<?php
require_once './config/config.php';
// initialize a new generic provider
$provider = new \League\OAuth2\Client\Provider\GenericProvider(['clientId' => CLIENT_ID, 'clientSecret' => SECRET_KEY, 'redirectUri' => REDIRECT_URL, 'urlAuthorize' => 'https://connect.stripe.com/oauth/authorize', 'urlAccessToken' => 'https://connect.stripe.com/oauth/token', 'urlResourceOwnerDetails' => 'https://api.stripe.com/v1/account']);
// Check for an authorization code
if (isset($_GET['code'])) {
$code = $_GET['code'];
// Try to retrieve the access token
try {
$accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
// You could retrieve the API key with `$accessToken->getToken()`, but it's better to authenticate using the Stripe-account header (below)
// Retrieve the account ID to be used for authentication: https://stripe.com/docs/connect/authentication
// TODO: Save this account ID to your database for later use.
$account_id = $provider->getResourceOwner($accessToken)->getId();
// Retrieve the account from Stripe: https://stripe.com/docs/api/php#retrieve_account
$account = \Stripe\Account::Retrieve($account_id);
$success = "Your Stripe account has been connected!";
} catch (Exception $e) {
$error = $e->getMessage();
}
} elseif (isset($_GET['error'])) {
$error = $_GET['error_description'];
} else {
$error = "No authorization code received";
}
public function login()
{
$provider = new \League\OAuth2\Client\Provider\GenericProvider(['clientId' => env('OATH2_CLIENT_ID', ''), 'clientSecret' => env('OATH2_SECRET', ''), 'redirectUri' => env('OATH2_REDIRECT_URI', ''), 'urlAuthorize' => 'http://korriban.chalmers.it/oauth/authorize', 'urlAccessToken' => 'http://korriban.chalmers.it/oauth/token', 'urlResourceOwnerDetails' => 'http://brentertainment.com/oauth2/lockdin/resource']);
// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {
$authorizationUrl = $provider->getAuthorizationUrl();
header('Location: ' . $authorizationUrl);
exit;
} elseif (empty($_GET['state'])) {
//|| ($_GET['state'] !== $_SESSION['oauth2state'])) {
exit('Invalid state');
} else {
try {
// Try to get an access token using the authorization code grant.
$accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
//use gruzzle
$client = new GuzzleHttp\Client();
$res = $client->request('GET', 'http://korriban.chalmers.it/me.json?access_token=' . $accessToken->getToken());
$user = json_decode($res->getBody());
Session::put('groups', json_encode($user->groups));
echo Session::get('groups');
} catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {
// Failed to get the access token or user details.
exit($e->getMessage());
}
}
}
<?php
require_once __DIR__ . '/vendor/autoload.php';
$dotenv = new Dotenv\Dotenv(__DIR__);
$dotenv->load();
$provider = new \League\OAuth2\Client\Provider\GenericProvider(['clientId' => getenv('CLIENT_ID'), 'clientSecret' => getenv('CLIENT_SECRET'), 'redirectUri' => getenv('REDIRECT_URI'), 'urlAuthorize' => getenv('AUTH_URL'), 'urlAccessToken' => getenv('TOKEN_URL'), 'urlResourceOwnerDetails' => getenv('ATTRIBUTES_URL')]);
session_start();
if (!isset($_GET['code'])) {
// Fetch the authorization URL from the provider; this returns the
// urlAuthorize option and generates and applies any necessary parameters
// (e.g. state).
$authorizationUrl = $provider->getAuthorizationUrl();
// Get the state generated for you and store it to the session.
$_SESSION['oauth2state'] = $provider->getState();
// Redirect the user to the authorization URL.
header('Location: ' . filter_var($authorizationUrl, FILTER_SANITIZE_URL));
exit;
} else {
try {
// Try to get an access token using the authorization code grant.
// Pass in the affiliation in the scope
$accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code'], 'scope' => 'military']);
// // Using the access token, we may look up details about the user
$resourceOwner = $provider->getResourceOwner($accessToken);
// // The JSON payload of the response
$_SESSION['payload'] = json_encode($resourceOwner->toArray());
header('Location: ' . '/');
exit;
} catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {
// Failed to get the access token or user details.
exit($e->getMessage());
window.onload=function(){
var responseContainer=document.getElementById("responseContainer");
var response=responseContainer.innerHTML;
responseContainer.innerHTML=JSON.stringify(JSON.parse(response),null, '\t');
};
</script>
</head>
<body>
<h1>Cisco PSIRT VulnAPI PHP Serverside Access Example</h1>
<?php
require __DIR__ . '/vendor/autoload.php';
use GuzzleHttp\Client;
session_start();
$provider = new \League\OAuth2\Client\Provider\GenericProvider(['clientId' => '<put here your client id>', 'clientSecret' => '<put here your secret>', 'redirectUri' => 'http://myserver.example.com.com/vulnapi/vulnapicm.php', 'urlAuthorize' => 'https://cloudsso.cisco.com/as/authorization.oauth2', 'urlAccessToken' => 'https://cloudsso.cisco.com/as/token.oauth2', 'urlResourceOwnerDetails' => '']);
// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {
// Fetch the authorization URL from the provider; this returns the
// urlAuthorize option and generates and applies any necessary parameters
// (e.g. state).
$authorizationUrl = $provider->getAuthorizationUrl();
// Get the state generated for you and store it to the session.
$_SESSION['oauth2state'] = $provider->getState();
// Redirect the user to the authorization URL.
header('Location: ' . $authorizationUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
var_dump($_GET['state']);
var_dump($_SESSION['oauth2state']);
/**
* This function initializes the athentication and acquires an access token. Once access token is acquired,
* it is put inside the session. And also kept in the class to be used in the future.
*/
public function initialAuthentication()
{
$provider = new \League\OAuth2\Client\Provider\GenericProvider(['clientId' => $this->_clientID, 'apiKey' => $this->_apiKey, 'clientSecret' => $this->_apiSecret, 'redirectUri' => $this->_redirectUri, 'urlAuthorize' => $this->builtUriWithoutAPIKey('oauth/authorize'), 'urlAccessToken' => $this->builtUriWithoutAPIKey('oauth/token'), 'urlResourceOwnerDetails' => $this->builtUriWithoutAPIKey('oauth/resource')]);
// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {
// Fetch the authorization URL from the provider; this returns the
// urlAuthorize option and generates and applies any necessary parameters
// (e.g. state).
$authorizationUrl = $provider->getAuthorizationUrl();
// Get the state generated for you and store it to the session.
$_SESSION['oauth2state'] = $provider->getState();
// Redirect the user to the authorization URL.
header('Location: ' . $authorizationUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
try {
$accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
$_SESSION['access_token'] = $accessToken;
$this->_accessToken = $accessToken;
} catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {
// Failed to get the access token or user details.
exit($e->getMessage());
}
}
}
