Thank you for your awesome help Mike. I was able to connect and I am on my way to creating my add-on.
For anyone who is curious... you can add GET value onto your redirect URI that will pass when the application sends you back to your URI... so it can be like this in your application:
code=123456&redurect_uri=http://www.mywebsite.com/auth.php?clientURL=http://www.clientsownwebsite.com/app/auth/auth.php
ofcourse that will be URL encoded... when it comes back to www.mywebsite.com/auth.php you an grab the variable in PHP and use it to create a header redirect back to the clientURL, along with all the other variables sent for use in the authentication process.
So if you need extra help with this like i did here was my solution:
My redirect URI had the URL of the client's site attached to it with a GET value attached on to the URI (note: not an extra value on the GET authenticate request it's self, it has to be a part of the URI only)
Send request directly to Constant Contact, user authorizes and redirects to my URI, along with the extra GET value and the auth codes n junk
My URI redirect is to a PHP file which takes the ClientURL and adds it to a 301 redirect header in the php file, redirecting the user back to their website along with all GET values without ever noticing.
After that you don't need your URI anymore, only for authentication.
Here's my server's redirect (it strips clientURL from the string so that the end url looks nice and clean)
<?php
$qStr = $_SERVER['QUERY_STRING'];
$key= 'clientURL';
parse_str($qStr, $ar);
$url = $_GET['clientURL'] . '?' . http_build_query(array_diff_key($ar, array($key => '')));
header("Status: 302");
header("Location: $url" );
exit;
?>
