of having to enter a username and password, only a username needs to be entered now. And when the action gets executed the message gets correctly tweeted. Thanks a lot!

A new release with the patch incorporated is urgently needed, as the twitter actions module from the latest dev version is missing the recently required Twitter oAuth authorization.

TomChiverton’s picture

Right, cheers, I had to install
and activate in module seetings,
and apply the 404470-twitter-oauth.patch,
before the options appears in the twitter module settings.

/user/N/edit/twitter appears to already have me registered. On a whim I deleted it, and now the URL is WSOD after pressing add.
The error log says:
PHP Fatal error: Uncaught exception 'Exception' with message 'None of the suggested hash algorithms (SHA1) were supported by the server. Try one of the following: md2, md4, md5, sha1, sha224, sha256, sha384, sha512, ripemd128, ripemd160, ripemd256, ripemd320, whirlpool, tiger128,3, tiger160,3, tiger192,3, tiger128,4, tiger160,4, tiger192,4, snefru, snefru256, gost, adler32, crc32, crc32b, salsa10, salsa20, haval128,3, haval160,3, haval192,3, haval224,3, haval256,3, haval128,4, haval160,4, haval192,4, haval224,4, haval256,4, haval128,5, haval160,5, haval192,5, haval224,5, haval256,5.' in /home/drupal/modules/oauth_common/includes/, referer:

As soon as I activated oauth_common, the option for choosing the correct hash function in /admin/settings/oauth vanishes. But as per the patch, without it the options don't show on the main Twitter config page ! Argh !
What's got crossed over now ?

I tried enabling the oauth module, setting it's option, then enabling the oauth_common module but we're back to the WSOD with the not supported error.
I'm gussing there is an option in oauth_common that needs altering somewhere, but there doesn't appear to be a GUI for it...

TomChiverton’s picture

$this->signature_method = new OAuthSignatureMethod_HMAC('SHA1');
should be
$this->signature_method = new OAuthSignatureMethod_HMAC('sha1');

in twitter/twitter.lib.php line 281

Add button now takes my to Twitter and back again. adding a new blog article posts it to Twitter.

IM*V*HO this should all be commited at this point and a formal (dev) release made.

Things like the warning box at the top of /admin/ can be addressed later.

ezra-g’s picture

@TomChiverton, Can you explain why you think that change is necessary? In my testing, it works with SHA1 (uppercase), and that's also also the usage mentioned at #899506: Missing class in oauth_common_autoload_info().

asb’s picture


TomChiverton’s picture

#145 see #143 Maybe you have slightly different versions.

ezra-g’s picture

I was using the latest dev of OAuth, so uppercase is correct.

mandclu’s picture

My site had its ability to post tweets broken by the switch to OAuth. Following the instructions in 58 and 68 helping me to get them working again.

+1 for an updated release that works with OAuth

+1 for a new release that works with OAuth 3.x

coloryan’s picture

@jns/#125 - I'm using an hourly cron/actions to post on two seperate sites with designerbrent's comment and it works with no issue.

voxpelli’s picture

@ezra-g and #135 - the new OAuth 3.x version is not a drop in replacement for the old one - it is a major rewrite that previously was to be found as the OAuth Common module here on

Your fixes are as far as I can see not sufficient to support the new version. I think this issue's focus should be to get Twitter working with OAuth 2.x and then in the future we can replace that with proper 3.x support.

voxpelli’s picture

Title: Authenticate Twitter_Actions.module via oAuth instead of Basic Auth » Authenticate Twitter_Actions.module via OAuth.module 2.x instead of Basic Auth

Updating the title to reflect the main focus of this issue. It's the right direction to get a quick fix for this issue, since most of the work for OAuth 2.x has already been done. It would most likely require much more work than this to get proper support for OAuth 3.x due to it being an entirely new module.

ezra-g’s picture

@voxpelli Could you clarify why would we want to authenticate using Oauth 2.x when 3.x is the latest release of the module by almost a year? In my testing with the patch from 135, Twitter works with 3.x.

ezra-g’s picture

voxpelli and I discussed this in IRC and he clarified that:

- The 2.x and 3.x versions of the OAuth module *and its API implementations* are not compatible
- The Twitter module already implements the 2.x version of the API in other places, so we should fix the present issue in a 2.x compatible way
- The patch I wrote in #135 is for 3.x -- we want the Twitter module and submodules to implement the same version of the OAuth module's API.

