/**
* Attempt to authenticate with the API, or redirect the user where necessary.
* @param Medialab\Config $config
* @param string $redirect_to
* @param boolean $verbose print access_token/expiry time on succesful authentication
* @return \League\OAuth2\Client\Token\AccessToken
* @throws \InvalidArgumentException
*/
function ml_api_authenticate(Medialab\Config $config, $redirect_to = null, $verbose = true)
{
$client = $config->getClient();
if (isset($_GET['error'])) {
// If, after an authorization attempt, the user comes back with an error he/she probably declined the authorization request.
throw new \InvalidArgumentException("An error has occurred while processing your authorization: {$_GET['error']} ({$_GET['message']})");
}
if (isset($_GET['code'])) {
// If we have a user coming back with an authorization code,
// we need to complete the OAuth 2 process by exchanging it for an access token.
// First, we need to validate the state parameter against CSRF.
if (isset($_SESSION['medialab_state']) && (empty($_GET['state']) || $_GET['state'] !== $_SESSION['medialab_state'])) {
unset($_SESSION['medialab_state']);
throw new \InvalidArgumentException('Invalid state found with authorization code.');
}
$token = $client->loadAccessTokenFromAuthCode($_GET['code']);
$_SESSION['medialab_token'] = json_encode($token);
// Refresh page to remove the code getvar
$redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
die;
}
if (isset($_SESSION['medialab_token'])) {
$token = $client->loadAccessTokenFromJSON($_SESSION['medialab_token']);
if ($token->hasExpired()) {
// Access token has expired. If we have a valid refresh_token, we can use that to request a new access_token.
// If we don't, we will need to start with the authorize again.
// If you're a real app, you need to store the refresh_token in a persistent db.
unset($_SESSION['medialab_token']);
$token = $client->loadAccessTokenFromRefreshToken($token->getRefreshToken());
$_SESSION['medialab_token'] = json_encode($token);
}
}
if (!isset($token) || !$token) {
// No valid token, start authorization process from scratch.
if ($redirect_to != null) {
$_SESSION['medialab_api_redirect'] = $redirect_to;
}
// We include a "state" to prevent CSRF attacks.
$_SESSION['medialab_state'] = $client->getState();
printf('<a href="%s">Please follow this link to authenticate your app</a>', $client->getAuthorizationUrl([]));
die;
}
if ($verbose) {
echo 'Access token: ' . $token->getToken() . '<br/>';
echo 'Refresh token: ' . $token->getRefreshToken() . '<br/>';
echo 'Expires: ' . $token->getExpires() . '<br/><br/>';
}
return $token;
}
<?php
require_once __DIR__ . '/authorize.php';
$config = new Medialab\Config();
$config->setMedialab(ML_MEDIALAB_URI)->setClient(ML_API_CLIENT, ML_API_SECRET)->setRedirectUri(ML_REDIRECT_URI)->addScope(Medialab\Scopes::SCOPE_USER_INFO);
try {
ml_api_authenticate($config, 'user.php');
} catch (\Exception $ex) {
print_r($ex->getMessage());
die;
}
$user = new Medialab\Service\User($config);
try {
$info = $user->getUserInfo();
echo '<pre>';
print_r($info);
echo '</pre>';
} catch (Exception $ex) {
print_r('An error has occured while executing the API command: ' . $ex->getMessage());
}
<?php
require_once __DIR__ . '/authorize.php';
$config = new Medialab\Config();
$config->setMedialab(ML_MEDIALAB_URI)->setClient(ML_API_CLIENT, ML_API_SECRET)->setRedirectUri(ML_REDIRECT_URI)->addScope(Medialab\Scopes::SCOPE_BASIC)->addScope(Medialab\Scopes::SCOPE_UPLOAD);
try {
ml_api_authenticate($config, 'upload.php');
} catch (\Exception $ex) {
print_r($ex->getMessage());
die;
}
$media = new Medialab\Service\Media($config);
try {
$media->startUpload();
$file = $media->uploadFile(1, __DIR__ . '/../README.md');
$media->finishUpload();
echo '<pre>';
print_r($file);
echo '</pre>';
} catch (Exception $ex) {
print_r('An error has occured while executing the API command: ' . $ex->getMessage());
}
