Getting boolean false from Twitch Authentication

Good morning,

I’m trying to make an authentication system for a website using Twitch API. I am developing following the OAuth Authorization Code Flow method. I can get a code but no access token nor refresh token, just a false boolean. I am currently working in localhost. Please find down below my code for the connection with the authentication part. Does any one has any idea of what I am missing?

image731×700 29.8 KB

CocoMCLive

Your code looks correct.

But since it’s a screenshot I can’t copy and paste it to test it.

The http_build_query is redundant but that won’t have caused a boolean return.

Comparing your code to my code example

I don’t see anything obviously wrong. But again, screenshot, I can’t copy and paste it to test.

Sorry here you can find my code in plain text:

<?php

namespace App;

class TwitchApi

{

    private $client;

    private $secret;

    private $redirect;

    public function __construct(string $client, string $secret, string $redirect)

    {

        $this->client = $client;

        $this->secret = $secret;

        $this->redirect = $redirect;

    }

    public function get_tokens(string $code)

    {

        $link = "https://id.twitch.tv/oauth2/token";

        $handle = curl_init($link);

        curl_setopt($handle, CURLOPT_POST, 1);

        curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);

        curl_setopt($handle, CURLOPT_POSTFIELDS, array(

            'client_id' => $this->client,

            'client_secret' => $this->secret,

            'grant_type' => 'authorization_code',

            'redirect_uri' => $this->redirect,

            'code' => $code

        ));

        $response = curl_exec($handle);

        curl_close($handle);

        return $response;

    }

}

I did check with the link you sent and the only thing that is changing is the use of curl_getinfo() (apart from the http_build_query).

Your code tests fine for me.

I ran

$tw = new TwitchApi('ValidClientID', 'ValidSecret', 'RedirectForThisClient');
$r = $tw->get_tokens('A Code');

print_r($r);

And was returned

{"access_token":"REDACTED","refresh_token":"REDACTED","token_type":"bearer"}

Note: no expires_in as it was a legacy clientID tested with

Under PHP 7.2.24 on the machine tested on

I was working on PHP 7.3.12. I tried with PHP 7.2.2 but it is still not working. I do have the same false bolean from the API. Can it come from the curl extension of my server?

PHP version shouldn’t be a factor, as it will enforce a specific version of the cURL module anyway.

You could try adding a

$info = curl_getinfo($handle);
print_r($info);

Before the curl_close

It might be that for whatever reason your PHP install can’t communicate with the internet.

Or this could be a SSL error (since we didn’t do a HTTP Code check)
SSL error could be: SSL local Cert bundle missing or out of date.
Your server clock is out too far and can’t verify the connection.

The output of curl_getinfo should provide more information.

It’s also a good idea to do HTTP Code checking whenever you do a request, rather than blindly bassing back the response.

So here: twitch_misc/index.php at main · BarryCarlyon/twitch_misc · GitHub

        // fetch the data
        $r = curl_exec($ch);
        // get the information about the result
        $i = curl_getinfo($ch);
        // close the request
        curl_close($ch);

        if ($i['http_code'] == 200) {
            $token = json_decode($r);

            // always a good idea to check the JSON parsed correctly
            if (json_last_error() == JSON_ERROR_NONE) {

I check the HTTP Code and I check ifthe JSON actually decoded as expected

Got these info out of curl_getinfo() and it seems like nothing has been sent to the API.

'url' => <small>string</small> 'https://id.twitch.tv/oauth2/token' *(length=33)* 
'content_type' => null 
'http_code' => <small>int</small> 0 
'header_size' => <small>int</small> 0 
'request_size' => <small>int</small> 0 
'filetime' => <small>int</small> -1 
'ssl_verify_result' => <small>int</small> 20 
'redirect_count' => <small>int</small> 0 
'total_time' => <small>float</small> 0.352456 
'namelookup_time' => <small>float</small> 0.002892 
'connect_time' => <small>float</small> 0.17586 
'pretransfer_time' => <small>float</small> 0 
'size_upload' => <small>float</small> 0 
'size_download' => <small>float</small> 0 
'speed_download' => <small>float</small> 0 
'speed_upload' => <small>float</small> 0 
'download_content_length' => <small>float</small> -1 
'upload_content_length' => <small>float</small> -1
'starttransfer_time' => <small>float</small> 0
'redirect_time' => <small>float</small> 0 
'redirect_url' => <small>string</small> '' *(length=0)* 
'primary_ip' => <small>string</small> 'XX.XX.XXX.XXX' *(length=13)* 
'certinfo' => **array** *(size=0)* *empty* 
'primary_port' => <small>int</small> 443 
'local_ip' => <small>string</small> 'XXX.XXX.XX.XX' *(length=12)* 
'local_port' => <small>int</small> 52586`

Then looks like something is blocking the outbound curl request from your system.

You can try running curl on the command line to debug.
Or verbosify the PHP curl call and see what you get back

By using curl_error, it can not get access to a valid SSL certificate. I will regenerate one.

You don’t need to regenerate one.

Your servers cURL bundle is out of date

This may help https://neurotechnics.com/blog/ssl-ca-bundles-for-curl-and-php/

You need to locate cacert.pem on your system and replace it with the file on curl - Extract CA Certs from Mozilla

It did work. Many thanks @BarryCarlyon

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.