We also added text to the OAuth project page to help further clarify the difference between versions.

So, it seems like #70 is the patch to test *with Oauth 2.x*. I hope to do that sometime this week.

In future versions of Twitter, we would update all API implementations to use OAuth 3.x.

Marko B’s picture

Confirming that #106 works well, great tutorial. Eveyone should explain things like that, nothing is missing everything is rather clear and explaind. thanx man

(didnt use actions part)

kuanjian’s picture

I'm following the instructions given on #106 but the link, does not exist.

manmanee’s picture

step 7 : I have ploblem when i insert twitter accout and password
massage say Twitter authentication failed. Please check your account name and try again.


tryitonce’s picture

... from the error message it looks like you have a typing mistake in the Twitter name you are using. Make sure there are no white spaces before or after - happens sometimes when you cut/copy and paste.
Twitter only uses underscores "_ " not hyphens "-".
Did you remove you old twitter account settings in you site and create a new one?

I hope it helps - if you figure it out - report back - thanks....

cybermache’s picture

I think the link is suppose to be this instead.
originally attached @ #70

manmanee’s picture

#106 and #159

thank you, it's great work.

kuanjian’s picture

@christophoffman. Thank you so much. It's works!

chx’s picture

Stopgap: ?source=twitterandroid

hixster’s picture


hixster’s picture

Am I misunderstanding anything or does this mean if I want to post anything to twitter via Drupal using this new authentication method I have to register an Application with Twitter?

Does this preclude me from setting up posts to twitter whilst developing a site on a test server that doesn't have a public facing URL?
Seems like a real hassle to have to setup an Application, although i understand that is the new way of doing things with OAuth for the moment..

Nevermind, followed #106 and all seems to be working fine, thanks for the post!

hixster’s picture

Actually, all set up except no tweets are imported. Would this be because i'm using a test server with no public url?

Doh! Forgot run cron.php - it's been a long day :-)

ndenhild’s picture

Thanks, works great!!

puregin’s picture

The patch in #70 works beautifully to restore the "Post to Twitter" capability. Thanks @designerbrent for the detailed instructions at #106.

thinkpadius’s picture

5.26 KB

The patch works, for those who can't patch for whatever reason, here is a patched version (I can't guarantee it will like you, but hey) change the ending to .module once you've downloaded it.

Also: how do I disable "Sign in with Twitter" ?

Right now any user who clicks that button ends up logging in under my site account (yes its global, but it means I can't distinguish between users). very unsafe too!


Okay I just answered my own question; I simply eliminated the "sign in" folder from the twitter module folder. problem solved for now. it felt a little dirty to do it that way rather than clicking a "disable" button or something. but nothing a shower won't fix.

jshamley’s picture

I followed the directions above and had this module working flawlessly...but sometime around the 15th of September it just stopped posting to twitter. I get a 'Successfully posted to Twitter' message, but nothing is making it to twitter. any thoughts on that?

jboeger’s picture


markdavidzahn’s picture


You are my new hero... that worked great! Twitter actions finally works for me again. Question though... when setting up an action, it asks me for a username but not a password. Is this supposed to be like that?

TCRobbert’s picture


Passwords have become obsolete with OAuth.

greenSkin’s picture

@markzahn You can't simply put in a twitter username in the action configuration. The username needs to first be tied to a Drupal user. Ultimately the action needs the twitter user ID, it requests the username instead as it is easier for the end user to remember, then looks up the ID locally on submit and saves that. Perhaps instead we should provide a select input that lists all the available twitter users already tied to Drupal users, then the end users simply selects the appropriate account.

markdavidzahn’s picture

The username I used in my rule was the one I have set up as the global account, so I figured it somehow got the login that way. Just a bit odd to me to see the password field suddenly disappear when it used to be there. I'd be for making the rule/action a selectable list though. I'm just glad I finally got Twitter working again!

greenSkin’s picture

The password was used when Twitter aloud authenticating with a username/password. Now Twitter requires only Oauth so a password is no longer relevant.

mwidner’s picture

So, I've tried all the steps listed in #106. I can get to the "Add Account" part when editing my user profile, then it fails. Rather than creating an oauth token, here's the url it attempts to go to:

I have my key and secret saved in the Twitter settings. I've also uninstalled and reinstalled the modules multiple times, trying both beta2 and 3.x-dev versions of Twitter. I'm using OAuth-2.02.

