[Symfony 2.8] Oauth Twitch doesn't working :(

Hello guys!

I’m very new in API and also as developers :confused: At first I try to find the answer on the forum and google without success :frowning:

I would like to add Twitch to my website with the New API.
My first step was to read the Documentation regarding API & Authentification Guide and then the Code samples available here: https://dev.twitch.tv/get-started
As I using Symfony 2.8, I took the PHP code which I adapted for Symfony as below (I’m really sorry to put my code like that):

My Twig view:

 <div class="tab-pane fade" id="stream">
                {{ render(controller('ISUStreamBundle:Stream:twitchConnexion') }}

My Controller:

 * @Route("/account_authorization/twitch", options={"expose"=true}, name="twitch_account_oauth")
public function twitchConnexionAction(Request $request)
		$provider = new TwitchProvider([
	    'clientId'                => 'XXX',     // The client ID assigned when you created your application
	    'clientSecret'            => 'XXXX', // The client secret assigned when you created your application
	    'redirectUri'             => 'XXXX',  // Your redirect URL you specified when you created your application
	    'scopes'                  => ['user_read']                // The scopes you would like to request 
		$session = $this->get('session');
		// If we don't have an authorization code then get one
		if (!isset($request->query->get('code')) {
		    // Fetch the authorization URL from the provider, and store state in session
		    $authorizationUrl = $provider->getAuthorizationUrl();
		    $session->set('oauth2state', $provider->getState()); 
		    // Display link to start auth flow
		   return $this->render('ISUStreamBundle:Buttons:twitch.html.twig', ['authorizationUrl' => $authorizationUrl]);
		// Check given state against previously stored one to mitigate CSRF attack
		} elseif (empty($request->query->get('state')) || (isset($session->get('oauth2state')) && $request->query->get('state') !== $session->get('oauth2state'))) {
		    if (isset($session->get('oauth2state'))) {
		    return $this->render('ISUStreamBundle:error.html.twig');
		} else {
		    try {
		        // Get an access token using authorization code grant.
		        $accessToken = $provider->getAccessToken('authorization_code', [
		            'code' => $request->query->get('code')
		        // Using the access token, get user profile
		        $resourceOwner = $provider->getResourceOwner($accessToken);
		        $user = $resourceOwner->toArray();
		        echo '<html><table>';
		        echo '<tr><th>Access Token</th><td>' . htmlspecialchars($accessToken->getToken()) . '</td></tr>';
		        echo '<tr><th>Refresh Token</th><td>' . htmlspecialchars($accessToken->getRefreshToken()) . '</td></tr>';
		        echo '<tr><th>Username</th><td>' . htmlspecialchars($user['display_name']) . '</td></tr>';
		        echo '<tr><th>Bio</th><td>' . htmlspecialchars($user['bio']) . '</td></tr>';        
		        echo '<tr><th>Image</th><td><img src="' . htmlspecialchars($user['logo']) . '"></td></tr>';
		        echo '</table></html>';
		        // You can now create authenticated API requests through the provider.
		        //$request = $provider->getAuthenticatedRequest(
		        //    'GET',
		        //    'https://api.twitch.tv/kraken/user',
		        //    $accessToken
		    } catch (Exception $e) {
		        return $this->render('ISUStreamBundle:error.html.twig',[


My issue is when I call my controller I got an error 500 from server without information (no symfony debugger, no console message, etc.)

Could you help me please?

Thanks in advanced.
Fabien “Xutyr” C.

Check the webserver’s error-log if something’s in there that indicates what the problem is.

Also double check you’re actually running Symfony in the “dev” environment, i.e. in vanilla setups you call the app_dev.php rather than the app.php to access your application (you can either call it directly in the URL or change the rewrite in the .htaccess).

Hello Hellcat,
Sorry for the delay of my answer and thank you for your answer it’s help me a lot.

But now I have an issue “Error 500 not found” with the sample code deliver on Twitch gitHub:
throw new IdentityProviderException($error, $code, $data);

I try to use the new API so I changed data from the TwitchProvider.php as below in order to follow the new API recommendation.


namespace ISU\StreamBundle\Provider;

use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
use Psr\Http\Message\ResponseInterface;
use League\OAuth2\Client\Provider\AbstractProvider;
use League\OAuth2\Client\Provider\GenericResourceOwner;

class TwitchProvider extends AbstractProvider

    use BearerAuthorizationTrait;
    private $urlAuthorize;
    private $urlAccessToken;
    private $urlResourceOwnerDetails;
    private $accessTokenMethod;
    private $accessTokenResourceOwnerId;
    private $scopeSeparator;
    private $scopes = null;
    private $responseError = 'error';
    private $responseCode;
    private $responseResourceOwnerId;
    public function __construct(array $options = [])
        $possible   = $this->getConfigurableOptions();
        $configured = array_intersect_key($options, array_flip($possible));
        foreach ($configured as $key => $value) {
            $this->$key = $value;
        // Remove all options that are only used locally
        $options = array_diff_key($options, $configured);
    protected function getConfigurableOptions()
        return ['accessTokenMethod',
    public function getBaseAuthorizationUrl()
        return 'https://id.twitch.tv/oauth2/authorize';
    public function getBaseAccessTokenUrl(array $params)
        return 'https://id.twitch.tv/oauth2/token';
    public function getResourceOwnerDetailsUrl(AccessToken $token)
        return 'https://api.twitch.tv/helix/user';
    public function getDefaultScopes()
        return $this->scopes;
    protected function getScopeSeparator()
        return ' ';
    protected function checkResponse(ResponseInterface $response, $data)
        if (!empty($data[$this->responseError])) {
            $error = $data[$this->responseError];
            $code  = $this->responseCode ? $data[$this->responseCode] : 0;
            throw new IdentityProviderException($error, $code, $data);
    protected function createResourceOwner(array $response, AccessToken $token)
        return new GenericResourceOwner($response, $this->responseResourceOwnerId);
    protected function getDefaultHeaders()
        return [];
    protected function getAuthorizationHeaders($token = NULL)
        return ['Authorization' => 'Bearer '.$token];

I don’t understand what I doing wrong :frowning:.

Thanks again @Hellcat!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.