Exemple #1
0
        header('HTTP/1.0 403 Forbidden');
        echo "The state parameter didn't match what was passed in to the Clef button.";
        exit;
    } else {
        unset($_SESSION['state']);
    }
    return $is_valid;
}
if (!session_id()) {
    session_start();
}
if (isset($_GET["code"]) && $_GET["code"] != "") {
    validate_state($_GET["state"]);
    \Clef\Clef::initialize(CLEF_ID, CLEF_SECRET);
    try {
        $response = \Clef\Clef::get_login_information($_GET["code"]);
        $result = $response->info;
        // reset the user's session
        if (isset($result->id) && $result->id != '') {
            //remove all the variables in the session
            session_unset();
            // destroy the session
            session_destroy();
            if (!session_id()) {
                session_start();
            }
            $clef_id = $result->id;
            $clef_email = $result->email;
            require_once 'classes/user.php';
            $user = new User($config);
            if ($clef_users = $user->select_user(array('clef' => $clef_id))) {
<?php

require 'config.php';
require_once 'vendor/autoload.php';
if (isset($_POST['logout_token'])) {
    \Clef\Clef::initialize(APP_ID, APP_SECRET);
    try {
        $clef_id = \Clef\Clef::get_logout_information($_POST["logout_token"]);
        require 'mysql.php';
        update_logged_out_at($clef_id, time(), $mysql);
        die(json_encode(array('success' => true)));
    } catch (Exception $e) {
        die(json_encode(array('error' => $e->getMessage())));
    }
}
Exemple #3
0
 function logout(&$args)
 {
     $args->retval = false;
     error_log('log out requested');
     \Clef\Clef::initialize(AUTH_APPID, AUTH_SECRET);
     if (isset($_POST['logout_token'])) {
         try {
             $id = \Clef\Clef::get_logout_information($_POST['logout_token']);
             $user =& $this->_find_user($id);
             if ($user !== NULL) {
                 $user['logged_out_at'] = time();
                 /* updated model so save */
                 // XXX: this isn't multi user safe - we write in once hit
                 $this->_teapot->put_model('users', $this->_users);
                 error_log('logged out via Clef: ' . $user['id'] . ', ' . $user['email']);
             }
             $args->retval = true;
         } catch (Exception $e) {
             /* pass */
         }
     } else {
         /* not the result of a oauth logout - check session */
         if ($_SESSION[Auth::AUTHORIZED] === true) {
             $this->_user['logged_out_at'] = time();
             session_destroy();
             // this session is done, discard
             session_start();
             // new shiny session
             $this->_clear_session();
             /* updated model so save */
             // XXX: this isn't multi user safe - we write in once hit
             $this->_teapot->put_model('users', $this->_users);
             $args->retval = true;
             error_log('logged out: ' . $this->_user['id'] . ', ' . $this->_user['email']);
         }
     }
 }
Exemple #4
0
 public static function generate_session_state_parameter()
 {
     if (!session_id()) {
         session_start();
     }
     if (isset($_SESSION['state'])) {
         return $_SESSION['state'];
     } else {
         $state = Clef::base64url_encode(openssl_random_pseudo_bytes(32));
         $_SESSION['state'] = $state;
         return $state;
     }
 }