Impossible to get user id after OAuthServer::verifyIfSigned()

[GoogleCodeExporter]

Hi and thanks for this usefull lib.

I'm working on a threelegged server with mobile app consumers.
The server works fine until a try to access protected data.

I have my access token (with a verifier) and I try to access data using the 
same process as in hello.php : 

<CODE>
require_once 'init.php';

$authorized = false;
$server = new OAuthServer();
try
{
        if ($server->verifyIfSigned())
        {
                $authorized = true;
        }
}
catch (OAuthException2 $e)
{
}

if (!$authorized)
{
        header('HTTP/1.1 401 Unauthorized');
        header('Content-Type: text/plain');

        echo "OAuth Verification Failed: " . $e->getMessage();
        die;
}

// From here on we are authenticated with OAuth. 

header('HTTP/1.1 200 OK');
header('Content-type: application/json');

//Do my stuff
</CODE>

Here i need the user_id corresponding to my access token but i can't get it.
If i try to call another OAuthServer function i get a  : 
Fatal error:  Uncaught exception 'OAuthException2' with message 'Duplicate 
timestamp/nonce combination, possible replay attack.  Request rejected.'

It think it's normal and i should not have to ask another verify process 
(OAuthServer::verify()) to the server but i really don't know how to get the 
user id i need to access data.

Maybe i didn't understand how it's works at all ^^.

If someone have an idea...

I don't remember exactly the version i use, probably 142 or 155.
Regards,

Original issue reported on code.google.com by mathieu....@gmail.com on 28 Oct 2010 at 8:57

[GoogleCodeExporter]

This only can happen if you call verify() twice. You really should not do that, 
as you noticed yourself.

You can call verifyExtended() instead. it will return the user_id and the 
consumer_key. Hope that helps :)

Original comment by brunobg%...@gtempaccount.com on 28 Oct 2010 at 4:15

• Changed state: Invalid