public function testEncryptionKeyPath()
{
global $mockFileGetContents;
$path = uniqid();
$key = uniqid();
$mockFileGetContents = $key;
$provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak(['encryptionKeyPath' => $path]);
$this->assertEquals($key, $provider->encryptionKey);
$path = uniqid();
$key = uniqid();
$mockFileGetContents = $key;
$provider->setEncryptionKeyPath($path);
$this->assertEquals($key, $provider->encryptionKey);
}
<?php
require 'vendor/autoload.php';
session_start();
$provider = new Stevenmaguire\OAuth2\Client\Provider\Keycloak(['authServerUrl' => '', 'realm' => '', 'clientId' => '', 'clientSecret' => '', 'redirectUri' => '', 'encryptionAlgorithm' => null, 'encryptionKey' => null, 'encryptionKeyPath' => null]);
if (!isset($_GET['code'])) {
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
header('Location: ' . $authUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
unset($_SESSION['oauth2state']);
exit('Invalid state, make sure HTTP sessions are enabled.');
} else {
// Try to get an access token (using the authorization coe grant)
try {
$token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
} catch (Exception $e) {
exit('Failed to get access token: ' . $e->getMessage());
}
// Optional: Now you have a token you can look up a users profile data
try {
// We got an access token, let's now get the user's details
$user = $provider->getResourceOwner($token);
// Use these details to create a new profile
printf('Hello %s!\\n<br>', $user->getName());
} catch (Exception $e) {
exit('Failed to get resource owner: ' . $e->getMessage());
}
