Hi All,
I’m sorry to introduce a breaking change to the syntax of the Twitter plugin, but Twitter decided to make a change to their API that breaks the old plugin so that calling twitter.login would fail. I had no choice but to update the plugin in a way that will require minimal code changes for anybody using it. Unfortunately, the change Twitter made effectively breaks the plugin, even for apps built and placed on the app store prior to the change. Basically, if your app relies on the Twitter plugin, you’re gonna have to make an update (sorry, not my call).
I have uploaded a new version of the plugin to the Marketplace that should be available in the Simulator within an hour or two. Here’s the skinny on what has changed and how you need to adapt to it:
WHAT CHANGED?
There is now a third parameter that needs to be passed in when calling twitter.init: a callback URL. This string value must match one of the callback URLs that you can specify in your Twitter app’s settings at apps.twitter.com. So effective immediately, twitter.init() calls should look something like this:
twitter.init("api\_key", "api\_secret", "callback\_url")
WHY?
Using the Twitter plugin always required you to specify a callback URL when setting up your Twitter app at apps.twitter.com - but that callback URL used to have no bearing on how the plugin functioned. The plugin used a dummy callback URL of “returnToApp” to know that it was time to close the webView used for logging in - but on June 12th, Twitter began requiring OAuth login attempts to pass in a callback URL that matches one of your app’s “whitelisted” URLs (read more about that here). This is why I now require you to specify that URL, as it’s important that I pass in a whitelisted one when getting the OAuth token needed for logging in.
A NEW FEATURE: APPLICATION-ONLY AUTHENTICATION!
So if I’m going to force you all to jump through some hoops, the least I can do is give you a treat for it, right? This is actually a feature that I coded last winter based on user feedback, but never got around to releasing (sorry). Starting with this new version, Twitter API requests that do not require user context (like general searches or pulling public timelines) can be performed without requiring a user to log in, by using application-only authentication (read more about that here). Note that posting tweets, or other actions that would be attributed to a specific user will still require that user to log in as before. But if you just want to do non-user-specific API calls, then you can skip that step. Taking advantage of this requires no change to existing syntax: if a user is logged in, then all API calls will continue to be made on their behalf - but if a user is not logged in, and you attempt an API call that does not require user-specific authentication, then the call will be made on your application’s behalf, and the return data will be passed into your callback listener as always.
Sorry for the zero-notice breaking change, but I was only made aware of this change to Twitter’s API a few hours ago, after it had already effectively broken the plugin (hat tip to forum user @umalemon for raising this issue here). I did as much testing as I could with the time I had, but this was a faster deployment than I’m used to, so please raise any bugs or issues you find on this thread and I will get to them as quickly as I can. I will be moving the documentation for the plugin to my GitHub docs page, and updating it as soon as I can, but for the time being, this post is as close to updated documentation as I have to offer. I have updated the demo app to incorporate this new syntax, however. So there’s that.
Thanks to all who use the Twitter plugin, and I’m sorry again for the hassle.
-Jason