I've found this topic so far - Restore Access Token in hybridauth but unfortunately messing around with HAuth sessions restoration is not exactly what I need.
Let's say I'm gonna get access token from outside of my app, but how to substitute and check validity of that inside my app?
"Forging" session data turned tricky enough, but not impossible.
General approach just in case if someone will need it follows.
Facebook:
$ha->restoreSessionData('a:2:{'
.'s:35:"hauth_session.facebook.is_logged_in";'
.'s:4:"i:1;";'
.'s:41:"hauth_session.facebook.token.access_token";'
.'s:'.(6+strlen($atoken)+strlen(strlen($atoken))).':"s:'.strlen($atoken).':"'.$atoken.'";";'
.'}'
);
Twitter:
$ha->restoreSessionData('a:3:{'
.'s:34:"hauth_session.twitter.is_logged_in";'
.'s:4:"i:1;";'
.'s:40:"hauth_session.twitter.token.access_token";'
.'s:'.(6+strlen($atoken)+strlen(strlen($atoken))).':"s:'.strlen($atoken).':"'.$atoken.'";";'
.'s:47:"hauth_session.twitter.token.access_token_secret";'
.'s:'.(6+strlen($secret)+strlen(strlen($secret))).':"s:'.strlen($secret).':"'.$secret.'";";'
.'}'
);