public function login() { $provider = new \League\OAuth2\Client\Provider\GenericProvider(['clientId' => env('OATH2_CLIENT_ID', ''), 'clientSecret' => env('OATH2_SECRET', ''), 'redirectUri' => env('OATH2_REDIRECT_URI', ''), 'urlAuthorize' => 'http://korriban.chalmers.it/oauth/authorize', 'urlAccessToken' => 'http://korriban.chalmers.it/oauth/token', 'urlResourceOwnerDetails' => 'http://brentertainment.com/oauth2/lockdin/resource']); // If we don't have an authorization code then get one if (!isset($_GET['code'])) { $authorizationUrl = $provider->getAuthorizationUrl(); header('Location: ' . $authorizationUrl); exit; } elseif (empty($_GET['state'])) { //|| ($_GET['state'] !== $_SESSION['oauth2state'])) { exit('Invalid state'); } else { try { // Try to get an access token using the authorization code grant. $accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); //use gruzzle $client = new GuzzleHttp\Client(); $res = $client->request('GET', 'http://korriban.chalmers.it/me.json?access_token=' . $accessToken->getToken()); $user = json_decode($res->getBody()); Session::put('groups', json_encode($user->groups)); echo Session::get('groups'); } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { // Failed to get the access token or user details. exit($e->getMessage()); } } }
require_once __DIR__ . '/vendor/autoload.php'; $dotenv = new Dotenv\Dotenv(__DIR__); $dotenv->load(); $provider = new \League\OAuth2\Client\Provider\GenericProvider(['clientId' => getenv('CLIENT_ID'), 'clientSecret' => getenv('CLIENT_SECRET'), 'redirectUri' => getenv('REDIRECT_URI'), 'urlAuthorize' => getenv('AUTH_URL'), 'urlAccessToken' => getenv('TOKEN_URL'), 'urlResourceOwnerDetails' => getenv('ATTRIBUTES_URL')]); session_start(); if (!isset($_GET['code'])) { // Fetch the authorization URL from the provider; this returns the // urlAuthorize option and generates and applies any necessary parameters // (e.g. state). $authorizationUrl = $provider->getAuthorizationUrl(); // Get the state generated for you and store it to the session. $_SESSION['oauth2state'] = $provider->getState(); // Redirect the user to the authorization URL. header('Location: ' . filter_var($authorizationUrl, FILTER_SANITIZE_URL)); exit; } else { try { // Try to get an access token using the authorization code grant. // Pass in the affiliation in the scope $accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code'], 'scope' => 'military']); // // Using the access token, we may look up details about the user $resourceOwner = $provider->getResourceOwner($accessToken); // // The JSON payload of the response $_SESSION['payload'] = json_encode($resourceOwner->toArray()); header('Location: ' . '/'); exit; } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { // Failed to get the access token or user details. exit($e->getMessage()); } }
$authorizationUrl = $provider->getAuthorizationUrl(); // Get the state generated for you and store it to the session. $_SESSION['oauth2state'] = $provider->getState(); // Redirect the user to the authorization URL. header('Location: ' . $authorizationUrl); exit; // Check given state against previously stored one to mitigate CSRF attack } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { var_dump($_GET['state']); var_dump($_SESSION['oauth2state']); unset($_SESSION['oauth2state']); exit('Invalid state'); } else { try { // Try to get an access token using the authorization code grant. $accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); // We have an access token, which we may use in authenticated // requests against the service provider's API. echo "Access Token: " . $accessToken->getToken() . "<br />"; echo "Refresh Token: " . $accessToken->getRefreshToken() . "<br />"; echo "Expires: " . $accessToken->getExpires() . "<br />"; echo "Has expired: " . ($accessToken->hasExpired() ? 'expired' : 'not expired') . "<br />"; // The provider provides a way to get an authenticated API request for // the service, using the access token; it returns an object conforming // to Psr\Http\Message\RequestInterface. $request = $provider->getAuthenticatedRequest('GET', 'https://api-stage.cisco.com/security/advisories/cvrf/cve/CVE-2012-2486', $accessToken); //print var_export($request,true); $client = new Client(['base_uri' => 'https://api-stage.cisco.com', 'timeout' => 2.0]); $response = $client->send($request, ['timeout' => 2]); print "<br/><br/>"; //var_dump($response);
/** * This function initializes the athentication and acquires an access token. Once access token is acquired, * it is put inside the session. And also kept in the class to be used in the future. */ public function initialAuthentication() { $provider = new \League\OAuth2\Client\Provider\GenericProvider(['clientId' => $this->_clientID, 'apiKey' => $this->_apiKey, 'clientSecret' => $this->_apiSecret, 'redirectUri' => $this->_redirectUri, 'urlAuthorize' => $this->builtUriWithoutAPIKey('oauth/authorize'), 'urlAccessToken' => $this->builtUriWithoutAPIKey('oauth/token'), 'urlResourceOwnerDetails' => $this->builtUriWithoutAPIKey('oauth/resource')]); // If we don't have an authorization code then get one if (!isset($_GET['code'])) { // Fetch the authorization URL from the provider; this returns the // urlAuthorize option and generates and applies any necessary parameters // (e.g. state). $authorizationUrl = $provider->getAuthorizationUrl(); // Get the state generated for you and store it to the session. $_SESSION['oauth2state'] = $provider->getState(); // Redirect the user to the authorization URL. header('Location: ' . $authorizationUrl); exit; // Check given state against previously stored one to mitigate CSRF attack } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); exit('Invalid state'); } else { try { $accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $_SESSION['access_token'] = $accessToken; $this->_accessToken = $accessToken; } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { // Failed to get the access token or user details. exit($e->getMessage()); } } }