Eventbrite API keys are available here: http://www.eventbrite.com/api/key/
Your API_Key's Client secret is available on the same page. Keep it secret. Be careful not to expose it to your users or check it in to publicly available source code.
You must set your API_key's redirect_uri on http://www.eventbrite.com/api/key/, pointing it to the URL on your site where you expect a user to complete their OAuth2 authorization. Or, point it to any URL on your site where our loginWidget is available.
Get OAuth2.0 done in three easy steps. Check below for a more advanced implementation example that shows how to integrate with your existing storage and templating systems.
Grab Eventbrite's latest PHP API client and add it to your app's source code: https://raw.github.com/ryanjarvinen/eventbrite.php/master/Eventbrite.php
require_once 'Eventbrite.php';
See our advanced implementation example for notes on how to use other data-stores. If you do not already have support for session storage enabled, then you may need to turn it on:
session_start();
Add your authentication tokens to make this widget example work:
<?= Eventbrite::loginWidget(array('app_key'=>'YOUR_API_KEY',
'client_secret'=>'YOUR_CLIENT_SECRET')); ?>
A simple OAuth2 example script is also bundled with our API Client library: https://github.com/ryanjarvinen/eventbrite.php/blob/master/examples/oauth2-login-example.php
Interested in integrating with your application's existing authentication, storage, and templating systems? This example goes into additional detail, demonstrating how to set that up.
Grab Eventbrite's latest PHP API client and add it to your app's source code: https://raw.github.com/ryanjarvinen/eventbrite.php/master/Eventbrite.php
require_once 'Eventbrite.php';
If you do not already have support for session storage enabled, then you may need to turn it on:
session_start();
Define a callback for looking up access_tokens:
$get_access_token = function(){
if(isset($_SESSION['EB_OAUTH_ACCESS_TOKEN'])){
return $_SESSION['EB_OAUTH_ACCESS_TOKEN'];
}else{
return null;
}
}
Define a callback for saving access_tokens for later:
$save_access_token = function( $access_token ){
$_SESSION['EB_OAUTH_ACCESS_TOKEN'] = $access_token;
}
Define a callback for removing access_tokens when needed:
$delete_access_token = function( $access_token=null ){
unset($_SESSION['EB_OAUTH_ACCESS_TOKEN']);
}
Add the following to your logout() code to clear the existing access_token:
Eventbrite::deleteAccessToken();
Or, use your own $delete_access_token callback when appropriate:
$delete_access_token();
Add your authentication tokens and logout url to make this example work:
$strings = Eventbrite::loginWidget(array('app_key'=>'YOUR_API_KEY',
'client_secret'=>'YOUR_CLIENT_SECRET',
'logout_link'=>'YOUR_LOGOUT_URL' ),
$get_access_token,
$save_access_token,
$delete_access_token,
"disabled"); // leave this parameter out for an HTML response.
If you would like to use the HTML template from our example, you can remove the "disabled" flag from the loginWidget call, or pass the resulting strings to our Eventbrite::widgetHTML() function, like this:
$widget_html = Eventbrite::widgetHTML($strings);
You can also supply your own templating callback function to Eventbrite::loginWidget, or simply pass the returned strings directly into your own templating system.
For more detail on our available OAuth2.0 integration functions - see the docs below, or reach out to the Eventbrite team with questions
See Eventbrite's API Docs for more information about available API Client methods.
The loginWidget method is the quickest way to acheive OAuth2.0 integration for Eventbrite. It includes a lot of great defaults, and the ability to customize when needed. By default, PHP's $_SESSION store will be used to save your user's access_token.
