Currently, I’m working on an Android app for Pinterest. What I am trying to do is get an OAuth token from a pinterest (who just pulled their API page). I found someone’s PHP script that appears to allow someone to log in with the following method:

function fetch_access_token($client_id, $client_secret, $username, $password) {
        $ch=curl_init();
        curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);                                                
        $post= array(
            "grant_type" => 'password',
            "scope"  => "read_write",
        );
        $host = "https://api.pinterest.com";
        $endpoint = "/oauth/2/access_token?client_id=$client_id&client_secret=$client_secret";
        $request_url = $host . $endpoint;
        curl_setopt($ch, CURLOPT_URL, $request_url);
        curl_setopt($ch, CURLOPT_POST,1);
        curl_setopt($ch, CURLOPT_POSTFIELDS,$post);
        curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); 
        $s=curl_exec($ch);
        $info = curl_getinfo($ch);
        curl_close($ch);
        if ($info['http_code'] >= 200 and $info['http_code'] < 300) {
            list($junk, $access_token) = explode('=', $s, 2);
            $this->access_token = $access_token;
        } 
        return $s;
    }

As you can see, in the third line of this function, CURLOPT_USERPWD is used as a curl post option. I’ve already written an HttpClient wrapper library that I’m using to make the request. I can easily add HTTP POST parameters, however, I have no idea what to add for CURLOPT_USERPWD. I googled around a bit and didn’t find anything helpful.

So, the main question is, what NameValuePair name should typically correspond to PHP’s CURLOPT_USERPWD? Secondary question would be if this is a legitimate question, or am I barking up the wrong tree here? It seems like if it’s something that PHP/Curl can handle, I should be able to hack it into my app somehow.