-
- // note: not testing the HTTP response codes,
- // since we don't care too much as logging out
- curl_close($ch);
- }
-
- session_destroy();
- header('Location: /');
-
- exit;
- } else if (isset($_GET['code']) && $_GET['code']) {
- // we have a code on the address line so lets parse and exchange
-
- // validate the state/nonce
- if (isset($_SESSION['nonce']) && isset($_GET['state']) && $_SESSION['nonce'] == $_GET['state']) {
- // lets exchange the code for an access token
- $ch = curl_init('https://id.twitch.tv/oauth2/token');
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS, array(
- 'client_id' => CLIENT_ID,