Mercurial Mercurial > tweet_live / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
web/callback.php
author Nicolas Sauret <nicolas.sauret@iri.centrepompidou.fr>
Thu, 16 Apr 2015 13:55:11 +0200
changeset 1222 8f3e355b94b9
parent 849 973a136cfbd0
child 1427 8b3d57a519eb
permissions -rwxr-xr-x
new stream url for bpi ludique

<?php
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
/**
 * include some common code (like we did in the 90s)
 * People still do this? ;)
 */
include_once 'common.php';
if(!isset($_REQUEST['rep'])) {
	$rep = $C_default_rep;
}
else {
	$rep = $_REQUEST['rep'];
}


/**
 * Someone's knocking at the door using the Callback URL - if they have
 * some GET data, it might mean that someone's just approved OAuth access
 * to their account, so we better exchange our current Request Token
 * for a newly authorised Access Token. There is an outstanding Request Token
 * to exchange, right?
 */
if (!empty($_GET) && isset($_SESSION['TWITTER_REQUEST_TOKEN'])) {
    $token = $consumer->getAccessToken($_GET, unserialize($_SESSION['TWITTER_REQUEST_TOKEN']));
    $_SESSION['TWITTER_ACCESS_TOKEN'] = serialize($token);

    /**
     * Now that we have an Access Token, we can discard the Request Token
     */
    $_SESSION['TWITTER_REQUEST_TOKEN'] = null;

    /**
     * With Access Token in hand, let's try accessing the client again
     */
    header('Location: ' . ( isset($_SESSION['TWITTER_REDIRECT_URL']) ? $_SESSION['TWITTER_REDIRECT_URL'] : ( URL_ROOT . "$rep/client.php" ) ) );
} else {
    /**
     * Mistaken request? Some malfeasant trying something?
     */
    exit('Invalid callback request. Oops. Sorry.');
}
tweet_live