Basic Twitch Connect OAuth Help

Hey

Firstly I am an absolute novice at web development. All I really want is to authenticate through twitch and initially get their username.

I have read https://github.com/justintv/Twitch-API/blob/master/authentication.md#auth-code but have not fully understood it.

I am using this https://github.com/Xxplosions/twitchtv-oauth as it seemed to be the friendliest code I could find.

So I can send the user to authenticate my application, once authorised I can receive my code, I am then using Xxplosions’ class to sort out getting the access token:

class TwitchTV {

      var $base_url = "https://api.twitch.tv/kraken/";
      var $client_id = 'removed - INSET ID HERE'; //change this value, should be your TwitchTV Application Client ID
       var $client_secret = "removed - INSET ID HERE"; //change this value, should be your TwitchTV Application Client Secret 
       var $redirect_url = 'http://localhost/test/try.php'; //change this value, should be your TwitchTV Application Rerdirect URL
       var $scope_array = array('user_read','channel_read','chat_login','user_follows_edit','channel_editor','channel_commercial','channel_check_subscription');


/**
 * Channel data for the fetched user
 * 
 * @var stdClass
 */
var $channel_data = null;
var $curl_cache;

public function __construct(){
	$this->curl_cache = new TwitchTV_Curl_Cache();
}
function get_access_token($code) {
	$ch = curl_init($this->base_url . "oauth2/token");
	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($ch, CURLOPT_POST, 1);
	$fields = array(
		 'client_id' => $this->client_id,
		 'client_secret' => $this->client_secret,
		 'grant_type' => 'authorization_code',
		 'redirect_uri' => $this->redirect_url,
		 'code' => $code
	);
	curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
	$data = curl_exec($ch);
	$response = json_decode($data, true);
	return $response["access_token"];
}

I think my main problem here is, I have no idea how to use that return value, I have tried to echo (just to confirm it is working) it out like this:

    $ttvcode = $_GET['code'];

$twitchtv = new TwitchTV;

$authcode = $twitchtv->get_access_token($ttvcode));

echo $authcode;

but when my link is directed to this page I just get a blank page. I am presuming this is because I am messing up dealing with the JSON.

I’m not asking you to do all my work for me, but if someone can provide relevant tutorials or more in depth guides to this kind of stuff, I would love you for ever.

I’m trying to do this mostly in PHP and if something I have said makes no sense, I apologise, and will try and give you more info if requested.

Sorry and thanks!

This is a long post which basically says I don’t understand how to POST my code after authorisation to get my access token, I tried my own Curl and failed, tried to use someone’s class and failed.

Anyone have any documentation or anything they can point me too? I’ve been trying for hours and it is probably simple and I am just missing something simple.

Thanks,

I wrote up a library to deal with Everything on the documented API. https://github.com/IBurn36360/Twitch_Interface You can use any of the functions written in there as an example of how to perform the calls (In your case, look at cURL_post for more information). Hope it helps and if you find any issues, please reply here or open an issue on the git.

  • Anthony ‘IBurn36360’ Diaz
1 Like

Re-read your post, in order to get the GET data sent back from twitch, you need to grab the data from the $_GET superglobal on the receiving script. Your code posted above should work, assuming you are grabbing the right key for the data, and that the token is returned properly (The query was successful).

$token = (isset($_GET['code'])) ? $_GET['code'] : null;
    
if ($token !== null)
{
    $authCode = $twitchtv->get_access_token($token);
} else {
   // Run error logging here and be sure to printf() $_GET so you can see what you had
}

Without you knowing what the GET query returned as though, I can not be sure if the receiving script got the proper data back.

Hello, firstly, thanks so much for replying, this has been doing my head in for days, it is probably too advanced for me but I really need it.

I added this code to check what you wanted:

$token = $_GET['code'];

$twitchtv = new TwitchTV;

 $token = (isset($_GET['code'])) ? $_GET['code'] : null;

 if ($token !== null)

{
    $authCode = $twitchtv->get_access_token($token);
echo $authCode . "<br>";
echo $token;

} else {
echo "Error";
}

Basically it displays my $token but not my $authCode.

So it looks like a problem with my POST? Or something I am completely missing. Maybe I could use a different curl? I am running this on local host, is it worth trying it on live to see if that makes a difference?

Thanks again for your help, sorry I am sooo nooby and stuck.

The problem that you’re having is that you first need to link off to the page where you’re able to get them to authenticate your application.

