public function connect_with_oauth2($provider_name) { if ($this->user_model->is_logged_in()) { redirect('user/login'); } switch ($provider_name) { case 'facebook': $provider = new League\OAuth2\Client\Provider\Facebook(array('clientId' => '738761806197904', 'clientSecret' => '913fab2aabe36d3af31dc738e3964d69', 'redirectUri' => 'http://kuklos.vikom.io/user/connect/facebook', 'scopes' => array('email'))); break; case 'github': $provider = new League\OAuth2\Client\Provider\Github(array('clientId' => 'e100df6b5305c00f58e3', 'clientSecret' => 'b27953bc5421ce1e109e2b49c7fbb170de51108c', 'redirectUri' => 'http://kuklos.vikom.io/user/connect/github', 'scopes' => array('email'))); break; case 'google': $provider = new League\OAuth2\Client\Provider\Google(array('clientId' => '246372104087-gf5re27h5ds69p09ubs25qmlf4bh3oim.apps.googleusercontent.com', 'clientSecret' => '4ccpNZwabW817I6jhN1n8TdB', 'redirectUri' => 'http://kuklos.vikom.io/user/connect/google', 'scopes' => array('email'))); break; default: exit('Unsupported OAuth2 Provider: ' . $provider_name); } if (!isset($_GET['code'])) { // If we don't have an authorization code then get one header('Location: ' . $provider->getAuthorizationUrl()); exit; } else { // Try to get an access token (using the authorization code grant) $token = $provider->getAccessToken('Authorization_Code', ['code' => $_GET['code']]); // Get user email $email = ''; try { // We got an access token, let's now get the user's details $userDetails = $provider->getUserDetails($token); // Use these details to create a new profile $email = $userDetails->email; } catch (Exception $e) { // Failed to get user details exit('Something went wrong. Contact Admin.'); } // Create account if it does not exist if ($this->user_model->add_oauth_user($email)) { $this->send_welcome_email($email); } $this->set_login_userdata($email); redirect('user'); // // Use this to interact with an API on the users behalf // echo $token->accessToken; // // Use this to get a new access token if the old one expires // echo $token->refreshToken; // // Number of seconds until the access token will expire, and need refreshing // echo $token->expires; } }
require 'vendor/autoload.php'; session_start(); //If this automatic URL doesn't work, set it yourself manually $redirectUri = isset($_SERVER['HTTPS']) ? 'https://' : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; //$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php'; $clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com'; $clientSecret = 'RANDOMCHARS-----lGyjPcRtvP'; //All details obtained by setting up app in Google developer console. //Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php $provider = new League\OAuth2\Client\Provider\Google(['clientId' => $clientId, 'clientSecret' => $clientSecret, 'redirectUri' => $redirectUri, 'scopes' => ['https://mail.google.com/'], 'accessType' => 'offline']); if (!isset($_GET['code'])) { // If we don't have an authorization code then get one $authUrl = $provider->getAuthorizationUrl(); $_SESSION['oauth2state'] = $provider->state; header('Location: ' . $authUrl); exit; // Check given state against previously stored one to mitigate CSRF attack } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); exit('Invalid state'); } else { $provider->accessType = 'offline'; // Try to get an access token (using the authorization code grant) $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); // Use this to interact with an API on the users behalf // echo $token->accessToken.'<br>'; // Use this to get a new access token if the old one expires echo 'Refresh Token: ' . $token->refreshToken; // Unix timestamp of when the token will expire, and need refreshing // echo $token->expires; }
/** * See: * * https://github.com/PHPMailer/PHPMailer/wiki/Using-Gmail-with-XOAUTH2 * https://github.com/PHPMailer/PHPMailer/blob/master/get_oauth_token.php * https://github.com/thephpleague/oauth2-client * https://github.com/thephpleague/oauth2-google * * @author Christophe */ public function token() { ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); //session_start(); //If this automatic URL doesn't work, set it yourself manually //$redirectUri = isset($_SERVER['HTTPS']) ? 