我试图获得刚刚授权给我的twitter应用程序的用户的access_token。当我登录时,它工作,但只记得我的access_token,直到我刷新或单击一个按钮。
我正在使用的代码:
require(__DIR__ . '/../../lib/data/twitter-login-api/autoload.php');
use Abraham'TwitterOAuth'TwitterOAuth;
$oauth_callback = OAUTH_CALLBACK;
$consumer_key = OAUTH_KEY;
$consumer_secret = OAUTH_SECRET;
//Do something if $_REQUEST occur and previous session is equal to current $_REQUEST
if (isset($_REQUEST['oauth_token']) && $_SESSION['oauth_token'] === $_REQUEST['oauth_token']) {
//Open first connection at callback
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
//Then verify your token
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));
//Now you can save them
$_SESSION['new_session_for_oauth_token'] = $access_token['oauth_token'];
$_SESSION['new_session_for_oauth_token_secret'] = $access_token['oauth_token_secret'];
//You may also check it first
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['new_session_for_oauth_token'], $_SESSION['new_session_for_oauth_token_secret']);
$check = $connection->get("account/verify_credentials");
$username = $check->name;
//To echo your account's stat
echo '<p>' . $check->statuses_count . '</p>';
echo '<p>' . $check->friends_count . '</p>';
echo '<p>' . $check->followers_count . '</p>';
echo '<p>' . $check->favourites_count . '</p>';
//And finally unset previous sessions
unset($_SESSION['oauth_token']);
unset($_SESSION['oauth_token_secret']);
//this is the end of callback url
} else {
$connection = new TwitterOAuth($consumer_key, $consumer_secret);
$request_token = $connection->oauth('oauth/request_token', array("oauth_callback" => $oauth_callback));
$_SESSION['oauth_token'] = $request_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
$twitter_url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));
}
它一次记录我,我收到access_token和access_token_secret,但我需要它们留在会话中,以便我也可以在页面刷新或单击按钮后使用它。
我做错了什么?
我认为这是因为您在验证访问令牌之前实例化了一个"非访问令牌"连接。
开头,
//Open first connection at callback
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
//Then verify your token
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));
//Now you can save them
$_SESSION['new_session_for_oauth_token'] = $access_token['oauth_token'];
$_SESSION['new_session_for_oauth_token_secret'] = $access_token['oauth_token_secret'];
您应该注意的另一件事是,您确实需要unset先前的令牌(在授权之前),但当然是在授权阶段过去之后。在这里,我添加了更多的表达更好(在我看来),因为你只有一个页面的"请求"answers"回调"
//Do something if $_REQUEST occur and previous session is equal to current $_REQUEST
if (isset($_REQUEST['oauth_token']) && $_SESSION['oauth_token'] === $_REQUEST['oauth_token']) {
//Open first connection at callback
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
//Then verify your token
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));
//Now we overwrite previouse session with verified one
$_SESSION['oauth_token'] = $access_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $access_token['oauth_token_secret'];
//You may also check it first
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['new_session_for_oauth_token'], $_SESSION['new_session_for_oauth_token_secret']);
$check = $connection->get("account/verify_credentials");
//To echo your account's stat
echo $check->statuses_count;
echo $check->friends_count;
echo $check->followers_count;
echo $check->favourites_count;
//And finally unset previous sessions
unset($_SESSION['oauth_token']);
unset($_SESSION['oauth_token_secret']);
//this is the end of callback url
} elseif (isset($_GET['twitter']) && $_GET['twitter'] === 'login') {
//Request a token aka login
$connection = new TwitterOAuth($consumer_key, $consumer_secret);
$request_token = $connection->oauth('oauth/request_token', array("oauth_callback" => $oauth_callback));
$_SESSION['oauth_token'] = $request_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
$twitter_url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));
} elseif (isset($_GET['twitter']) && $_GET['twitter'] === 'logout') {
//Destroy the session aka logout
unset($_SESSION['oauth_token']);
unset($_SESSION['oauth_token_secret']);
$url = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
header("location: {$url}");
exit();
}
//Before or after this snippet is HTML part
现在,在你的HTML部分,如果你要登录到Twitter,去example.org/page.php?twitter=login。也可以通过example.org/page.php?twitter=logout