} $oauth_response = $request->getResponse()->getOAuthResponse(); setOAuthSession($oauth_response['oauth_token'], $oauth_response['oauth_token_secret']); printf('<a href="%s?oauth_token=%s">Click here to Authorize</a>', $xero->getAuthorizeURL(), $oauth_response['oauth_token']); exit; } elseif (isset($oauth_session['session_handle']) && !isset($oauth_session['expires'])) { // If session is expired refresh the token $url = new URL($xero, URL::OAUTH_ACCESS_TOKEN); $request = new Request($xero, $url); $request->setParameter('oauth_token', $oauth_session['token']); $request->setParameter('oauth_session_handle', $oauth_session['session_handle']); $request->send(); $oauth_response = $request->getResponse()->getOAuthResponse(); $expires = time() + intval($oauth_response['oauth_expires_in']); setOAuthSession($oauth_response['oauth_token'], $oauth_response['oauth_token_secret'], $expires, $oauth_response['oauth_session_handle']); $xero->getOAuthClient()->setToken($oauth_response['oauth_token'])->setTokenSecret($oauth_response['oauth_token_secret']); } else { $xero->getOAuthClient()->setToken($oauth_session['token'])->setTokenSecret($oauth_session['token_secret']); if (isset($_REQUEST['oauth_verifier'])) { $xero->getOAuthClient()->setVerifier($_REQUEST['oauth_verifier']); $url = new URL($xero, URL::OAUTH_ACCESS_TOKEN); $request = new Request($xero, $url); $request->send(); $oauth_response = $request->getResponse()->getOAuthResponse(); $expires = time() + intval($oauth_response['oauth_expires_in']); setOAuthSession($oauth_response['oauth_token'], $oauth_response['oauth_token_secret'], $expires, $oauth_response['oauth_session_handle']); //drop the qs $uri_parts = explode('?', $_SERVER['REQUEST_URI']); //Just for demo purposes header(sprintf('Location: http%s://%s%s', isset($_SERVER['HTTPS']) ? 's' : '', $_SERVER['HTTP_HOST'], $uri_parts[0])); exit;