$api = new OAuthClient(new EccServiceProvider(), $consumer);
/* Two possible conditions: either we're returning from the authorize request or not */
/* Callback from authorize? */
if (!(isset($_SESSION['request_token']) && isset($_GET['oauth_verifier']))) {
/* No, we have no access token, we need to get one by generating a request token then
asking the user to authorize it */
/* Get request token */
$request_token = $api->getRequestToken($ECC_ACCESS, $APP_CALLBACK_URL);
#print_r($request_token); # Useful if you're not sure you've got one
$_SESSION['request_token'] = serialize($request_token);
/* Redirect user to authorize URL (in this case, it'll be somewhere on entrecredits.com) */
header("Location: " . $api->getAuthorizeUrl($request_token));
die;
} else {
/* Yep, callback, so we're authorized and we can trade our request token for an access token */
$request_token = unserialize($_SESSION['request_token']);
$access_token = $api->getAccessToken($request_token, $_GET['oauth_verifier']);
/* Put access token into session. It's all we need now */
$_SESSION['access_token'] = serialize($access_token);
/* Redirect to cointoss game, now with access token */
header('Location: ' . $APP_CALLBACK_URL);
die;
}
}
