/**
* This method is triggered on the login submit page where user credentials are submitted.
* On this page the provider should create a new Login object from those credentials, and return the object.
* This object will be then validated by user providers.
*
* @param ConfigObject $config Firewall config
*
* @throws TwitterOAuthException
* @return Login
*/
public function getLoginObject(ConfigObject $config)
{
try {
// step1 -> get access token
if (!$this->httpSession()->get('tw_oauth_token_secret', false)) {
$requestToken = $this->connection->getRequestToken();
// save the session for later
$this->httpSession()->save('tw_oauth_token', $requestToken['oauth_token']);
$this->httpSession()->save('tw_oauth_token_secret', $requestToken['oauth_token_secret']);
// check response code
$authUrl = $this->connection->getAuthorizeUrl($requestToken['oauth_token']);
header('Location: ' . $authUrl);
die('Redirect');
} else {
// request access tokens from twitter
if ($this->httpRequest()->query('oauth_verifier', false)) {
$access_token = $this->connection->requestAccessToken($this->httpSession()->get('tw_oauth_token'), $this->httpSession()->get('tw_oauth_token_secret'), $this->httpRequest()->query('oauth_token'), $this->httpRequest()->query('oauth_verifier'));
} else {
// remove no longer needed request tokens
$this->httpSession()->delete('tw_oauth_token');
$this->httpSession()->delete('tw_oauth_token_secret');
// redirect back to login
$this->httpRedirect($this->httpRequest()->getCurrentUrl());
}
// save the access tokens. Normally these would be saved in a database for future use.
$this->httpSession()->save('tw_access_token', $access_token);
// remove no longer needed request tokens
$this->httpSession()->delete('tw_oauth_token');
$this->httpSession()->delete('tw_oauth_token_secret');
}
} catch (\Exception $e) {
$this->httpSession()->delete('tw_oauth_token_secret');
throw new TwitterOAuthException($e->getMessage());
}
// step2 -> return the login object with auth token
$login = new Login('', '');
$login->setAttribute('tw_oauth_server', $this->connection);
$login->setAttribute('tw_oauth_roles', $this->oauthRoles);
return $login;
}