Any suggestions? Thanks.

thinkpadius’s picture


Glad you got it working!

Cranberry’s picture


internetman’s picture

Are we seriously still working on this??? Drupal's main Twitter module is screwed and the main dev has all but abandoned it. It would be fine if this module wasn't such a huge, integral part to Drupal. Why isn't anyone taking official commits?

ayalsule’s picture


Summit’s picture

Hi Twitter module is not screwed, the update has mostly to do with more strict security demands on the twitter side. First you could use twitter with one customer key over more sites, in my case I have to dowload oath 2.0 and twitter 3.beta2 to be able to add the twitter customer key and question. And get it working again.

It is more a new process than code enhancements in my point of view, would be great to have the working information of this thread placed on the project page of twitter.

Greetings, Martijn

chrisshattuck’s picture

#106 worked for me, thanks Brent!

dddave’s picture

Status: Needs review » Reviewed & tested by the community

If only somebody could roll a new release... *sigh*

Rhino’s picture

I was following #106 to a T, but couldn't add a callback URL when I created the "app" on twitter, instead twitter asked me to email. Their email reply states;

The OAuth standard allows you to dynamically define your callback URL in the request_token step of the OAuth handshake. Instead of registering a custom callback with your application settings, please send the oauth_callback parameter when you request /oauth/request_token . Your desired callback URL will work correctly when used this way. For more information, please see .

just FYI.

rodrigodm’s picture

with #106 works perfect


with twitter_action.diff copied in the folder, !!!! RUN UPDATES !!!!!! and works perfect!!

sinasalek’s picture


alit’s picture

#106 works for me too

Valkyri9’s picture

Thank you @kjholla - your steps on #58 were very helpful. Because certain things were a little unclear I added a howto on my website with screenshots to make things a little easier for other people in the same boat.

anyr’s picture


jcamfield’s picture

Thanks for the amazing community efforts at getting this working! Still toying around with getting Triggers->Actions back alive based on #70 and #160, but the core functionality seems to be working!

Rhino’s picture

I've run into some troubles here. Following #106 & #188 nicely screendumped instructions I do get twitter working and several users have connected to twitter. I've made the account of my choosing global, and that says it's fine.
--- every time anyone posts something, it says "successfully posted to twitter", when it in fact, it is not. Deleting and re-adding the global account makes no difference. No posts end up on twitter. However the module imports everyones twitter-comments very well, so I'm halfway there.
-- Sign in with twitter fails. I am getting this response even when I try and edit a users page (as admin) as well. Not sure where it comes from as there is no note in the logs of what happens here. (and the site is not offline, for some reason, this request can not be executed in the database). Tips on how to troubleshoot appreciated.

This was all due to a module conflict with a badly configured (read non working) phplist module and has nothing to do with the twitter module.

Rhino’s picture

Signing in with twitter via the /login page produces the same bad / access denied message spoken about in the Openid thread here: logging in from user/login shows "Access denied" after login

Only happens when logging in from user/login

redrider’s picture


redrider’s picture

There is something in the Twitter_login module gives me the WSOD when I enable it - any ideas?

sinasalek’s picture

I successfully enabled twitter integration by following the instruction in #188 however i failed to do it on another site. I think there some conflicts with OAuth module and some other modules.

redrider’s picture

I have it almost working now but when I go to my account/edit/add a new account, it takes me to the twitter deny/allow page and when I click allow I get this message:

"You don't have permission to access /sites/all/modules/oauth/ on this server."

It is soo very close, what am I doing wrong?

coderintherye’s picture

Excellent work in #188, made life much simpler, thanks. Hopefully we can get all this setup more smoothly within the modules now.

redrider’s picture

I have removed all modules dealing with twitter from my website - hopefully someday, a module will be developed that will work.

cybermache’s picture

@redrider, I have had my twitter module up and running for some time now without incident thanks to the direction supplied in this feed. Let me ask you some questions to try and help problem solve your issue.

Which version of Oauth module are you using? Are the permissions (r-w-x) of that folder and the files within, set to what they need to be to work on your server and with Drupal? (ftp loaders can sometimes not alter folders and files to your permission preference) Did you set Drupal Oauth permissions for your user account? Were there any error messages on your drupal log when this permissions refusal occurred or were you getting this error from twitter? If it was from twitter I'd run through the 'set up an app' instructions and make sure you didn't miss anything.

