Mercurial Mercurial > tweet_live / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
web/callback.php
changeset 99 6cb4d10f0b8b
child 207 621fa6caec0c 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/web/callback.php	Wed Apr 06 16:26:16 2011 +0200
@@ -0,0 +1,34 @@
+<?php
+
+/**
+ * include some common code (like we did in the 90s)
+ * People still do this? ;)
+ */
+include_once './common.php';
+
+/**
+ * Someone's knocking at the door using the Callback URL - if they have
+ * some GET data, it might mean that someone's just approved OAuth access
+ * to their account, so we better exchange our current Request Token
+ * for a newly authorised Access Token. There is an outstanding Request Token
+ * to exchange, right?
+ */
+if (!empty($_GET) && isset($_SESSION['TWITTER_REQUEST_TOKEN'])) {
+    $token = $consumer->getAccessToken($_GET, unserialize($_SESSION['TWITTER_REQUEST_TOKEN']));
+    $_SESSION['TWITTER_ACCESS_TOKEN'] = serialize($token);
+
+    /**
+     * Now that we have an Access Token, we can discard the Request Token
+     */
+    $_SESSION['TWITTER_REQUEST_TOKEN'] = null;
+
+    /**
+     * With Access Token in hand, let's try accessing the client again
+     */
+    header('Location: ' . URL_ROOT );
+} else {
+    /**
+     * Mistaken request? Some malfeasant trying something?
+     */
+    exit('Invalid callback request. Oops. Sorry.');
+}
tweet_live