The implicit grant flow you are using cannot be used with cURL as the authorization hand shake is taking place entirely within your users browser. First you to present the kraken/oauth2/authorize URL to your end user via a link or redirect and so they can choose to allow or deny your app in their browser. If they allow it will then redirect back to your redirect url with the token in the URL hash (which is inaccessible to a PHP script).
If you are going to be using PHP you will want to use the Authorization code flow as described here: https://github.com/justintv/Twitch-API/blob/master/authentication.md#authorization-code-flow which add and additional step which you will use cURL for.