First off you’re going to need to make sure that your $client_id and $client_secret are the same as listed on the TwitchTV side of things.

Once you assure that you’re going to need to call authenticate() inside an href of an html link tag.

<a href="<?php echo $twitchtv->authenticate(); ?>">Authenticate here</a>

now you should be brought to TwitchTV to authenticate the application. Make sure that you know what your redirect url is because that’s where you’ll need the code to handle getting the access token. So once you’re returned you should see in the URL a GET variable tagged onto the end of the url (it’s what follows ?code= you’ll want that value so in this case $code = $_GET['code'];. If you don’t see it in the url than you won’t get any output because that value doesn’t exist.

Now you should be able to get into the if statement and receive the access token via the $authCode = $twitchtv->get_access_toke($code);

Then your echo should work. It should work if you A) went to TwitchTV and got redirected B) have a ?code= in the url. For safe keeping I’d store the value of that $_GET and then the access token itself in a database. If you’re worried about people stealing your access tokens then you’d want to store them encrypted and then decrypt them in your code.

Hopefully that helps. I’m not sure how to better explain it. If it doesn’t work than post your code here what file they’re in, etc. and I’ll try to see what’s up with it.

Hey, thanks again for taking the time to look at my foolish problems. I’m just getting mega stressed with it and am probably missing something.

I have the authenticate url on a different page, and that code is as you have.

    $twitchtv = new TwitchTV;
	 
	$authenticatedURL = $twitchtv->authenticate();
	
<a href="<?php echo $twitchtv->authenticate(); ?>" >Authenticate here </a>

Then on a different page, the url I have it redirected to, I have:

   	$token = $_GET['code'];

$twitch = new TwitchTV;

$code = (isset($_GET[‘code’])) ? $_GET[‘code’] : null;

if ($code !== null)

{
    $authCode = $twitch->get_access_token($code);
	echo $authCode."<br>";
	echo $code;
	
} else {
    echo "Error";
}

And this echo’s out my code that I got from the url. but I just get a blank where the authcode should be, I trying storing it in a database and it was just blank.

That is really the only code I have added. I have just put in my details where it says to do so.

I don’t want to post all the code here as it would be a bit of a mess. Basically my auth redirect file is:

http://localhost/test/auth/auth.php

And my redirect URL is http://localhost/test/try.php

I could move it to a live server if needed?

Sorry again, and thanks for all your help.

I haven’t actually tried it on a local server, as long as you have cURL enabled you should be fine. Go into the function and echo a test line to see that you’re getting in there, and then piece it together. So just inside the function do echo "here"; If it echo’s here than you know you’re getting that far. Then the next step would to debug the json to make sure that it’s there. See the lines with the comments next to them and see if it works for ya. If it gives you any errors put them in here. Also it might be a good idea to turn on error reporting just to be sure there aren’t any PHP errors in your script by adding error_reporting(E_ALL); at the top of your script. Hope this leads in the correct direction for you! :smile:

 function get_access_token($code) {

    echo "Here is your code" . $code; // something like this here if it doesn't work than the error is getting into the function and you don't have the $_GET.


	$ch = curl_init($this->base_url . "oauth2/token");
	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($ch, CURLOPT_POST, 1);
	$fields = array(
		 'client_id' => $this->client_id,
		 'client_secret' => $this->client_secret,
		 'grant_type' => 'authorization_code',
		 'redirect_uri' => $this->redirect_url,
		 'code' => $code
	);
	curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
	$data = curl_exec($ch);
	$response = json_decode($data, true);

    echo "<pre>".print_r($response,true)."</pre>"; // Place this here and give me the output so then we can figure out what's going on.

	return $response["access_token"];
}

WOOT, I am nearly there. I tried the above on live and it worked, but on my localhost didn’t. What could be causing that? I am confident I have curl enabled? Something to do with the redirect url maybe? Even if the localhost method is a mystery, at least on some level it is working. Thanks so much, it was driving me wild.

The localhost mystery is slightly less annoying! Thanks.

No problem. I’d imagine it’s because it’s expecting to go to a legitimate url, which localhost is just on your local machine and isn’t accessible to the public.

I’ve updated my Twitch OAuth to have a few working examples. They’re pretty basic, but get the point across. More to come later. I know this is a much later response, but wanted to make that point for people that come across this post and haven’t seen the updates on my github page.