if (isset($_GET['code'])) { //make request to exchange code for an access token $token = $ppaccess->get_access_token(); echo "<h1>Token</h1>"; print_r($token); //use access token to get user profile $profile = $ppaccess->get_profile(); echo "<h1>User Profile</h1>"; print_r($profile); //make request to refresh an expired access token $refreshed = $ppaccess->refresh_access_token(); echo "<h1>Refreshed Token</h1>"; print_r($refreshed); //validate the id token and provide back validation object $verify = $ppaccess->validate_token(); echo "<h1>Token Validation</h1>"; print_r($verify); //log the user out $ppaccess->end_session(); //if the code parameter is not available, the user should be pushed to auth } else { //handle case where there was an error during auth (e.g. the user didn't log in / refused permissions / invalid_scope) if (isset($_GET['error_uri'])) { echo "error"; //this is the first time the user has come to log in } else { //get auth url and redirect user browser to PayPal to log in $url = $ppaccess->get_auth_url(); header("Location: {$url}"); } }