PHPackages                             aporat/oauth2-xtwitter - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. aporat/oauth2-xtwitter

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

aporat/oauth2-xtwitter
======================

X (formerly Twitter) OAuth 2.0 Client Provider for The PHP League OAuth2-Client

1.0.0(11mo ago)0762↓16.7%[1 PRs](https://github.com/aporat/oauth2-xtwitter/pulls)MITPHPPHP ^8.1CI passing

Since Jun 1Pushed 5mo agoCompare

[ Source](https://github.com/aporat/oauth2-xtwitter)[ Packagist](https://packagist.org/packages/aporat/oauth2-xtwitter)[ RSS](/packages/aporat-oauth2-xtwitter/feed)WikiDiscussions main Synced 1mo ago

READMEChangelog (1)Dependencies (4)Versions (3)Used By (0)

X (formerly Twitter) Provider for OAuth 2.0 Client
==================================================

[](#x-formerly-twitter-provider-for-oauth-20-client)

[![Latest Stable Version](https://camo.githubusercontent.com/7ebbef0d06d0ffc276308c1c126a95ec69319133f0703794df5e845f2d16ecb5/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f61706f7261742f6f61757468322d78747769747465722e7376673f6c6f676f3d636f6d706f736572)](https://packagist.org/packages/aporat/oauth2-xtwitter)[![Software License](https://camo.githubusercontent.com/074b89bca64d3edc93a1db6c7e3b1636b874540ba91d66367c0e5e354c56d0ea/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e737667)](LICENSE)[![codecov](https://camo.githubusercontent.com/0483c698606f9741cf3af4eaa3824c7fc5f8cd35113796895598889723d69ef7/68747470733a2f2f636f6465636f762e696f2f6769746875622f61706f7261742f6f61757468322d78747769747465722f67726170682f62616467652e7376673f746f6b656e3d424844334a5a53344c51)](https://codecov.io/github/aporat/oauth2-xtwitter)[![GitHub Actions Workflow Status](https://github.com/aporat/oauth2-xtwitter/actions/workflows/ci.yml/badge.svg)](https://github.com/aporat/oauth2-xtwitter/actions/workflows/ci.yml/badge.svg)[![Total Downloads](https://camo.githubusercontent.com/eb7d8a6d05d72c5608f2535667a6be9cf4d498432536f9c0c01ed808a30838f0/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f61706f7261742f6f61757468322d78747769747465722e737667)](https://packagist.org/packages/aporat/oauth2-xtwitter)

This package provides **X (formerly Twitter)** OAuth 2.0 support for the PHP League's [OAuth 2.0 Client](https://github.com/thephpleague/oauth2-client).

Installation
------------

[](#installation)

Install via Composer:

```
composer require aporat/oauth2-xtwitter
```

Usage
-----

[](#usage)

Usage follows The League's OAuth 2.0 client style, using `\Aporat\OAuth2\Client\Provider\XTwitter` as the provider.

### Authorization Code Flow

[](#authorization-code-flow)

```
$provider = new Aporat\OAuth2\Client\Provider\XTwitter([
    'clientId'     => '{x-client-id}',
    'clientSecret' => '{x-client-secret}',
    'redirectUri'  => 'https://example.com/callback-url',
]);

if (!isset($_GET['code'])) {
    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->getState();
    $_SESSION['oauth2pkceCode'] = $provider->getPkceCode();

    header('Location: ' . $authUrl);
    exit;
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
    // Check given state against previously stored one to mitigate CSRF attack
    unset($_SESSION['oauth2state']);
    exit('Invalid state');
} else {
    $provider->setPkceCode($_SESSION['oauth2pkceCode']);

    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code'],
    ]);

    // Optional: Now you have a token you can look up a user's profile data
    try {
        // We got an access token, let's now get the user's details
        $user = $provider->getResourceOwner($token);

        // Use these details to create a new profile
        printf('Hello %s!', $user->getName());
    } catch (Exception $e) {
        // Failed to get user details
        exit('Oh dear...');
    }

    // Use this to interact with an API on the user's behalf
    echo $token->getToken();
}
```

### Managing Scopes

[](#managing-scopes)

When creating your X (formerly Twitter) authorization URL, you can specify the state and scopes your application may authorize.

```
$options = [
    'state' => 'OPTIONAL_CUSTOM_CONFIGURED_STATE',
    'scope' => ['tweet.read', 'users.read'] // Adjust scopes as needed
];

$authorizationUrl = $provider->getAuthorizationUrl($options);
```

Testing
-------

[](#testing)

```
composer test
```

Contributing
------------

[](#contributing)

Please see [CONTRIBUTING](https://github.com/aporat/oauth2-xtwitter/blob/master/CONTRIBUTING.md) for details.

License
-------

[](#license)

The MIT License (MIT). Please see the [License File](https://github.com/aporat/oauth2-xtwitter/blob/master/LICENSE) for more information.

###  Health Score

36

—

LowBetter than 82% of packages

Maintenance63

Regular maintenance activity

Popularity18

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity46

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 75% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

344d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/54592564aa6e76cb00fdb16a8b7fadaea333de11da7fd8a739fe4812237a551c?d=identicon)[aporat](/maintainers/aporat)

---

Top Contributors

[![aporat](https://avatars.githubusercontent.com/u/415576?v=4)](https://github.com/aporat "aporat (9 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (3 commits)")

---

Tags

clientoauthoauth2authorizationauthorisationtwitterxxtwitter

###  Code Quality

TestsPHPUnit

Code StylePHP\_CodeSniffer

### Embed Badge

![Health badge](/badges/aporat-oauth2-xtwitter/health.svg)

```
[![Health](https://phpackages.com/badges/aporat-oauth2-xtwitter/health.svg)](https://phpackages.com/packages/aporat-oauth2-xtwitter)
```

###  Alternatives

[stevenmaguire/oauth2-keycloak

Keycloak OAuth 2.0 Client Provider for The PHP League OAuth2-Client

2275.9M27](/packages/stevenmaguire-oauth2-keycloak)[patrickbussmann/oauth2-apple

Sign in with Apple OAuth 2.0 Client Provider for The PHP League OAuth2-Client

1132.5M6](/packages/patrickbussmann-oauth2-apple)[smolblog/oauth2-twitter

Twitter OAuth 2.0 Client Provider for The PHP League OAuth2-Client

17190.0k5](/packages/smolblog-oauth2-twitter)[mollie/oauth2-mollie-php

Mollie Provider for OAuth 2.0 Client

251.7M1](/packages/mollie-oauth2-mollie-php)[omines/oauth2-gitlab

GitLab OAuth 2.0 Client Provider for The PHP League OAuth2-Client

36721.5k13](/packages/omines-oauth2-gitlab)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)