function checkAuthResult()
{
$code = getVariable('code', FALSE);
$state = getVariable('state', FALSE);
$provider = createProvider([], []);
$oauthUnguessable = getSessionVariable('oauthUnguessable', null);
if (!$code || !$state || !$oauthUnguessable) {
return;
}
if ($state !== $oauthUnguessable) {
//Miss-match on what we're tring to validated.
echo "Mismatch on secret'";
return;
}
try {
$api = $provider->make('DebugGithub');
//$client
/** @var $api DebugGithub */
$command = $api->oauthAuthorize(GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, $code, "http://" . SERVER_HOSTNAME . "/github/return.php");
$accessResponse = $command->execute();
setSessionVariable(GITHUB_ACCESS_RESPONSE_KEY, $accessResponse);
if ($accessResponse->oauthScopes) {
echo "You are now authed for the following scopes:<br/>";
foreach ($accessResponse->oauthScopes as $scope) {
echo $scope . "<br/>";
}
}
} catch (GithubArtaxServiceException $fae) {
echo "Exception processing response: " . $fae->getMessage();
}
}
function checkAuthResult()
{
$oauthToken = getVariable('oauth_token', FALSE);
$oauthVerifier = getVariable('oauth_verifier', FALSE);
/** @var \AABTest\OauthRequestToken $oauthRequest */
$oauthRequest = getSessionVariable('oauthRequest', null);
if (!$oauthToken || !$oauthVerifier || !$oauthRequest) {
return;
}
if ($oauthToken != $oauthRequest->oauthToken) {
//Miss-match on what we're tring to validated.
return;
}
try {
$oauthConfig = new OauthConfig(FLICKR_KEY, FLICKR_SECRET);
$oauthService = new \ArtaxApiBuilder\Service\FlickrOauth1($oauthConfig);
$oauthService->setOauthToken($oauthRequest->oauthToken);
$oauthService->setTokenSecret($oauthRequest->oauthTokenSecret);
$api = new \AABTest\FlickrAPI\FlickrAPI(FLICKR_KEY, $oauthService);
$command = $api->GetOauthAccessToken($oauthVerifier);
$oauthAccessToken = $command->execute();
setSessionVariable('oauthAccessToken', $oauthAccessToken);
echo "Oauth is confirmed - username is:" . $oauthAccessToken->user->username;
} catch (\AABTest\FlickrAPI\FlickrAPIException $fae) {
echo "Exception processing response: " . $fae->getResponse()->getBody();
}
}
function checkAuthResult()
{
$code = getVariable('code', FALSE);
$state = getVariable('state', FALSE);
$oauthUnguessable = getSessionVariable('oauthUnguessable', null);
if (!$code || !$state || !$oauthUnguessable) {
return;
}
if ($state != $oauthUnguessable) {
//Miss-match on what we're tring to validated.
echo "Miss-match on secret'";
return;
}
try {
$api = new \AABTest\GithubAPI\GithubAPI();
$command = $api->accessToken(GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, $code, "http://" . SERVER_HOSTNAME . "/github/return.php");
$response = $command->execute();
setSessionVariable('githubAccess', $response);
echo "You are now authed for the following scopes:<br/>";
foreach ($response->scopes as $scope) {
echo $scope . "<br/>";
}
} catch (\AABTest\GithubAPI\GithubAPIException $fae) {
echo "Exception processing response: " . $fae->getMessage();
}
}
public function testIssetSessionVariableShouldReturnTrue()
{
$variableName = "thisShouldBeSet";
setSessionVariable($variableName, "testtesttest");
$actualValue = issetSessionVariable('thisShouldBeSet');
$this->assertTrue($actualValue,
"issetSessionVariable(variable_name) returned false for set variable.");
}
function createOauthRequest()
{
$oauthConfig = new OauthConfig(FLICKR_KEY, FLICKR_SECRET);
try {
$oauthService = new \ArtaxApiBuilder\Service\FlickrOauth1($oauthConfig);
$api = new \AABTest\FlickrAPI\FlickrAPI(FLICKR_KEY, $oauthService);
$command = $api->GetOauthRequestToken("http://localhost:8000/flickr/return.php");
$oauthRequest = $command->execute();
setSessionVariable('oauthRequest', $oauthRequest);
$flickrURL = "http://www.flickr.com/services/oauth/authorize?oauth_token=" . $oauthRequest->oauthToken;
echo sprintf("Please click <a href='%s'>here to auth</a>. ", $flickrURL);
} catch (\AABTest\FlickrAPI\FlickrAPIException $fae) {
echo "FlickrAPIException response body.";
var_dump($fae->getResponse()->getBody());
}
}
public function setSessionUser($user_id, $user_level){
setSessionVariable("user_id", $user_id);
setSessionVariable("user_level", $user_level);
}
<?php
require "githubBootstrap.php";
use GithubService\GithubArtaxService\GithubArtaxServiceException;
use Amp\Artax\DnsException;
echo <<<END
<html>
<body>
<h3><a href='/'>Oauth test home</a> </h3>
END;
/** @var $accessResponse \GithubService\Model\AccessResponse */
$accessResponse = getSessionVariable(GITHUB_ACCESS_RESPONSE_KEY);
if ($accessResponse) {
if (!$accessResponse instanceof GithubService\Model\AccessResponse) {
//class was renamed...or something else bad happened.
