I was pleasantly surprised to see this library work flawlessl...

I was pleasantly surprised to see this library work flawlessly and quickly with my requirements where other PHP OAuth libraries failed. Requires very little modification to the example PHP to get it working as per your requirements.

Thank you.

Good to know that it worked well for you.

Sorry to trouble you.

After implementing the package and testing it for my requirements, I see that when setting the access tokens and secrets manually, the API is picking up the token from the cookies bypassing the ones set manually.

Not sure if I am doing anything wrong or if there is a setting to turn off this behavior.

Since I am retrieving the tokens from a separate database, how do I enforce the ones retrieved as tokens instead of the ones set in the cookies when calling the API?

I am not sure what you are doing but if you want to call an API when the user is not present by retrieving authorized tokens from a database for instance, you need to use a sub-class to override the token storage methods.

You could set the variables manually but if your API uses refresh tokens, the new tokens need to be updated in storage.

Therefore this package provides a generic database storage class that you can extend and adapt to the way your application stores the tokens in a database with SQL queries.

In this article you can learn how to use the mysqli_oauth_client_class to store tokens in a MySQL database table using MySQLi.

phpclasses.org/blog/package/7700/po ...

Thanks once again.

I read the reference you sent me. If for instance I wish to implement the first method and not the 2nd method which is I Supply the access token and secret, do I still need to set it offline? Will I still need to subclass it? I do not plan to use the internal database as I have an external database supplying the credentials.

When I tried setting the access token and secret manually or passing it through a POST request while it is set to online and not sub-classing it, it appears to get overwritten by the cookie token and secret.

Sorry to take to much of your valuable time but I do very much appreciate your support and your work.

The offline variable just changes the way the initial token is requested.

I think in the case of Google it will only provide refresh tokens if you request the token for offline usage.

When refresh tokens are provided there is a process of retrieving new tokens and replace for old ones. The class takes care of this right before the next call to the API.

So if you are storing in a database, you need to make sure that if the tokens are updated, you need to store the new tokens in your database.

The database sub-class takes care of this, so it is better to use it or create your own sub-class.