One other thing I've tried, when things should work but one module doesn't - I delete the folder completely on my server and do a fresh install. On the slim chance there are old Oauth files that should no longer exist, this should get rid of them.

jhuon’s picture


mlaw’s picture

#188 works great.

redrider’s picture

I have tried both versions of oauth and both versions of the Twitter module.

The permissions on the directory, are set to 777 and done as super user on puddy, although there are no files in that directory.

I got no errors until I went to my account/edit/twitter/add, at this point, I got a server error "You don't have permission to access /sites/all/modules/oauth/ on this server."

This led me to think something should be in the /twitter directory but there is nothing in this thread to support that.

I have deleted and re uploaded these modules multiple times - all to no avail.

Also, after about the third or fourth "patch", I lost track of it all and became frustrated - I then deleted everything to do with twitter

cybermache’s picture


Under site/all/modules/twitter the file list should be as follows

twitter_actions (folder)
twitter_post (folder)
twitter_signin (folder)

If there is nothing in your directory then there may be something wrong with your initial download or how you are uploading your files to your server? Also I wouldn't have any files or folders on my server with permissions 777, 775 maybe but I would be nervous about allowing Others to have writable permissions to my internal files. What permission do you have set for the Oauth directory and which creator value does it have? There is only one patch as far as I know and it can be found here

Hope this is of some help.

redrider’s picture

ok, What may help me is:

Which ver of Twitter module do I use?
Which ver of Oauth module do I use?
Where exactly does the "twitter_actions.module" go?
What should be in the directory www.mysite/twitter?

Yes, I know these are very basic questions, and I have read all the threads, BUT, I no longer know the status of the modules being developed.

karensmallwood’s picture


Here is a process that helped me:

1. Put your site into maintenance mode

2. Switch off both the Twitter and OAuth module (if used)

3. Uninstall / Delete these modules

4. Download the 3x version of the Twitter module (dev) - to folder

5. Apply the patch from #5 on this post (see presentation link below if unsure about patching - it has a link to the patched module or see this post -

6. Download the 2x version of OAuth - to folder

7. Upload and enable both modules

8. Run Updates - /update.php

9. Clear Caches

10. Take your site out of maintenance mode

11. Go to admin/settings/oauth and change the OAuth cryptography to HMAC-SHA1

12. In a new tab sign into Twitter and navigate to -

13. Complete the fields in your new application - make sure your app is set to "read and write" - get the call back url from your site at - admin/settings/twitter. The callback URL should end with twitter/oauth it's not admin/settings/twitter.

14. Save the application on Twitter and enter in the OAuth Consumer key and OAuth Consumer secret given on your site in the settings at - admin/settings/twitter

15. If you want users to sign up with twitter make sure the Twitter Signup module is enabled and edit settings in admin/settings/twitter/signin

16. Change any permissions at admin/user/permissions

17. Go to your user account at /user and edit. In the edit settings edit Twitter and add the account. If you want to make the account global change the settings here

I also put these instructions on my site - and there is more in a social media presentation I did for Pacific North West Drupal Camp - a copy of which is here:

I hope this helps

redrider’s picture

@ karensmallwood

After following your directions, I get this;

"Access denied
Please complete the following registration form to create your new account on Cruising Interface
You are not authorized to access this page."

karensmallwood’s picture

@redrider -

Do you have more info - from the error it sounds like you are not signed into the site but without more info on what you were trying to do when you got the error I cant be sure

redrider’s picture

I am signed into the site, at least I hope so - if not then I have serious permissions issues.

I got that access denied page when I tried to add account in "my account/edit/twitter accounts/add account".

The only thing I can think of as a reason is that I, as the site admin do not have a twitter account but that doesn't really sound likely but it must be something along those lines - or perhaps another module is interfering.

karensmallwood’s picture


ahh that makes more sense.

Do you have user1 account?

If not then check your user role has permission to add twitter accounts and to make twitter accounts global.

Also make sure your user has has the correct role associated with the permission.

redrider’s picture

I am user 1 but I don't have any roles set up on this site.

