use Medical\OAuth\Client; // create the 360 client to handle API/OAuth calls $client = new Client(array('clientId' => CLIENT_ID, 'clientSecret' => CLIENT_SECRET, 'redirectUri' => REDIRECT_URI)); // set production url $client->setApiUrl('//beta.360medical.fr/app_dev.php'); /** * Start your own logic */ $session = new Session(); $myStorage = new DatabaseConnection(DB_HOST, DB_USER, DB_PASS, DB_NAME); // sent by OAuth, you should know that $state = $_GET['state']; // personal state $code = $_GET['code']; // follow the OAuth protocol and get an access token and a refresh token if ($client->authorizationCodeCaught()) { // make the next OAuth call to get those tokens (crendentials) $response = $client->getCredentials(); if ($response->getCode() !== 200) { throw new \Exception(sprintf("An OAuth error occured: %s", $response->getErrorMessage())); } // now merge or create our user if it does not exist ! // $appUser = $myStorage->getUser($session->getUserId()); $mediUser = $client->getUser(); $appUser = $myStorage->getUserByUsername($mediUser->email); // i chose to merge by email/username if ($appUser) { // my user alreay exists ! // I just have to connect him to my app and update his tokens if they are expired $myStorage->updateUserCredentials($appUser->id, array('access_token' => $client->getAccessToken(), 'refresh_token' => $client->getRefreshToken(), 'expires_in' => $client->getTokenLifeDuration())); $session->setUserId($appUser->id);