CODEWITHSUNDEEP
phptwitteroperatwitter-oauth
mintobit
mintobit

Reputation: 2383

Twitter OAuth 1.0. Opera redirection failure

I'm currently working on the website. There will be several types of authorization, and one of them is "via Twitter". I'm using TwitterOAuth Library by Abraham Williams. I'll try to explain how the script below works:

  1. When you hit "Log in" button at index.php the popup window(login.php) opens and asks to authorize the application to work with your twitter account
  2. When submitted, it is redirected to api.twitter.com with "access token" in $_GET parameter.
  3. Then twitter authorizes that "token", and returns to callback URL, which is defined in the settings of a twitter application.

It works perfect, except opera has problems when redirecting from api.twitter.com to callback URL. It just seems that redirect isn't performed at all.

Here are the sources:

index.php

<?php
session_start();
session_destroy();
 ?>
<!DOCTYPE html>
<html>

    <head>

        <meta charset="utf-8" />
        <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
        <script type="text/javascript">
        function popup(url)
        {
            var addr = document.location.href.replace('index.php','');
            popUpObj = window.open(addr + url, 'Twitter', 'width=700,height=600,menubar=yes,status=yes');

        }

        function transferdata(data)
            {
                if (data.screen_name)
                {
                    (elem = document.getElementById('tw-login')).parentNode.removeChild(elem);
                    document.getElementById('menu').innerHTML = 'Hello, ' + data.screen_name;
                }
                else
                    document.getElementById('menu').innerHTML = 'Twitter didn\'t authorize you :(';
            }
        </script>
        <style type="text/css">

        #tw-login
        {
            display: block;
            background-color: #ccc;
            text-align: center;
            font-family: "Trebuchet MS", Vernanda, serif;
            color: #fff;
            margin: 5px;
            padding: 4px 6px;
            text-decoration: none;
            width: 80px;
        }
        #tw-logout
        {
            display: block;
            background-color: #ccc;
            text-align: center;
            font-family: "Trebuchet MS", Vernanda, serif;
            color: #fff;
            margin: 5px;
            padding: 4px 6px;
            text-decoration: none;
            width: 80px;
        }

        </style>

    </head>

    <body>
        <a id="tw-login" href="" onclick="popup('login.php');">Log in</a>
        <a id="tw-logout" href="session_clear.php">Log out</a>
        <div id="menu">

        </div>      
    </body>
</html>

login.php

<?php
session_start();
include 'twitteroauth/twitteroauth.php';
define('TWITTER_KEY', '*******');
define('TWITTER_KEY_SECRET', '*******');


$twitteroauth = new TwitterOAuth(TWITTER_KEY, TWITTER_KEY_SECRET);
$requestToken = $twitteroauth->getRequestToken();
$_SESSION['oauth_token'] = $requestToken['oauth_token'];
$_SESSION['oauth_token_secret'] = $requestToken['oauth_token_secret'];

if($twitteroauth->http_code == 200)
{
    $url = $twitteroauth->getAuthorizeURL($requestToken['oauth_token']);
    header('Location: ' . $url);
}
else
{ 
    die('Something wrong happened.');  
}

callback.php

<?php
session_start();
include 'twitteroauth/twitteroauth.php';
define('TWITTER_KEY', '*******');
define('TWITTER_KEY_SECRET', '*******');

if (!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret']))
{
    $twitteroauth = new TwitterOAuth(TWITTER_KEY, TWITTER_KEY_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
    $accessToken = $twitteroauth->getAccessToken($_GET['oauth_verifier']);
    $_SESSION['access_token'] = $accessToken;
    $userinfo = $twitteroauth->get('account/verify_credentials');
}
else
    header('Location: login.php');

?>
<!DOCTYPE html>
<html>
    <head>

        <meta charset="utf-8">
        <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
        <script type="text/javascript">
        $(document).ready(SendToMain());

        function SendToMain()
        {
            if(window.opener != null || !window.opener.closed)
            {
                window.opener.transferdata(<?php echo json_encode($userinfo); ?>);
                window.close();
            }
        }
        </script>

    </head>

    <body>
    </body>
</html>

session_clear.php

<?php
session_start();
session_destroy();
header('Location: index.php');

Upvotes: 0

Views: 502

Answers (2)

Rabotyahoff
Rabotyahoff

Reputation: 74

Your redirect URI doesn't use ssl. To resolve this problem use an https instead.

Upvotes: 1

Sinthia V
Sinthia V

Reputation: 2093

You have to send some browsers a status code like 301 or 303 before they will redirect. Try something like this:

header("Status: 303");
header("Location: /home.php");
exit;

Upvotes: 0

Related Questions