-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
73 lines (58 loc) · 2.92 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?php
require __DIR__ . '/vendor/autoload.php';
session_start();
$provider = new \League\OAuth2\Client\Provider\GenericProvider([
'clientId' => 'cefiac', // The client ID assigned to you by the provider
'clientSecret' => 'secret', // The client password assigned to you by the provider
'redirectUri' => 'http://oauth-demo-client/',
'urlAuthorize' => 'http://local.clearfacts.be/app_stage.php/oauth2-server/authorize',
'urlAccessToken' => 'http://local.clearfacts.be/app_stage.php/oauth2-server/token',
'urlResourceOwnerDetails' => 'http://local.clearfacts.be/app_stage.php/oauth2-server/resource-owner'
]);
// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {
// Fetch the authorization URL from the provider; this returns the
// urlAuthorize option and generates and applies any necessary parameters
// (e.g. state).
$authorizationUrl = $provider->getAuthorizationUrl();
// Get the state generated for you and store it to the session.
$_SESSION['oauth2state'] = $provider->getState();
// Redirect the user to the authorization URL.
header('Location: ' . $authorizationUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
try {
// Try to get an access token using the authorization code grant.
$accessToken = $provider->getAccessToken('authorization_code', [
'code' => $_GET['code']
]);
// We have an access token, which we may use in authenticated
// requests against the service provider's API.
echo $accessToken->getToken() . "\n";
echo $accessToken->getRefreshToken() . "\n";
echo $accessToken->getExpires() . "\n";
echo ($accessToken->hasExpired() ? 'expired' : 'not expired') . "\n";
// Using the access token, we may look up details about the
// resource owner.
$resourceOwner = $provider->getResourceOwner($accessToken);
var_export($resourceOwner->toArray());
// The provider provides a way to get an authenticated API request for
// the service, using the access token; it returns an object conforming
// to Psr\Http\Message\RequestInterface.
$request = $provider->getAuthenticatedRequest(
'GET',
'http://brentertainment.com/oauth2/lockdin/resource',
$accessToken
);
} catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {
// Failed to get the access token or user details.
exit('IdentityProviderException: ' . $e->getMessage());
} catch (\Exception $e) {
// Failed to get the access token or user details.
exit('Exception: ' . $e->getTraceAsString());
}
}