/*
* You would need to authenticate the user before authorization.
*
* Below is some psudeo-code to show what you might do:
*
session_start();
if (!isLoggedIn()) {
redirectToLoginPage();
exit();
}
*/
$oauth = new OAuth2(new OAuth2StoragePDO());
if ($_POST) {
$userId = $_SESSION['user_id'];
// Use whatever method you have for identifying users.
$oauth->finishClientAuthorization($_POST["accept"] == "Yep", $userId, $_POST);
}
try {
$auth_params = $oauth->getAuthorizeParams();
} catch (OAuth2ServerException $oauthError) {
$oauthError->sendHttpResponse();
}
?>
<html>
<head>
<title>Authorize</title>
<script>
if (top != self) {
window.document.write("<div style='background:black; opacity:0.5; filter: alpha (opacity = 50); position: absolute; top:0px; left: 0px;"
+ "width: 9999px; height: 9999px; zindex: 1000001' onClick='top.location.href=window.location.href'></div>");
}
}
if (!is_user_logged_in()) {
wp_redirect(home_url() . '/oauth/login?sso_redirect=' . $_GET['client_id'] . '&state=' . $_GET['state']);
exit;
}
/**
* @var Get the current user
*/
$current_user = wp_get_current_user();
/**
* @var Set the current users ID
*/
$userId = $current_user->ID;
// @todo Not too sure what this is doing but we need to look at it.
if ($userId != '') {
$oauth->finishClientAuthorization(TRUE, $userId, $_GET);
// AUTO AUTHORIZE
}
try {
$auth_params = $oauth->getAuthorizeParams();
} catch (OAuth2ServerException $oauthError) {
$oauthError->sendHttpResponse();
}
break;
case 'request_token':
header('X-Frame-Options: DENY');
error_reporting(0);
try {
$oauth->grantAccessToken();
} catch (OAuth2ServerException $oauthError) {
$oauthError->sendHttpResponse();
/**
* Tests OAuth2->finishClientAuthorization()
*/
public function testFinishClientAuthorization()
{
// TODO Auto-generated OAuth2Test->testFinishClientAuthorization()
$this->markTestIncomplete("finishClientAuthorization test not implemented");
$this->fixture->finishClientAuthorization();
}
