Twitter API - saving OAuth token in session
我正在尝试找到一种方法,以便在使用OAuth授权后保持与Twitter API的连接,但遇到了问题。
当尝试使用会话或数据库中保存的Oauth令牌连接到Twitter API时,得到
有没有办法做到这一点?我不希望我的应用程序的用户每次都必须通过Twitter登录。当然,一旦他们对我的应用程序进行了一次授权,就足够了吗?
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 | $consumer_key = 'consumerkey'; $consumer_secret = 'consumersecret'; $twitterObj = new EpiTwitter($consumer_key, $consumer_secret); if (isset($_GET['oauth_token'])){ $oauth_token = $_GET['oauth_token']; } else if ($_SESSION['oauth_token']){ $oauth_token = $_SESSION['oauth_token']; echo $_SESSION['oauth_token']; } else { //see if authorisation already set up in DB $query = mysql_query("SELECT oauth_token FROM PingSocialMediaUsers WHERE oauth_provider = 'twitter' AND clientID = '$clientID'"); $result = mysql_fetch_row($query); $oauth_token = $result[0]; } if($oauth_token == ''){ $url = $twitterObj->getAuthorizationUrl(); $twitter_login = $url; } else { $twitterObj->setToken($oauth_token); $token = $twitterObj->getAccessToken(); $twitterObj->setToken($token->oauth_token, $token->oauth_token_secret); $_SESSION['oauth_token'] = $token->oauth_token; $_SESSION['oauth_secret'] = $token->oauth_token_secret; $twitterInfo= $twitterObj->get_accountVerify_credentials(); $twitterInfo->response; echo $twitterInfo->response['error']; //echo '[cc]'; //print_r($twitterInfo); $id = $twitterInfo->id; $username = $twitterInfo->screen_name; //add to details database //find the user by ID if ($id != ''){ $query = mysql_query("SELECT * FROM PingSocialMediaUsers WHERE oauth_provider = 'twitter' AND oauth_uid = '$id'"); $result = mysql_fetch_array($query); // If does not exist add to database if(empty($result)){ $query = mysql_query("INSERT INTO PingSocialMediaUsers (oauth_provider, oauth_uid, username, oauth_token, oauth_secret) VALUES ('twitter', {$id}, '{$username}', '{$_SESSION['oauth_token']}', '{$_SESSION['oauth_secret']}')"); $query = mysql_query("SELECT * FROM PingSocialMediaUsers WHERE id =" . mysql_insert_id()); $result = mysql_fetch_array($query); } else { //update the tokens $query = mysql_query("UPDATE PingSocialMediaUsers SET oauth_token = '{$_SESSION['oauth_token']}', oauth_secret = '{$_SESSION['oauth_secret']}' WHERE oauth_provider = 'twitter' AND oauth_uid = {$id}"); } $_SESSION['id'] = $result['id']; $_SESSION['username'] = $result['username']; $_SESSION['oauth_uid'] = $result['oauth_uid']; $_SESSION['oauth_provider'] = $result['oauth_provider']; $_SESSION['oauth_token'] = $result['oauth_token']; $_SESSION['oauth_secret'] = $result['oauth_secret']; } $twitterAuth = TRUE; } |
我相信您正在谈论的是
这是他们在官方开发人员页面上所说的
1 2 3 4 5 | We do not currently expire access tokens. Your access token will be invalid if a user explicitly rejects your application from their settings or if a Twitter admin suspends your application. If your application is suspended there will be a note on your application page saying that it has been suspended. |
因此,您可以很好地将该令牌存储在数据库中,并且可以始终在以后使用。
这里是对API页面的引用
Twitter OAuth常见问题解答
因此,我建议您确保不更改任何应用程序设置,并且从会话/数据库获取有效的access_token。