Trabajando con Laravel edite las variables utilizando INPUT and $request->session()->get. comenzo como un problema pero ahora con estos cambios funciona. quizas a alguien le sirva.
public function admin(Request $request)
{
$authSite = env('MELI_SDK_APP_SITE');
$clientId = env('MELI_SDK_APP_ID');
$clientSecret = env('MELI_SDK_SECRET_ID');
$redirectUri = env('MELI_SDK_REDIRECT_URI');
$client = new \Docta\MercadoLibre\Client($authSite, $clientId, $clientSecret, $redirectUri);
/**
* If we do not have an authorization code then get one
*/
if (!$request->input('code')) {
/**
* Get the MercadoLibre authorization URL; return the url and also generate
* and apply other necessary query parameters (for example: state).
*/
$authUrl = $client->getAuthorizationUrl();
/**
* Get the generated state and save in session.
*/
$request->session()->put('state',$client->getState());
/**
* Redirect the user to the authorization URL
*/
header('Location: '.$authUrl);
exit;
/**
* Check the state returned by MercadoLibre against the state
* previously stored in session to mitigate the CSRF attack.
*/
}
elseif (empty($request->input('state') || ($request->input('state') !== $request->session()->get('state')))) {
!$request->session()->get('state');
exit('Invalid state');
/**
* If the state stored in session and the state returned
* by MercadoLibre are the same, then continue.
*/
}
else {
try {
/**
* Try to exchange the code obtained by an access
* token (using the authorization code grant).
*/
$client->setToken($request->input('code'));
/**
* Optional: Now that we have a token, we can check
* the data of the owner of the resources.
*/
$owner = $client->getOwner();
/**
* And from now on to be able to consult the protected resources.
* The following example makes the same request as the `getOwner()` method.
*/
$me = $client->get('/users/me');
/**
* Failed to get the access token, the owner details or the items request.
*/
} catch (\Docta\MercadoLibre\Exception\ClientException $e) {
exit($e->getMessage());
}
}
}