Memsource-API/oauth.php

67 lines
2.6 KiB
PHP

<?php
session_start();
$config = parse_ini_file('config.ini');
$authorize_url = $config['base_url'] . '/oauth/authorize';
$token_url = $config['base_url'] . '/oauth/token';
// callback URL specified when the application was defined--has to match what the application says
$callback_uri = $config['callbackUri'];
// client (application) credentials - located at apim.byu.edu
$client_id = $config['id'];
$client_secret = $config['secret'];
if (isset($_GET['code'])) {
// what to do if there's an authorization code
$access_token = getAccessToken($_GET['code']);
$_SESSION['token'] = $access_token;
header('Location: /');
} elseif (isset($_GET['error'])) {
echo 'Access Denied';
} else {
// what to do if there's no authorization code
getAuthorizationCode();
}
// step A - simulate a request from a browser on the authorize_url
// will return an authorization code after the user is prompted for credentials
function getAuthorizationCode()
{
global $authorize_url, $client_id, $callback_uri;
$authorization_redirect_url = $authorize_url . '?response_type=code&client_id=' . $client_id . '&redirect_uri=' . $callback_uri . '&scope=openid';
header('Location: ' . $authorization_redirect_url);
// if you don't want to redirect
// echo "Go <a href='$authorization_redirect_url'>here</a>, copy the code, and paste it into the box below.<br /><form action=" . $_SERVER["PHP_SELF"] . " method = 'post'><input type='text' name='authorization_code' /><br /><input type='submit'></form>";
}
// step I, J - turn the authorization code into an access token, etc.
function getAccessToken($authorization_code)
{
global $token_url, $client_id, $client_secret, $callback_uri;
$authorization = base64_encode("$client_id:$client_secret");
$header = ["Authorization: Basic {$authorization}", 'Content-Type: application/x-www-form-urlencoded'];
$content = "grant_type=authorization_code&code=$authorization_code&redirect_uri=$callback_uri";
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => $token_url,
CURLOPT_HTTPHEADER => $header,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $content
]);
$response = curl_exec($curl);
$objectResponse = json_decode($response);
curl_close($curl);
if ($response === false) {
echo 'Failed', curl_error($curl);
} elseif (isset($objectResponse->error)) {
echo "Error:<br /> $authorization_code $response";
}
return $objectResponse->access_token;
}