我试图找到一种方法,一旦授权使用OAuth与Twitter API保持联系,但我遇到了问题。
在尝试使用会话或数据库中保存的Oauth令牌连接到Twitter API时,我得到"Invalid / expired Token"。
有办法做到这一点吗?我不希望我的应用程序的用户每次都必须通过Twitter登录。当他们一次授权我的应用程序时,这应该足够了吗?
$consumer_key = 'consumerkey';
$consumer_secret = 'consumersecret';
$twitterObj = new EpiTwitter($consumer_key, $consumer_secret);
if (isset($_GET['oauth_token'])){
$oauth_token = $_GET['oauth_token'];
} else if ($_SESSION['oauth_token']){
$oauth_token = $_SESSION['oauth_token'];
echo $_SESSION['oauth_token'];
} else {
//see if authorisation already set up in DB
$query = mysql_query("SELECT oauth_token FROM PingSocialMediaUsers WHERE oauth_provider = 'twitter' AND clientID = '$clientID'");
$result = mysql_fetch_row($query);
$oauth_token = $result[0];
}
if($oauth_token == ''){
$url = $twitterObj->getAuthorizationUrl();
$twitter_login = $url;
} else {
$twitterObj->setToken($oauth_token);
$token = $twitterObj->getAccessToken();
$twitterObj->setToken($token->oauth_token, $token->oauth_token_secret);
$_SESSION['oauth_token'] = $token->oauth_token;
$_SESSION['oauth_secret'] = $token->oauth_token_secret;
$twitterInfo= $twitterObj->get_accountVerify_credentials();
$twitterInfo->response;
echo $twitterInfo->response['error'];
//echo '<pre>';
//print_r($twitterInfo);
$id = $twitterInfo->id;
$username = $twitterInfo->screen_name;
//add to details database
//find the user by ID
if ($id != ''){
$query = mysql_query("SELECT * FROM PingSocialMediaUsers WHERE oauth_provider = 'twitter' AND oauth_uid = '$id'");
$result = mysql_fetch_array($query);
// If does not exist add to database
if(empty($result)){
$query = mysql_query("INSERT INTO PingSocialMediaUsers (oauth_provider, oauth_uid, username, oauth_token, oauth_secret) VALUES ('twitter', {$id}, '{$username}', '{$_SESSION['oauth_token']}', '{$_SESSION['oauth_secret']}')");
$query = mysql_query("SELECT * FROM PingSocialMediaUsers WHERE id = " . mysql_insert_id());
$result = mysql_fetch_array($query);
} else {
//update the tokens
$query = mysql_query("UPDATE PingSocialMediaUsers SET oauth_token = '{$_SESSION['oauth_token']}', oauth_secret = '{$_SESSION['oauth_secret']}' WHERE oauth_provider = 'twitter' AND oauth_uid = {$id}");
}
$_SESSION['id'] = $result['id'];
$_SESSION['username'] = $result['username'];
$_SESSION['oauth_uid'] = $result['oauth_uid'];
$_SESSION['oauth_provider'] = $result['oauth_provider'];
$_SESSION['oauth_token'] = $result['oauth_token'];
$_SESSION['oauth_secret'] = $result['oauth_secret'];
}
$twitterAuth = TRUE;
}
答案 0 :(得分:2)
我相信您正在谈论access_token,您将从Twitter获取OAuth握手的最后一部分,之后您可以代表用户访问这些服务。
以下是他们在官方开发者页面中所说的内容
We do not currently expire access tokens.
Your access token will be invalid if a user explicitly
rejects your application from their settings or if a Twitter admin suspends
your application. If your application is suspended there will be
a note on your application page saying that it has been suspended.
因此,您可以很好地将该令牌存储在数据库中,并且可以在以后阶段使用。
这里是对API页面的引用 Twitter OAuth FAQ
所以我建议你确保你没有更改任何应用程序设置,并且你从会话/数据库中获得有效的access_token