Example #1
1
 public function connect_with_oauth2($provider_name)
 {
     if ($this->user_model->is_logged_in()) {
         redirect('user/login');
     }
     switch ($provider_name) {
         case 'facebook':
             $provider = new League\OAuth2\Client\Provider\Facebook(array('clientId' => '738761806197904', 'clientSecret' => '913fab2aabe36d3af31dc738e3964d69', 'redirectUri' => 'http://kuklos.vikom.io/user/connect/facebook', 'scopes' => array('email')));
             break;
         case 'github':
             $provider = new League\OAuth2\Client\Provider\Github(array('clientId' => 'e100df6b5305c00f58e3', 'clientSecret' => 'b27953bc5421ce1e109e2b49c7fbb170de51108c', 'redirectUri' => 'http://kuklos.vikom.io/user/connect/github', 'scopes' => array('email')));
             break;
         case 'google':
             $provider = new League\OAuth2\Client\Provider\Google(array('clientId' => '246372104087-gf5re27h5ds69p09ubs25qmlf4bh3oim.apps.googleusercontent.com', 'clientSecret' => '4ccpNZwabW817I6jhN1n8TdB', 'redirectUri' => 'http://kuklos.vikom.io/user/connect/google', 'scopes' => array('email')));
             break;
         default:
             exit('Unsupported OAuth2 Provider: ' . $provider_name);
     }
     if (!isset($_GET['code'])) {
         // If we don't have an authorization code then get one
         header('Location: ' . $provider->getAuthorizationUrl());
         exit;
     } else {
         // Try to get an access token (using the authorization code grant)
         $token = $provider->getAccessToken('Authorization_Code', ['code' => $_GET['code']]);
         // Get user email
         $email = '';
         try {
             // We got an access token, let's now get the user's details
             $userDetails = $provider->getUserDetails($token);
             // Use these details to create a new profile
             $email = $userDetails->email;
         } catch (Exception $e) {
             // Failed to get user details
             exit('Something went wrong. Contact Admin.');
         }
         // Create account if it does not exist
         if ($this->user_model->add_oauth_user($email)) {
             $this->send_welcome_email($email);
         }
         $this->set_login_userdata($email);
         redirect('user');
         // // Use this to interact with an API on the users behalf
         // echo $token->accessToken;
         // // Use this to get a new access token if the old one expires
         // echo $token->refreshToken;
         // // Number of seconds until the access token will expire, and need refreshing
         // echo $token->expires;
     }
 }
Example #2
0
 public function doGet($view, $params)
 {
     $auth = Config::getInstance()->get("oauth2");
     $google = $auth['google'];
     $provider = new \League\OAuth2\Client\Provider\Google(['clientId' => $google['client_id'], 'clientSecret' => $google['client_secret'], 'redirectUri' => $google['redirect_uris'][0]]);
     // If we don't have an authorization code then get one
     $authUrl = $provider->getAuthorizationUrl();
     Session::getSession()->set('oauth2state', $provider->getState());
     $view->redirect($authUrl);
 }
 * * Set the script address as the app's redirect URL
 * If no refresh token is obtained when running this file, revoke access to your app
 * using link: https://accounts.google.com/b/0/IssuedAuthSubTokens and run the script again.
 * This script requires PHP 5.4 or later
 * PHP Version 5.4
 */
require 'vendor/autoload.php';
session_start();
//If this automatic URL doesn't work, set it yourself manually
$redirectUri = isset($_SERVER['HTTPS']) ? 'https://' : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
//$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php';
//These details obtained are by setting up app in Google developer console.
$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
//Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
$provider = new League\OAuth2\Client\Provider\Google(array('clientId' => $clientId, 'clientSecret' => $clientSecret, 'redirectUri' => $redirectUri, 'scopes' => array('https://mail.google.com/'), 'accessType' => 'offline'));
if (!isset($_GET['code'])) {
    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->state;
    header('Location: ' . $authUrl);
    exit;
    // Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
    unset($_SESSION['oauth2state']);
    exit('Invalid state');
} else {
    $provider->accessType = 'offline';
    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', array('code' => $_GET['code']));
    // Use this to interact with an API on the users behalf
Example #4
0
 * * Set the script address as the app's redirect URL
 * If no refresh token is obtained when running this file, revoke access to your app
 * using link: https://accounts.google.com/b/0/IssuedAuthSubTokens and run the script again.
 * This script requires PHP 5.4 or later
 * PHP Version 5.4
 */
require 'vendor/autoload.php';
session_start();
//If this automatic URL doesn't work, set it yourself manually
$redirectUri = isset($_SERVER['HTTPS']) ? 'https://' : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
//$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php';
//These details obtained are by setting up app in Google developer console.
