Twitter OAuth : Invalid or expired token [its NOT duplicate]

2.1k views Asked by At

Before anyone goes in a hurry and mark this question as Duplicate, let me tell you that ITS NOT DUPLICATE

I have already checked similar question like this, this, this and this, but those are all 2 years old and the library has been changed too much since then so those answers are not useful.

So here's the question. I'm using abraham's libraray which can be found here. Below is the code that I'm using:

if(!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret']))
{
    $connection = new TwitterOAuth('MY_CONSUMER_KEY', 'MY_CONSUMER_SECRET', $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);

    $access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));
    $_SESSION['access_token'] = $access_token;

    $user_info = $connection->get("account/verify_credentials");
    print_r($user_info);
}

From the print_r which I did above, I get the result as follows:

stdClass Object ( [errors] => Array ( [0] => stdClass Object ( [code] => 89 [message] => Invalid or expired token. ) ) )

Due to this invalid/expired token I'm not able to get ahead in my work. So I went 1 step back and did:

var_dump($access_token);

The result obtained is:

array(5) { 
   ["oauth_token"]=> string(50) "*********" 
   ["oauth_token_secret"]=> string(45) "*********" 
   ["user_id"]=> string(10) "***My user id****" 
   ["screen_name"]=> string(9) "***My screen name****" 
   ["x_auth_expires"]=> string(1) "0" 
}

Here you see that the last element is ["x_auth_expires"] whose value is 0. I think this element did not appear in the older version of the library. And I suppose this is the thing which is causing the problem.

I tried re-generating my Customer_Key and Customer_Secret, but even that didn't seem to help.

Any kind of help will be appreciated. Thank you.

2

There are 2 answers

2
Rishabh Shah On BEST ANSWER

Finally, I found a solution.

All you need to do is, once you get the callback, initialize the class again with new access token.

$connection = new TwitterOAuth('MY_CONSUMER_KEY', 'MY_CONSUMER_SECRET', $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);

$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));

$connection = new TwitterOAuth('MY_CONSUMER_KEY', 'MY_CONSUMER_SECRET', $access_token['oauth_token'], $access_token['oauth_token_secret']);

I don't know why that works, but it does work like a charm. Found this solution from here.

0
Ahmed Awan On

I have use this in CI callback function

if($this->input->get('denied') != ''){
   /* Remove all token from session  */
   $this->connection = NULL;
   $this->connection = $this->twitteroauth->create($this->config->item('twitter_consumer_token'), $this->config->item('twitter_consumer_secret'));
   $this->session->set_flashdata('account_block_error_msg',"Access denied");
   redirect(base_url('/Sign-in'));
}