OAuth callback with php, what am I doing wrong?

Hello.
I’m trying to create a PHP callback script for OAuth authorization:

<?php
	$client_id = 'MYCLIENTID';
	$client_secret = 'ACLIENTSECRET';
	$redirect_uri= "http://plox.nu/oauth/callback.php";
	$authorization_code = $_GET['code'];
	$url = '[https://id.twitch.tv/oauth2/token'](https://id.twitch.tv/oauth2/token');

	$data = array(
		'client_id' => $client_id,
		'client_secret' => $client_secret,
		'redirect_uri' => $redirect_uri,
		'code' => $authorization_code
	);

	$options = array(
		'http' => array(
			'header'  => "Content-type: application/json\r\n",
			'method'  => 'POST',
			'content' => json_encode($data)
		)
	);
	$context = stream_context_create($options);
	$result = file_get_contents($url, false, $context);

	var_dump($context);

However I only get Error 500’s when trying it out. Anyone see the error?

Your URL is malformed

$url = 'https://id.twitch.tv/oauth2/token';

You you should be using cURL not file_get_contents. FGC is normally blocked from making HTTP requests on most providers for security reasons

Provides a PHP example

Line 38 onwards specifically

Apparently $_GET[‘code’] is not set when falling to the callback. How can I try to trace the cause of this?
My authorization link:
https://id.twitch.tv/oauth2/authorize?client_id=<myid>&redirect_uri=http://plox.nu/oauth/callback.php&response_type=force_verify&scope=bits:read

The URL it redirects to is clean without any arguments. If I deny access then it will give me an error, but not if I allow it.

Your response_type is force_verify

it should be code for this example

Line 27 of this example shows a URL being constructed.

ClientID’s are public there is no need to hide this

Should be

https://id.twitch.tv/oauth2/authorize?client_id=<myid>&redirect_uri=http://plox.nu/oauth/callback.php&response_type=code&scope=bits:read

You can optionally add

https://id.twitch.tv/oauth2/authorize?client_id=<myid>&redirect_uri=http://plox.nu/oauth/callback.php&response_type=code&scope=bits:read&force_verify=true

if you need Force Verify

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.