How do I make twitter account global?

redrider’s picture

one other point is that this site was posting to twitter with the previous twitter module

DamienMcKenna’s picture

+1 for inclusion in the next update, it's kinda essential that the Twitter module be able to communicate with Twitter.

tryitonce’s picture

I think this is getting a bit too long. Working solutions to get Twitter going again have been shown higher up. Now they are lost as this list is getting too long and unreadable - imho.
Of course we could try for a Guinness record. But it might make more sense to summarise the solution in a handbook page. And just add a link to it here.
It also seems that some Drupal colleagues here have a problem on the Twitter side of things where it is generally recommended to have a fresh start.

dandaman’s picture

First, for @mwidner, make sure your server knows the correct time and that you have the OAuth tokens you got from Twitter for your app. I was getting that until I got the "ntpdate" Linux command to sync with a timeserver.

For my part, I patched my Twitter 6.x-3.0beta2 module with #135 and it worked.... mostly. It was changing "oauth" to "oauth_common" and that wasn't helpful. What it does do is allows you to post to Twitter using Actions. On the Action edit page it just asks for the account name and as long as the account is in the system it posts the tweet there when the action is run.

This issue is definitely a problem and we do need to fix it. Sadly, this thread has gotten bogged down with many other Twitter support issues. I agree, let's get this committed!

dandaman’s picture

Here's the code I'm using and it updates Twitter Actions to use OAuth. Thanks to all the patches above for doing the hard work.

redrider’s picture

@ Dandaman

Thank you, thank you, thank you - that was the missing piece.

I applied your patch and now all is well again.

Dennis Cohn’s picture

Possible to activate this when you work offline? (localhost)?

crutch’s picture


tavaressimon’s picture


tryitonce’s picture

DamienMcKenna’s picture

@tryitonce: please don't hijack threats for completely unrelated discussions.

walkah’s picture

Status: Reviewed & tested by the community » Fixed

Committed the patch in #216. Thank you to *everyone* for testing this and making it happen. Sorry for all the delays getting this stuff sorted out. New release of 3.x coming soon!

geerlingguy’s picture

Suh-weet! Hopefully this issue can die, finally, and we can get on with our lives :)

bendiy’s picture


Rhino’s picture

Status: Fixed » Reviewed & tested by the community

Is anyone else still getting the "successfully posted to twitter" when in fact nothing is posted to twitter?

I have imported user tweets just fine, users can log in with twitter too, users who had logins can add their twitter accounts and get an easier way to log in. In short, it works super - apart from the fact that the main "god" account (and nobody else either) has posts showing up on twitter like we used to. I want posts to be posted to twitter. All I get is "your post was successfully submitted to twitter", but no post on twitter.

What did I miss? I've also applied the #216 patch, no diff.

dandaman’s picture

I haven't tested it a ton, but if it was over 140 characters is didn't post but I don't remember seeing an error message.

JimSmith’s picture

You don't get an error message or any other indication that the tweet was not sent when you go over 140 characters.

voxpelli’s picture

Status: Reviewed & tested by the community » Fixed

Since there is now a new release of the Twitter module which has had the patch from this issue committed - can we please consider this issue fix and report any new issues as new issues?

There is absolutely no gain in everyone reporting all of their issues in this issue.

Marking as fixed again.

Rhino’s picture

Status: Fixed » Reviewed & tested by the community

In my case, it's not the char-length that's preventing a tweet from going out. My latest test was titled: "this is a twitter test". The default string for twitter post is !title !tinyurl which should give it ample space for that tweet. Still,no dice.

Does user 1 have to be the owner of the global twitter account? In this case, user 1 isn't the global twitter account owner. I have created a different user for the global twitter account. All users have petmission to post to the global twitter account. I was using user 1 to test this.

All I get is "successfully posted to twitter", there is no mention in the logs of problems. There is no successful tweet on twitter.

P.S. Just to make sure it wasn't me who patched wrong, I've installed the latest twitter module, run update.php, and tried again. Same result.

p.p.s see issue #103 in his thread. I am not the only one.

geerlingguy’s picture

Status: Reviewed & tested by the community » Fixed

@Rhino - please consider opening a new issue for your problem - I've tested on two sites (both with user 1, though), and not had a problem... the original issue here is fixed.

sterndata’s picture

Make sure you go into the user profile, REMOVE the twitter account, and re-add it. This forces the OAuth connection.

Marko B’s picture

for #106

twitter says they support other crypto. not the "RSA-SHA1"

"*We support hmac-sha1 signatures. We do not support the plaintext signature method."

ezra-g’s picture

Now that this has been committed, please file new issues rather than commenting here.

I suggest that someone on the webmasters team lock this thread.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.