-
Notifications
You must be signed in to change notification settings - Fork 15
OAuth Integration
The Meetup API Client for PHP supports OAuth Authentication. Here's one way to set it up:
To begin, register your client at http://www.meetup.com/meetup_api/oauth_consumers/. This is where you'll get a consumer key and secret, which we'll need for the authentication process.
<?php
# Include the Meetup API Client
require_once('Meetup-API-client-for-PHP/Meetup.php');
# Begin a new session if there isn't an existing one.
if (!session_id()) {
session_start();
}
# If the access token is already stored in the session, we're good.
if (isset($_SESSION['meetup_access_token'])) {
$access_token = $_SESSION['meetup_access_token'];
} else {
# Otherwise, we need to redirect our user to Meetup, where they can give permission to your consumer so act on their behalf.
# Add the client_id your received from setting up your OAuth Consumer
# The redirect URI is where you want your user to be redirected after Meetup confirms that your consumer is valid
MeetupOAuth2Helper::request_auth("<CLIENT ID>", "<REDIRECT URI>");
}
# If the access token was in the session, we're golden. Set up a new connection and we can start querying the API
$connection = new MeetupOAuth2Connection($access_token);So what's happened so far when an unauthenticated user hits your page:
- There's nothing in the session, so we redirect them to Meetup
- Meetup verifies that the current user has given permission for your app to act on his/her behalf
- Meetup redirects that user to the URL specified in the redirect_uri parameter
This is where we set up what happens when the user is redirected to the redirect_uri
<?php
# Include the Meetup API Client
require_once('Meetup-API-client-for-PHP/Meetup.php');
# Begin a new session if there isn't an existing one.
if (!session_id()) {
session_start();
}
# Meetup will always send back a code in the $_GET parameters upon success. This is a one-time code used to get an access token
if(isset($_GET['code'])) {
$code = $_GET['code'];
# Request the access token, passing in your consumer key, secret, and redirect uri, as well as the code we received from Meetup. Optionally, you can also provide a user agent for the cURL request.
$response_obj = MeetupOAuth2Helper::request_access_token(array(
"client_id" => "<CLIENT ID>",
"client_secret" => "<CLIENT SECRET>",
"redirect_uri" => "<REDIRECT URI>",
"code" => $code,
"user_agent" => "<MY APP'S USER AGENT>"
));
# get the access_token and refresh_token from the response
$access_token = $response_obj->access_token;
$refresh_token = $response_obj->refresh_token;
$_SESSION['meetup_access_token'] = $access_token;
$_SESSION['meetup_refresh_token'] = $refresh_token;
# Redirect the user to whatever page needs them to be authenticated by Meetup.
header('Location: http://yourapp.com/authorized_portal');
}This example is just one way to get OAuth support in your app. Your integration with OAuth might look very different. Make sure to read through Meetup's Authentication Documentation for different ways to interact with Meetup's OAuth 2 implementation. Also, this example uses session-based storage for access keys. You're certainly welcome to store keys in whatever fashion you prefer, such as in database tables. Also, this example provides no error reporting in the event of an unauthorized request (but you can handle those by wrapping the call to request_access_token() with a try-catch). Lastly, this example provides no means of renewing the access token after it's expired. To do so, use MeetupOAuth2Helper::refresh_access_token(), which behaves similarly to MeetupOAuth2Helper::request_access_token().