$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
//Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
$provider = new League\OAuth2\Client\Provider\Google(array('clientId' => $clientId, 'clientSecret' => $clientSecret, 'redirectUri' => $redirectUri, 'scopes' => array('https://mail.google.com/'), 'accessType' => 'offline'));
if (!isset($_GET['code'])) {
    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: ' . $authUrl);
    exit;
    // Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
    unset($_SESSION['oauth2state']);
    exit('Invalid state');
} else {
    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', array('code' => $_GET['code']));
    // Use this to get a new access token if the old one expires
    echo 'Refresh Token: ' . $token->getRefreshToken();
Example #5
-1
 /**
  * This verify try to check that an email match with a valid token
  * @param $email
  * @param $token
  * @return bool
  */
 public function verify($email, $token)
 {
     $provider = new \League\OAuth2\Client\Provider\Google(['clientId' => env('GOOGLE_OAUTH_CLIENT_ID'), 'clientSecret' => env('GOOGLE_OAUTH_CLIENT_SECRET'), 'redirectUri' => env('GOOGLE_OAUTH_REDIRECT_URI'), 'hostedDomain' => env('GOOGLE_OAUTH_DOMAIN')]);
     $token = new \League\OAuth2\Client\Token\AccessToken(['access_token' => $token]);
     /** @var GoogleUser $ownerDetails */
     $ownerDetails = $provider->getResourceOwner($token);
     if (!$ownerDetails->getEmail() === $email) {
         return false;
     }
     $user = App::make(\App\Libraries\Acl\Repositories\User::class)->getByEmail($email);
     Auth::loginUsingId($user->id);
     return $user->id;
 }
Example #6
-1
 /**
  * See:
  * 
  * https://github.com/PHPMailer/PHPMailer/wiki/Using-Gmail-with-XOAUTH2
  * https://github.com/PHPMailer/PHPMailer/blob/master/get_oauth_token.php
  * https://github.com/thephpleague/oauth2-client
  * https://github.com/thephpleague/oauth2-google
  * 
  * @author Christophe
  */
 public function token()
 {
     ini_set('display_errors', 1);
     ini_set('display_startup_errors', 1);
     error_reporting(E_ALL);
     //session_start();
     //If this automatic URL doesn't work, set it yourself manually
     //$redirectUri = isset($_SERVER['HTTPS']) ? 'https://' : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
     //$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php';
     if ($this->config->item('environment') == 'production') {
         $redirectUri = 'https://app.trackstreet.com/oauth/token';
     } else {
         if ($this->config->item('environment') == 'local') {
             $redirectUri = 'http://localvision.juststicky.com:8888/oauth/token';
         } else {
             $redirectUri = 'http://dev.trackstreet.com/oauth/token';
         }
     }
     //var_dump($redirectUri); exit();
     //These details obtained are by setting up app in Google developer console.
     //$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
     $clientId = '926686706631-hfvemdq29jq7rls3cev19dhk3u1vnm68.apps.googleusercontent.com';
     //$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
     $clientSecret = 'tgaKWHuROprvasinKyeitMlk';
     //Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
     $provider = new League\OAuth2\Client\Provider\Google(array('clientId' => $clientId, 'clientSecret' => $clientSecret, 'redirectUri' => $redirectUri, 'scopes' => array('https://mail.google.com/'), 'accessType' => 'offline'));
     if (!isset($_GET['code'])) {
         // If we don't have an authorization code then get one
         $authUrl = $provider->getAuthorizationUrl();
         $_SESSION['oauth2state'] = $provider->getState();
         header('Location: ' . $authUrl);
         exit;
     } else {
         if (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
             unset($_SESSION['oauth2state']);
             exit('Invalid state');
         } else {
             // Try to get an access token (using the authorization code grant)
             $token = $provider->getAccessToken('authorization_code', array('code' => $_GET['code']));
             // Use this to get a new access token if the old one expires
             echo 'Refresh Token: ' . $token->getRefreshToken();
         }
     }
 }
Example #7
-1
 /**
  * Try to authenticate the user using one of the OAuth2 providers
  * @author Benjamin BALET <*****@*****.**>
  */
 public function loginOAuth2()
 {
     require_once APPPATH . 'third_party/OAuthClient/vendor/autoload.php';
     $oauth2Enabled = $this->config->item('oauth2_enabled');
     $oauth2Provider = $this->config->item('oauth2_provider');
     $oauth2ClientId = $this->config->item('oauth2_client_id');
     $oauth2ClientSecret = $this->config->item('oauth2_client_secret');
     if ($oauth2Enabled === FALSE) {
         echo 'ERROR: OAuth2 is disabled';
         return;
     }
     $authCode = $this->input->post('auth_code');
     if (!is_null($authCode)) {
         $this->load->model('users_model');
         switch ($oauth2Provider) {
             case 'google':
                 $provider = new League\OAuth2\Client\Provider\Google(array('clientId' => $oauth2ClientId, 'clientSecret' => $oauth2ClientSecret, 'redirectUri' => 'postmessage', 'accessType' => 'offline'));
                 $token = $provider->getAccessToken('authorization_code', array('code' => $authCode));
                 try {
                     //We try to get the e-mail address from the Google+ API
                     $ownerDetails = $provider->getResourceOwner($token);
                     $email = $ownerDetails->getEmail();
                     //If we find the e-mail address into the database, we're good
                     $loggedin = $this->users_model->checkCredentialsEmail($email);
                     if ($loggedin === TRUE) {
                         echo 'OK';
                     } else {
                         echo lang('session_login_flash_bad_credentials');
                     }
                 } catch (Exception $e) {
                     echo 'ERROR: ' . $e->getMessage();
                 }
                 break;
             default:
                 echo 'ERROR: unsupported OAuth2 provider';
         }
     } else {
         echo 'ERROR: Invalid OAuth2 token';
     }
 }
Example #8
-1
 /**
  * Constructor.
  *
  * @throws Exception
  * @throws dml_exception
  */
 public function __construct()
 {
     global $CFG;
     parent::__construct(['clientId' => get_config('auth/googleoauth2', $this->name . 'clientid'), 'clientSecret' => get_config('auth/googleoauth2', $this->name . 'clientsecret'), 'redirectUri' => $CFG->wwwroot . '/auth/googleoauth2/' . $this->name . '_redirect.php', 'scopes' => $this->scopes]);
 }