刷新或点击按钮后,亚伯拉罕的TwitterOAuth access_token持续消失

时间:2016-06-29 14:40:09

标签: php twitter-oauth

我正在尝试获取刚刚授权我的Twitter应用的用户的access_token。当我登录时,它可以工作,但只记得我的access_token,直到我刷新或点击按钮。

我正在使用的代码:

require(__DIR__ . '/../../lib/data/twitter-login-api/autoload.php');
use Abraham\TwitterOAuth\TwitterOAuth;

$oauth_callback = OAUTH_CALLBACK;
$consumer_key = OAUTH_KEY;
$consumer_secret = OAUTH_SECRET;

//Do something if $_REQUEST occur and previous session is equal to current $_REQUEST
if (isset($_REQUEST['oauth_token']) && $_SESSION['oauth_token'] === $_REQUEST['oauth_token']) {

    //Open first connection at callback
    $connection = new TwitterOAuth($consumer_key, $consumer_secret,  $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);

    //Then verify your token
    $access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));

    //Now you can save them
    $_SESSION['new_session_for_oauth_token'] = $access_token['oauth_token'];
    $_SESSION['new_session_for_oauth_token_secret'] = $access_token['oauth_token_secret'];

    //You may also check it first
    $connection = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['new_session_for_oauth_token'], $_SESSION['new_session_for_oauth_token_secret']);
    $check = $connection->get("account/verify_credentials");
    $username = $check->name;

    //To echo your account's stat
    echo '<p>' . $check->statuses_count . '</p>';
    echo '<p>' . $check->friends_count . '</p>';
    echo '<p>' . $check->followers_count . '</p>';
    echo '<p>' . $check->favourites_count . '</p>';

    //And finally unset previous sessions
    unset($_SESSION['oauth_token']);
    unset($_SESSION['oauth_token_secret']);

   //this is the end of callback url
} else {

    $connection = new TwitterOAuth($consumer_key, $consumer_secret);
    $request_token = $connection->oauth('oauth/request_token', array("oauth_callback" => $oauth_callback));

    $_SESSION['oauth_token'] = $request_token['oauth_token'];       
    $_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];

    $twitter_url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));
}

它一次登录我,我收到access_token和access_token_secret,但是我需要它们留在会话中,这样我也可以在页面刷新或点击按钮后使用它。

我做错了什么?

1 个答案:

答案 0 :(得分:0)

我认为这是因为您在验证访问令牌之前实例化了一个“非访问权限”连接。

一开始,

//Open first connection at callback
$connection = new TwitterOAuth($consumer_key, $consumer_secret,  $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);

//Then verify your token
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));

//Now you can save them
$_SESSION['new_session_for_oauth_token'] = $access_token['oauth_token'];
$_SESSION['new_session_for_oauth_token_secret'] = $access_token['oauth_token_secret'];

您应该注意的另一件事是,您需要unset之前的令牌(在授权之前),但当然在授权阶段过去之后。在这里,我添加了更多表达(在我看来),因为你只有一页“请求”和“回调”

//Do something if $_REQUEST occur and previous session is equal to current $_REQUEST
if (isset($_REQUEST['oauth_token']) && $_SESSION['oauth_token'] === $_REQUEST['oauth_token']) {

    //Open first connection at callback
    $connection = new TwitterOAuth($consumer_key, $consumer_secret,  $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);

    //Then verify your token
    $access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));

    //Now we overwrite previouse session with verified one
    $_SESSION['oauth_token'] = $access_token['oauth_token'];
    $_SESSION['oauth_token_secret'] = $access_token['oauth_token_secret'];

    //You may also check it first
    $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['new_session_for_oauth_token'], $_SESSION['new_session_for_oauth_token_secret']);
    $check = $connection->get("account/verify_credentials");

    //To echo your account's stat
    echo $check->statuses_count;
    echo $check->friends_count;
    echo $check->followers_count;
    echo $check->favourites_count;

    //And finally unset previous sessions
    unset($_SESSION['oauth_token']);
    unset($_SESSION['oauth_token_secret']);

   //this is the end of callback url
} elseif (isset($_GET['twitter']) && $_GET['twitter'] === 'login') {
    //Request a token aka login

    $connection = new TwitterOAuth($consumer_key, $consumer_secret);
    $request_token = $connection->oauth('oauth/request_token', array("oauth_callback" => $oauth_callback));

    $_SESSION['oauth_token'] = $request_token['oauth_token'];       
    $_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];

    $twitter_url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));
} elseif (isset($_GET['twitter']) && $_GET['twitter'] === 'logout') {
    //Destroy the session aka logout

    unset($_SESSION['oauth_token']);
    unset($_SESSION['oauth_token_secret']);
    $url = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
    header("location: {$url}");
    exit();
}

//Before or after this snippet is HTML part

现在,在您的HTML部分中,如果您要登录Twitter,请转到example.org/page.php?twitter=login。您也可以按example.org/page.php?twitter=logout

注销
相关问题
最新问题