search

verbb / social-poster

A Craft CMS plugin for automatically posting entries to social media.
Other
89 stars 12 forks source link

Twitter API v2 not supported #43

Open tom-bywild opened 1 year ago

tom-bywild commented 1 year ago

Describe the bug

Description

The current implementation for the Twitter-Provider uses the legacy /1.1/...-endpoints. Twitter has changed their permission model, having now different levels of access.

Using the /1.1/...-endpoints, as the plugin does now, therefore doesn't work with the endpoints that are being called by the plugin with only the essential-access. A migration is required.

The error-log looks something like this:

{
  'message': 
     'You currently have Essential access which includes access 
     to Twitter API v2 endpoints only. If you need access to this endpoint, you’ll need 
     to apply for Elevated access via the Developer Portal. You can learn more here: 
     https://developer.twitter.com/en/docs/twitter-api/getting-started/about-twitter- 
     api#v2-access-level',
  'code': 453
}

It doesn't look like there's any way to only use legacy endpoints w/ a legacy permission model.

Quick local test

A quick test by changing the plugin's code to call the /2/...-endpoints results in an error related to calling an unknown API-endpoint.

Summary

To enable usage with the Twitter-API for essential users, the endpoints have to be migrated from /1.1/... to /2/..., or the developer has to apply for elevated access.

Therefore, the plugin is currently broken for probably the vast majority of devs using the Twitter-provider, as even for testing one needs elevated access.

Steps to reproduce

  1. Create a new application in the Twitter API-console, using the essential access level
  2. Connect the application with SocialPoster in Craft
  3. Enable auto-posting
  4. Publish a post
  5. See error (logs, no tweet gets posted)

Craft CMS version

Craft Pro 4.3.5

Plugin version

3.0.2

Multi-site?

No response

Additional context

No response

tom-bywild commented 1 year ago

I can image that it might be enough to provide a selection between the v1.1/v2 api surface to use in the CP (or via configuration).

In code, a simple mapping of the respective endpoints to endpoint-generators for v1.1/v2 might work. If no selection is made, v1.1 is used. This shouldn't introduce any breaking changes.

tom-bywild commented 1 year ago

Looking further into the issue, the 3rd party OAuth library might also be the cause of failed requests here. The plugin currently uses the OAuth1-handler from League, but we might actually need OAuth2 (Twitter doc).

engram-design commented 1 year ago

FYI we’re in the middle of some major changes to the plugin, so this will be addressed in the next major release.

tom-bywild commented 1 year ago

Thanks for the heads up, can you provide a (rough) timeline? It would help me estimate if we have to roll our own solution, or go with Verbb. Thanks!

engram-design commented 1 year ago

I can’t provide a firm timeline but looking like Q1 for a major version update, which will include Twitter v2 API integration, among a few other major changes.

tom-bywild commented 1 year ago

Thanks for the update! Would it be possible to participate in a beta? I'll probably need an implementation end of January/start of February. Maybe I could meet the requirements with a beta-release and update to production at a later point.

tom-bywild commented 1 year ago

@engram-design Do you have any more information on this? Feedback would be much appreciated! Thanks!

engram-design commented 1 year ago

Nothing yet, but expect it still in this Q1. Nothing solid enough for a beta, but things are progressing as planned for a release soon.