setSessionVariable(GITHUB_ACCESS_RESPONSE_KEY, null);
$accessResponse = null;
}
}
$shareClasses = [];
if ($accessResponse) {
$shareClasses['GithubService\\Model\\AccessResponse'] = $accessResponse;
}
$provider = createProvider([], $shareClasses);
//These actions need to be done before the rest of the page.
$action = getVariable('action');
switch ($action) {
case 'delete':
unsetSessionVariable(GITHUB_ACCESS_RESPONSE_KEY);
$accessResponse = null;
break;
} else {
if (mysql_num_rows($userq) == 0) {
$error = RES_ERROR_LOGIN_NO_USER;
$errormessage = "No such user id<br><br>";
} else {
$row = mysql_fetch_assoc($userq);
if ($row['password'] != encrypt($password)) {
$error = RES_ERROR_LOGIN_USER_PASS;
$errormessage = "Incorrect user name or password<br><br>";
}
}
}
if ($error == 0) {
$user = mysql_fetch_assoc($userq);
setSessionVariable('user_id', $user['user_id']);
setSessionVariable('user_level', $user['user_level']);
}
} else {
if (isset($_POST['page']) && $_POST['page'] == "confirm") {
$resid = $_POST['resid'];
$admincomment = $_POST['admincomment'];
$status = $_POST['status'];
confirmReservation($resid, $admincomment, $status);
$message = "Reservation Updated!";
}
}
if ((isset($_GET['resid']) || isset($_POST['resid'])) && issetSessionVariable('user_level')) {
if (isset($_GET['resid'])) {
$resid = $_GET['resid'];
} else {
if (isset($_POST['resid'])) {
if (getConfigVar('use_ldap')) {
if (mysql_num_rows($userq) == 0) {
$error = RES_ERROR_LOGIN_USER_PASS;
} else {
$user = mysql_fetch_assoc($userq);
}
} else {
if (mysql_num_rows($userq) == 0) {
$error = RES_ERROR_LOGIN_NO_USER;
} else {
$user = mysql_fetch_assoc($userq);
if ($user['password'] != encrypt($password)) {
$error = RES_ERROR_LOGIN_USER_PASS;
}
}
}
$page = "";
if ($error > 0) {
sleep(1);
$page = "Location: " . getConfigVar("location") . "index.php?pageid=login&loginoption=" . $error;
} else {
setSessionVariable('user_level', $user['user_level']);
setSessionVariable('user_id', $user['user_id']);
sleep(1);
$page = "Location: " . getConfigVar("location") . "index.php?pageid=home&sesid=" . session_id();
}
if (strpos($_POST['redir'], "logout") === false && strpos($_POST['redir'], "login") === false) {
header("Location: " . $_POST['redir']);
} else {
header($page);
}
$row = mysql_fetch_assoc($userq);
if($row['password'] != encrypt($password)){
$error = RES_ERROR_LOGIN_USER_PASS;
$errormessage = "Incorrect user name or password<br><br>";
}
}
if($error == 0){
setSessionVariable('user_id', $row['user_id']);
setSessionVariable('user_level', $row['user_level']);
}
}
else if(isset($_POST['page']) && $_POST['page'] == "confirm"){
$resid = $_POST['resid'];
$admincomment = $_POST['admincomment'];
$status = $_POST['status'];
confirmReservation($resid, $admincomment, $status);
$message = "Reservation Updated!";
}
/**
*
*/
function showOauthRequest($scopes)
{
try {
$unguessable = openssl_random_pseudo_bytes(16);
$unguessable = bin2hex($unguessable);
$authURL = createAuthURL(GITHUB_CLIENT_ID, $scopes, "http://" . SERVER_HOSTNAME . "/github/return.php", $unguessable);
setSessionVariable('oauthUnguessable', $unguessable);
echo sprintf("Please click <a href='%s'>here to auth</a> with github. ", $authURL);
} catch (\AABTest\FlickrAPI\FlickrAPIException $fae) {
echo "FlickrAPIException response body.";
var_dump($fae->getResponse()->getBody());
}
}