'https://' : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; //$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php'; if ($this->config->item('environment') == 'production') { $redirectUri = 'https://app.trackstreet.com/oauth/token'; } else { if ($this->config->item('environment') == 'local') { $redirectUri = 'http://localvision.juststicky.com:8888/oauth/token'; } else { $redirectUri = 'http://dev.trackstreet.com/oauth/token'; } } //var_dump($redirectUri); exit(); //These details obtained are by setting up app in Google developer console. //$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com'; $clientId = '926686706631-hfvemdq29jq7rls3cev19dhk3u1vnm68.apps.googleusercontent.com'; //$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP'; $clientSecret = 'tgaKWHuROprvasinKyeitMlk'; //Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php $provider = new League\OAuth2\Client\Provider\Google(array('clientId' => $clientId, 'clientSecret' => $clientSecret, 'redirectUri' => $redirectUri, 'scopes' => array('https://mail.google.com/'), 'accessType' => 'offline')); if (!isset($_GET['code'])) { // If we don't have an authorization code then get one $authUrl = $provider->getAuthorizationUrl(); $_SESSION['oauth2state'] = $provider->getState(); header('Location: ' . $authUrl); exit; } else { if (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); exit('Invalid state'); } else { // Try to get an access token (using the authorization code grant) $token = $provider->getAccessToken('authorization_code', array('code' => $_GET['code'])); // Use this to get a new access token if the old one expires echo 'Refresh Token: ' . $token->getRefreshToken(); } } }
/** * Try to authenticate the user using one of the OAuth2 providers * @author Benjamin BALET <*****@*****.**> */ public function loginOAuth2() { require_once APPPATH . 'third_party/OAuthClient/vendor/autoload.php'; $oauth2Enabled = $this->config->item('oauth2_enabled'); $oauth2Provider = $this->config->item('oauth2_provider'); $oauth2ClientId = $this->config->item('oauth2_client_id'); $oauth2ClientSecret = $this->config->item('oauth2_client_secret'); if ($oauth2Enabled === FALSE) { echo 'ERROR: OAuth2 is disabled'; return; } $authCode = $this->input->post('auth_code'); if (!is_null($authCode)) { $this->load->model('users_model'); switch ($oauth2Provider) { case 'google': $provider = new League\OAuth2\Client\Provider\Google(array('clientId' => $oauth2ClientId, 'clientSecret' => $oauth2ClientSecret, 'redirectUri' => 'postmessage', 'accessType' => 'offline')); $token = $provider->getAccessToken('authorization_code', array('code' => $authCode)); try { //We try to get the e-mail address from the Google+ API $ownerDetails = $provider->getResourceOwner($token); $email = $ownerDetails->getEmail(); //If we find the e-mail address into the database, we're good $loggedin = $this->users_model->checkCredentialsEmail($email); if ($loggedin === TRUE) { echo 'OK'; } else { echo lang('session_login_flash_bad_credentials'); } } catch (Exception $e) { echo 'ERROR: ' . $e->getMessage(); } break; default: echo 'ERROR: unsupported OAuth2 provider'; } } else { echo 'ERROR: Invalid OAuth2 token'; } }
require 'vendor/autoload.php'; session_start(); //If this automatic URL doesn't work, set it yourself manually $redirectUri = isset($_SERVER['HTTPS']) ? 'https://' : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; //$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php'; //These details obtained are by setting up app in Google developer console. $clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com'; $clientSecret = 'RANDOMCHARS-----lGyjPcRtvP'; //Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php $provider = new League\OAuth2\Client\Provider\Google(array('clientId' => $clientId, 'clientSecret' => $clientSecret, 'redirectUri' => $redirectUri, 'scopes' => array('https://mail.google.com/'), 'accessType' => 'offline')); if (!isset($_GET['code'])) { // If we don't have an authorization code then get one $authUrl = $provider->getAuthorizationUrl(); $_SESSION['oauth2state'] = $provider->state; header('Location: ' . $authUrl); exit; // Check given state against previously stored one to mitigate CSRF attack } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); exit('Invalid state'); } else { $provider->accessType = 'offline'; // Try to get an access token (using the authorization code grant) $token = $provider->getAccessToken('authorization_code', array('code' => $_GET['code'])); // Use this to interact with an API on the users behalf // echo $token->accessToken.'<br>'; // Use this to get a new access token if the old one expires echo 'Refresh Token: ' . $token->refreshToken; // Unix timestamp of when the token will expire, and need refreshing // echo $token->expires; }