When I attempt an OAuth handshake, the first step is a GET call to obtain an access code like so.
# Redirect to request authorization code
$url = $this->get_authorization_url();
header("Location: $url");
exit;
Just before I send this I store the current URL in a $_SESSION[‘last_url’] variable so that after authentication is complete I can redirect it back to the page the user originally attempted.
This authorization url uses the client id and secret to obtain an access code which is then returned to my callback script. The problem is the moment I land on my callback page the $_SESSION is completely blank. I need to ensure I can get this original URL to the end of the handshake and after an entire day devoted to this I’m desperate for some answers.
NOTE: Also should be noted that this site is hosted on WordPress Engine which has a strong caching mechanism which could be a cause of this problem, but even if it is I need a solution around it.
1 Answer
With my version of wordpress there is NO session. So when I call $_SESSION['callback_state']=stuff it’ll gladly save it to a temporary stack local variable instead of with the actual session.
So before you redirect do:
if (!session_id()) {session_start();}
//then the normal redirect
header("location: $newUrl");
exit(0);
