I took a look at my working code now that I have access to it and it seems I was incorrect earlier about the data needing to be GET params like the docs say (I’m not even sure GET params work, maybe @DallasNChains can confirm).
Working code I have tucked away:
function api_call(string $url, array $data = []) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POST, 1);
$postdata = http_build_query($data);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
$output = curl_exec($ch);
$e = curl_error($ch);
if ($e) {
die('FATAL ERROR');
}
curl_close($ch);
return $output;
}
if (array_key_exists('code', $_GET)) {
$oauth_info = api_call('https://api.twitch.tv/kraken/oauth2/token', [
'client_id' => $CLID,
'client_secret' => $SECRET,
'grant_type' => 'authorization_code',
'redirect_uri' => urldecode($REDIRURI), // my $REDIRURI is stored urlencoded due to being used that way more times
'code' => $_GET['code']
]);
$oauth = json_decode($oauth_info, true);
}