$api = new OAuthClient(new EccServiceProvider(), $consumer); /* Two possible conditions: either we're returning from the authorize request or not */ /* Callback from authorize? */ if (!(isset($_SESSION['request_token']) && isset($_GET['oauth_verifier']))) { /* No, we have no access token, we need to get one by generating a request token then asking the user to authorize it */ /* Get request token */ $request_token = $api->getRequestToken($ECC_ACCESS, $APP_CALLBACK_URL); #print_r($request_token); # Useful if you're not sure you've got one $_SESSION['request_token'] = serialize($request_token); /* Redirect user to authorize URL (in this case, it'll be somewhere on entrecredits.com) */ header("Location: " . $api->getAuthorizeUrl($request_token)); die; } else { /* Yep, callback, so we're authorized and we can trade our request token for an access token */ $request_token = unserialize($_SESSION['request_token']); $access_token = $api->getAccessToken($request_token, $_GET['oauth_verifier']); /* Put access token into session. It's all we need now */ $_SESSION['access_token'] = serialize($access_token); /* Redirect to cointoss game, now with access token */ header('Location: ' . $APP_CALLBACK_URL); die; } }