Hello, I am wondering if someone could double check if this looks correct. In testing, when I first land on my redirected page and have the auth code and the scope, I don’t seem to be able to request the auth token (both of my console.logs are an empty string). If I refresh the page I get invalid auth displayed in my logs, which through some debugging I found out the auth code has changed. So I handle it by redirecting to the Twitch page which returns me back with an updated auth code (which instantly becomes in valid again).
Is the auth code supposed to be changing instantly, is it something here in my code that’s causing it to be updated and making my token requests fail?
Thanks
UPDATE: So, I just added this:
var json = '<? echo $oauthResult ?>';
console.log($.parseJSON(json));
and I can see the token. Is $oath not echoing the token correctly or is there an issue with my access of it in the PHP?
<?php $uri = "https://api.twitch.tv/kraken/oauth2/authorize?response_type=code"; $redirect = [redirect setting in my app] $client_id = [id setting in my app]; $scope = "channel_subscriptions"; $authURI = $uri . "&client_id=" . $client_id . "&redirect_uri=" . $redirect . "&scope=" . $scope; $code = $_GET['code']; $authPostBody = "client_id=" . $client_id . "client_secret=". $client_secret . "&redirect_uri=" . $redirect . "&code=" . $code; if ($_SERVER['REQUEST_METHOD'] == "GET") { if (!empty($code)) { $uri = "https://api.twitch.tv/kraken/oauth2"; $client_id = "[id setting in my app]"; $client_secret = "[secret setting in my app]"; $redirect = "[redirect setting in my app]"; $params = array( 'client_id' => $client_id, 'client_secret' => $client_secret, 'grant_type' => 'authorization_code', 'redirect_uri' => $redirect, 'code' => $code ); $oauthResult = post_url_contents("https://api.twitch.tv/kraken/oauth2/token", $params); $json_decoded_oauthResult = json_decode($oauthResult, true); $oauth = $json_decoded_oauthResult['access_token']; $error = $json_decoded_oauthResult['error']; $message = $json_decoded_oauthResult['message']; } } function get_url_contents($url){ $crl = curl_init(); $timeout = 5; curl_setopt ($crl, CURLOPT_URL,$url); curl_setopt ($crl, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($crl, CURLOPT_CONNECTTIMEOUT, $timeout); $ret = curl_exec($crl); curl_close($crl); return $ret; } function post_url_contents($url, $fields) { foreach($fields as $key=>$value) { $fields_string .= $key.'='.urlencode($value).'&'; } rtrim($fields_string, '&'); $crl = curl_init(); $timeout = 5; curl_setopt($crl, CURLOPT_URL,$url); curl_setopt($crl,CURLOPT_POST, count($fields)); curl_setopt($crl,CURLOPT_POSTFIELDS, $fields_string); curl_setopt ($crl, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($crl, CURLOPT_CONNECTTIMEOUT, $timeout); $ret = curl_exec($crl); curl_close($crl); return $ret; } ?><script>
console.log("<? echo $oath . $error ?>");
console.log("<? echo $message ?>");
</script>