I'm working with twitter oauth and am having issues with twitter demanding me to authorize the usage of the application even if i have already authorized the application. For example, i authorize the usage of the application, log out, and then go to the login for twitter it asks me again for authorization of the usage of the application. Note my question is in regards to keeping me to authorize the application not the authentication area i imagine once the authorization issue is fixed the authentication of twitter will work.
The flow should be:
1./ User authorizes with twitter.
2./ Twitter sends to callback
3./ Callback performs database interaction for saving user and authenticating user with application
4./ Callback redirects to homepage
5./ User logs out of application (all session data destroyed)
6./ User re-logs in with twitter, and twitter should not reauthorize but recognize the user and redirect to application which should authenticate somehow from twitter possibly matching oauth tokens from a database?
Not sure if this is applicable, but if i even go to twitter login just after doing the authorization, it still asks me to reauthorize
Here's my code:
twitter login code
use Abraham\TwitterOAuth\TwitterOAuth;
$connection = new TwitterOAuth(twitter_apikey,twitter_apisecret);
$request_token= $connection->oauth('oauth/request_token', array('oauth_callback' => "https://example.com/twittercallback"));
$_SESSION['oauth_token']=$request_token['oauth_token'];
$_SESSION['oauth_token_secret']=$request_token['oauth_token_secret'];
$url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));
header('Location: '. $url);
And here's my callback code:
use Abraham\TwitterOAuth\TwitterOAuth;
$oauth_access_token = $_SESSION['oauth_token'];
$oauth_access_token_secret = $_SESSION['oauth_verifier'];
$connection = new TwitterOAuth(twitter_apikey,twitter_apisecret,$oauth_access_token , $oauth_access_token_secret );
$access_token = $connection->oauth('oauth/access_token', array('oauth_verifier' => $_REQUEST['oauth_verifier'], 'oauth_token'=> $_GET['oauth_token']));
$connection = new TwitterOAuth(twitter_apikey,twitter_apisecret, $access_token['oauth_token'], $access_token['oauth_token_secret']);
$user_info = $connection->get('account/verify_credentials',['include_email'=>'true']);
$oauth_token = $access_token['oauth_token'];
$oauth_token_secret = $access_token['oauth_token_secret'];
print "<pre>".print_r($user_info,true)."</pre>";
You need to redirect the user to https://api.twitter.com/oauth/authenticate instead of https://api.twitter.com/oauth/authorize
https://developer.twitter.com/en/docs/basics/authentication/api-reference/authenticate.html
Change this line
$url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));
to
$url = $connection->url("oauth/authenticate", array("oauth_token" => $request_token['oauth_token']));