Ejemplo n.º 1
0
 protected function startFlow()
 {
     $client = new Client(["clientId" => self::$ID, "clientSecret" => self::$secret, "redirectUri" => "http://localhost:8080/", "scopes" => ["profile", "email"], "hostedDomain" => "localhost:8080"]);
     if (!empty($_GET["error"])) {
         // User probably denied access.
         die("Got an error: {$_GET['error']}");
     } else {
         if (empty($_GET["code"])) {
             // We need to get an authorisation code.
             $authUrl = $client->getAuthorizationUrl();
             $_SESSION["oauth2state"] = $client->state;
             Headers::redirect($authUrl);
             exit;
         } else {
             if (empty($_GET["state"]) || $_GET["state"] !== $_SESSION["oauth2state"]) {
                 // State is invalid - possible CSRF attack.
                 unset($_SESSION["oauth2state"]);
                 die("Invalid state");
             } else {
                 // Try to get an access token using the authorisation grant.
                 try {
                     $token = $client->getAccessToken("authorization_code", ["code" => $_GET["code"]]);
                     $this->details = $client->getUserDetails($token);
                     unset($_SESSION["oauth2state"]);
                 } catch (\Exception $ex) {
                     unset($_SESSION["oauth2state"]);
                     die("Something went wrong! " . $ex->getMessage());
                 }
             }
         }
     }
 }
Ejemplo n.º 2
0
 public static function remember(Provider $auth)
 {
     $_SESSION["User"] = new User($auth->getDetails());
     if (isset($_COOKIE[self::COOKIE_REMEMBER])) {
         // Read rememberme cookie, log in user automatically.
         $username = base64_decode($_COOKIE[self::COOKIE_REMEMBER]);
         $hash = hash_hmac("sha256", $username, self::COOKIE_SALT);
         if ($hash !== $_COOKIE[self::COOKIE_SECRET]) {
             // Force user to be logged out.
             unset($_SESSION["User"]);
         }
     } else {
         if (!empty($_SESSION["User"])) {
             // Save rememberme cookie.
             $username = $_SESSION["User"]->email;
             $hash = hash_hmac("sha256", $username, self::COOKIE_SALT);
             $usernameEncoded = base64_encode($username);
             setcookie(self::COOKIE_REMEMBER, $usernameEncoded, time() + self::COOKIE_LIFE);
             setcookie(self::COOKIE_SECRET, $hash, time() + self::COOKIE_LIFE);
             // Force refresh, so cookies are sent.
             Headers::redirect($_SERVER["REQUEST_URI"]);
             exit;
         }
     }
 }
Ejemplo n.º 3
0
 public function go()
 {
     $uri = strtok($_SERVER["REQUEST_URI"], "?");
     if ($uri !== "/" && empty($_SESSION["User"])) {
         Headers::redirect("/");
         exit;
     }
 }
Ejemplo n.º 4
0
 public function go()
 {
     // Only perform the authentication from this one page.
     // Other pages will redirect here if authentication expires.
     if (!empty($_SESSION["User"])) {
         Headers::redirect("/dashboard");
         exit;
     }
     // For now, only implement Google auth.
     $auth = new Google();
     if ($auth->isAuthenticated()) {
         PersistentLogin::remember($auth);
     } else {
         die("ERROR!");
     }
 }