Home/ Questions/Q 5997807
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T00:18:59+00:00

The code itself is pretty basic. I am trying to allow user to connect

  • 0

The code itself is pretty basic. I am trying to allow user to connect to Twitter and later to use Twitter as a mean of authentication (afaik, this is called OpenId). However, the problem is that every time when user executes the code he is asked to reallow the application – instead I expect it to return some sort of variable indicating that user is already connected to the app.

$oauth          = new OAuth(TWITTER_CONSUMER_KEY, TWITTER_CONSUMER_SECRET);
$callback_url   = 'http://guubo.com/connect/1';

try
{
    if(empty($_GET['oauth_token']))
    {
        unset($_SESSION['hp']['twitter']);
    }

    if(empty($_SESSION['hp']['twitter']['oauth_token_secret']))
    {
        $access_token   = $oauth->getRequestToken('https://api.twitter.com/oauth/request_token', $callback_url);

        //die(var_dump( $access_token ));

        $_SESSION['hp']['twitter']['oauth_token_secret']    = $access_token['oauth_token_secret'];

        header('Location: https://api.twitter.com/oauth/authorize?oauth_token=' . $access_token['oauth_token']);

        exit;
    }
    elseif(!empty($_GET['oauth_token']))
    {
        $oauth->setToken($_GET['oauth_token'], $_SESSION['hp']['twitter']['oauth_token_secret']);

        unset($_SESSION['hp']['twitter']);

        $access_token_info  = $oauth->getAccessToken('https://api.twitter.com/oauth/access_token');

        $db->exec("INSERT INTO `user_tokens` (`user_id`, `network_id`, `oauth_token`, `oauth_token_secret`) VALUES ({$db->quote($user['id'])}, {$db->quote($network['id'])}, {$db->quote($access_token_info['oauth_token'])}, {$db->quote($access_token_info['oauth_token_secret'])})");

        $response_array = array();

        parse_str($oauth->getLastResponse(), $last_response);

        #die(var_dump( $last_response[''] ));
    }
}
catch(OAuthException $e)
{
    echo $e->getMessage();

    exit;
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Take a look at this document regarding the “Sign in with Twitter” flow, which it looks like you are trying to implement. The one thing I notice in your code is that you are calling oauth/authorize where you should be calling oauth/authenticate. Here’s a relevant excerpt:

    The normal [OAuth] flow dictates that
    applications send request tokens to
    oauth/authorize in Twitter’s
    implementation of the OAuth
    Specification. To take advantage of
    “Sign in with Twitter”, applications
    should send request tokens received in
    the oauth_token parameter to
    oauth/authenticate instead.

    • 0