getaccessToken( api_data is empty)

rinato · January 8, 2021, 6:34pm

I want getaccessToken

result is api_data empty
code:
https://id.twitch.tv/oauth2/token?client_id=kibma1m0y8vlyqal82yn8f2exsknrs&client_secret=REMOVED&code=REMOVE&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%2Feasycodeis_includes%2Flogin.php

Admin: removed leaked client secret

BarryCarlyon · January 8, 2021, 6:18pm

Please do not leak your client secret, it’s a violation of the developer agreement and considered a password.

Do you have any code you are using? Just a URL doesn’t tell us much

rinato · January 8, 2021, 6:30pm

BarryCarlyon · January 8, 2021, 6:34pm

Seems “correct”

So you’ll need to add some error catching/testing the HTTP response/status code

For a user access token my PHP example might help

github.com

BarryCarlyon/twitch_misc/blob/master/authentication/user_access_generator/php/index.php#L38


    session_destroy();
    header('Location: /');

    exit;
} else if (isset($_GET['code']) && $_GET['code']) {
    // we have a code on the address line so lets parse and exchange

    // validate the state/nonce
    if (isset($_SESSION['nonce']) && isset($_GET['state']) && $_SESSION['nonce'] == $_GET['state']) {
        // lets exchange the code for an access token
        $ch = curl_init('https://id.twitch.tv/oauth2/token');
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, array(
            'client_id' => CLIENT_ID,
            'client_secret' => CLIENT_SECRET,
            'code' => $_GET['code'],
            'grant_type' => 'authorization_code',
            'redirect_uri' => REDIRECT_URI
        ));

is the relevant snippet for converting a code to an access token