@@ -54,34 +54,44 @@ Or you authenticate, like this:
5454``` php
5555session_start();
5656
57- if (! isset($_GET['oauth_verifier '])) {
58- // gets a request token
57+ if (! isset($_SESSION['oauth_token '])) {
58+ // get the request token
5959 $reply = $cb->oauth_requestToken(array(
6060 'oauth_callback' => 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']
6161 ));
6262
63- // stores it
63+ // store the token
6464 $cb->setToken($reply->oauth_token, $reply->oauth_token_secret);
6565 $_SESSION['oauth_token'] = $reply->oauth_token;
6666 $_SESSION['oauth_token_secret'] = $reply->oauth_token_secret;
67+ $_SESSION['oauth_verify'] = true;
6768
68- // gets the authorize screen URL
69+ // redirect to auth website
6970 $auth_url = $cb->oauth_authorize();
7071 header('Location: ' . $auth_url);
7172 die();
7273
73- } elseif (! isset($_SESSION['oauth_verified '])) {
74- // gets the access token
74+ } elseif (isset($_GET['oauth_verifier']) && isset($_SESSION['oauth_verify '])) {
75+ // verify the token
7576 $cb->setToken($_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
77+ unset($_SESSION['oauth_verify']);
78+
79+ // get the access token
7680 $reply = $cb->oauth_accessToken(array(
7781 'oauth_verifier' => $_GET['oauth_verifier']
7882 ));
79- // store the authenticated token, which may be different from the request token (!)
83+
84+ // store the token (which is different from the request token!)
8085 $_SESSION['oauth_token'] = $reply->oauth_token;
8186 $_SESSION['oauth_token_secret'] = $reply->oauth_token_secret;
82- $cb->setToken($_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
83- $_SESSION['oauth_verified'] = true;
87+
88+ // send to same URL, without oauth GET parameters
89+ header('Location: ' . basename(__FILE__));
90+ die();
8491}
92+
93+ // assign access token on each page load
94+ $cb->setToken($_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
8595```
8696
8797### 1.1. Application-only auth
0 commit comments