string Eventbrite::loginWidget( array $options [, callback $get_token, callback $save_token, callback $delete_token, callback $renderer ] )
options- (Required) An array containing the following:app_key- (Required) A string containing your API key - sign up here: http://www.eventbrite.com/api/key/client_secret- (Required) A string containing this API key's client_secret (available on the same page as your API Key)access_code- (Optional) A string containing the user's access_code. An OAuth2.0 access_code is an intermediary, temporary token that can be exchanged for an access_token. If you know the access_code, you can supply it here. By default, this widget will attempt to autodetect this information by checking the REQUEST for a "code" parameter. This should work fine as long as the widget is available at the same URL that your "redirect_uri" is pointed toward.logout_link- (Optional) A string containing the URL that should trigger a "logout" or "deleteToken" action. By default, the widget is configured to delete a user's access_token whenever the querystring contains "eb_logout=true". This should work on any page where the widget is available. See our "Advanced implementation" example for information on how to incorporate this into your existing authentication scheme.error_message- (Optional) A string containing an OAuth2.0 error response from Eventbrite. By default, the widget is configured to auto-detect this information by reading from $_REQUEST['error']. If you wish to disable error_message auto-detection, set this value to "disabled".
get_token- (Optional) A callback describing how to retrieve the current user's OAuth2.0 access_token from your site's data store.save_token- (Optional) A callback describing how to save the current user's OAuth2.0 access_token in your site's data store.delete_token- (Optional) A callback describing how to remove the current user's OAuth2.0 access_token from your site's data store.renderer- (Optional) A callback describing how to render the widget data as HTML. If you have your own templating system that you would like to work with, you can pass the resulting HTML into your template as a string, or set this value to "disabled" to signal that you would like the response to include an array of strings instead of HTML. For more information on how to write your own render callback, see the widgetHTML function below. By default, the widgetHTML function will be used to generate HTML for you.
By default, this function returns the widget's HTML as a string. If you have set the "renderer" parameter to "disabled" then an array of strings will be returned instead. See the input parameters for Eventbrite::widgetHTML for more information about this alternate response value.
This is the default function for rendering your OAuth2-related strings in HTML. If you do not like the default HTML, you are welcome to implement your own renderer function based on this method signiture. See the renderer parameter on Eventbrite::loginWidget for more information.
string Eventbrite::widgetHTML( array $strings )
strings- (Required) An array of strings to render:oauth_link- (Required) A URL for kicking off the OAuth2.0 workflow. SeeEventbrite::oauthNextStep($api_key)for more information about this value.logout_link- (Required) A URL for deactivating the current user's access_token.user_name- (Optional) A string indicating the current user's name.user_email- (Optional) A string indicating the current user's email address.login_error- (Optional) A string containing an OAuth2.0 error message.
This function returns the widget's HTML as a string.
This function handles all of the logic around access_token retrieval, and it carries out related data-management tasks by taking advantage of the available callback functions. If you want to use your own routing, storage, and templating tools, then this lower-level function is an alternative to our loginWidget. It makes less assumptions about your system configuration.
array Eventbrite::OAuthLogin( array $options, [, callback $get_token, callba ck $save_token, callback $delete_token ])
options- (Required) An array containing the following:app_key- (Required) A string containing your API key - sign up here: http://www.eventbrite.com/api/key/client_secret- (Required) A string containing this API key's client_secret (available on the same page as your API Key)access_token- (Optional) A string containing the user's access_token can be supplied here. We will attempt to automatically store this token for later use, by taking advantage of the suppliedsave_tokencallback.access_code- (Optional) A string containing the user's access_code. An OAuth2.0 access_code is an intermediary, temporary token that can be exchanged for an access_token. If you know the access_code, you can supply it here.error_message- (Optional) A string containing an OAuth2.0-related error message.
get_token- (Optional) A callback describing how to retrieve the current user's OAuth2.0 access_token from your site's data store.save_token- (Optional) A callback describing how to save the current user's OAuth2.0 access_token in your site's data store.delete_token- (Optional) A callback describing how to remove the current user's OAuth2.0 access_token from your site's data store.
This function returns an array of strings containing the following values:
access_token- if available, this string will contain the current user's access_tokenuser_name- if available, this string will contain the current user's nameuser_email- if available, this string will contain the current user's email address.login_error- if available, this string will contain a login_error from the API.