I am trying to setup a php page which uses cURL to hit a third party server to log them in. Right now my code does successfully log in to the third party server, but since cURL is not sending the SESSION cookies to the user, the user must login in themselves
How can I get cURL to forward cookies to the client. Thanks
Check out the documentation for the following cURL options:
CURLOPT_COOKIE
CURLOPT_COOKIEFILE
CURLOPT_COOKIEJAR
EDIT
After reading your question more thoroughly, I'm afraid to tell you there is NO way to write the cookies to the client browser unless you redirect the client to the site you are attempting authorize them on. Browser cookies operate on a security model known as Same Origin Policy. This basically means that domains can only issue cookies for their OWN domains and may not issue cookies for others domains. In your particular case:
client --CONTACTS--> foo.com --cURL-LOGIN--> bar.com
bar.com --bar.com-COOKIE--> foo.com --foo.com-COOKIE--> client
client --foo.com-COOKIE--> bar.com (Will not work)
Basically, foo.com CAN NOT create cookies on the client for bar.com!
The user's browser will most probably not allow you to set cookies for another domain anyway.
You can, in your PHP code, login and fetch a session cookie for (e.g.) Hotmail. But you won't be able to pass that session on to the user (so he/she would also be logged in).
This is because many browsers and configurations deny setting 3rd party cookies.