Twitter OAuth validation only good until I change pages?

I found a library online to get started with Twitter OAuth and it gets me connected, and able to pull down some data from Twitter. I save the tokens to a session (I will be putting them into a database for production, but I'm just trying to get the basics for now). The problem comes when I change to a different page and am no longer able to make API calls.

Here is my code:

(If my brackets don't exactly match here, it's because I stripped the twitter portion out to show)

session_start();
if(strtolower($_GET['via']) == 'twitter'){
    //login to twitter
    $from = strip_tags($_GET['from']);
    $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
     /* Get temporary credentials. */
    $request_token = $connection->getRequestToken($from);
    /* Save temporary credentials to session. */
    $_SESSION['oauth_token'] = $token = $request_token['oauth_token'];
    $_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
    switch ($connection->http_code) {
      case 200:
        /* Build authorize URL and redirect user to Twitter. */
        $url = $connection->getAuthorizeURL($token);
        header('Location: '开发者_运维问答 . $url);
        break;
      default:
        /* Show notification if something went wrong. */
        echo 'Could not connect to Twitter. Refresh the page or try again later.';
        }
    }elseif(!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret'])){
/* If last connection failed don't display authorization link. */
$_SESSION['oauth_verifier'] = $_GET['oauth_verifier'];
$twitteroauth = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
// Let's request the access token
$access_token = $twitteroauth->getAccessToken($_SESSION['oauth_verifier']);
// Save it in a session var
$_SESSION['access_token'] = $access_token;
// Let's get the user's info
$user_info = $twitteroauth->get('account/verify_credentials');
$home_timeline = $twitteroauth->get('statuses/home_timeline', array('count' => 3));
// Print user's info
echo "<pre>";
print_r($user_info);
echo "</pre>";
echo "<pre>";
print_r($home_timeline);
echo "</pre>";
}

So after saving to a variable and authenticating, I then am able to query the API as expected. After I switch to a different page with essentially the same code as in the elseif() block, I simple recieve the following error message when I attempt to pull data:

stdClass Object
(
[request] => /1/account/verify_credentials.json?oauth_consumer_key=djtrixYaxkM4QFzhtfTg&oauth_nonce=8d27112c1ee645b4253c8f803cf428d4&oauth_signature=N6Ug5w%2BNqzo%2FY%2By7UuO0jDqWUdA%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1297720180&oauth_token=&oauth_version=1.0
[error] => Could not authenticate you.
)

Any insight on how I can get this authentication to "stick" across the session?

EDIT As pointed out below, in the URL oauth_token has no value. So I did a print_r($_SESSION) and I am seeing that $_SESSION['oauth_token'] does indeed have a value.

Array ( 
[oauth_token] => 12345
[oauth_token_secret] => 67890
[oauth_verifier] => [access_token] => Array (
    [ "1.0" encoding="UTF-8"?> /oauth/access_token?oauth_consumer_key=111111
    [amp;oauth_nonce] => 222222
    [amp;oauth_signature] => 777777= 
    [amp;oauth_signature_method] => HMAC-SHA1 
    [amp;oauth_timestamp] => 1297783851 
    [amp;oauth_token] => 12345
    [amp;oauth_version] => 1.0 Invalid / expired Token 
    )
)

This array looks like it might be malformed, but I'll freely admit I don't know what it should look like. And, as I didn't make any changes to the library - just the demo code - I'm not sure how that could have happened.

---

Notice that oauth_token has no value. On your other pages you are probably not initiating the session or you are not properly pulling the access token out of the session.

---

Try to increase OAuth oauth_timestamp by a couple of hours.

In PHP OAuth client it looks like this:

private static function generate_timestamp() {
    return time()+5*3600;
}

resources

http://www.backwardcompatible.net/149-Twitter-Timestamp-out-of-bounds-solved