/** * The callback function for authenticating the user and then storing the token in the CredentialStore (no content * is being requested). */ public function authenticationCallback() { if (!isset($_GET['code'])) { return; } $store = SBTCredentialStore::getInstance(); $settings = new SBTSettings(); $endpointName = "connections"; if (isset($_GET['endpointName'])) { $endpointName = $_GET['endpointName']; } $parameters = array('callback_uri' => $settings->getOAuth2CallbackURL($endpointName), 'code' => $_GET['code'], 'grant_type' => 'authorization_code', 'client_id' => $settings->getClientId($endpointName), 'client_secret' => $settings->getClientSecret($endpointName)); $tokenURL = $settings->getAccessTokenURL($endpointName) . '?' . http_build_query($parameters, null, '&'); $client = new Client($tokenURL); $client->setDefaultOption('verify', false); $headers = null; $body = null; $options = array(); $response = null; try { $request = $client->createRequest('GET', $tokenURL, $headers, $body, $options); if ($settings->forceSSLTrust($endpointName)) { $request->getCurlOptions()->set(CURLOPT_SSL_VERIFYHOST, false); $request->getCurlOptions()->set(CURLOPT_SSL_VERIFYPEER, false); } $response = $request->send(); foreach ($response->getHeaderLines() as $h) { if (strpos($h, "Content-Type") === 0) { header($h, TRUE); } } header(':', true, $response->getStatusCode()); header('X-PHP-Response-Code: ' . $response->getStatusCode(), true, $response->getStatusCode()); parse_str($response->getBody(TRUE), $info); if (!isset($info['access_token'])) { die('Missing access token. Something went wrong - make sure that your client ID and client secret are correct and try again.'); } $accessToken = $store->getOAuthAccessToken($endpointName); if ($accessToken == null || $accessToken == "") { $store->storeOAuthAccessToken($info['access_token'], $endpointName); } header("Location: " . $settings->getOAuthOrigin($endpointName)); } catch (Guzzle\Http\Exception\BadResponseException $e) { $response = $e->getResponse(); print_r($response->getBody(TRUE)); } }
/** * Constructor. */ function __construct($endpointName = "connections") { $this->endpointName = $endpointName; $this->loadModel('SBTSettings'); $settings = new SBTSettings(); $authMethod = $settings->getAuthenticationMethod($endpointName); global $USER; if (isset($USER->id)) { setcookie('ibm-sbt-uid', $USER->id, time() + 604800); } if ($authMethod == 'oauth1') { // Check if we have an access token. If not, re-direct user to authentication page $this->loadModel('SBTCredentialStore'); $store = SBTCredentialStore::getInstance(); $token = $store->getRequestToken($endpointName); if ($token == null) { // Autoloader if (file_exists('../../../autoload.php')) { include_once '../../../autoload.php'; } else { if (function_exists('plugin_dir_path')) { $dir = plugin_dir_path(__FILE__); include_once $dir . '../../autoload.php'; } } if (file_exists(BASE_PATH . '/core/controllers/endpoint/SBTOAuth1Endpoint.php')) { include BASE_PATH . '/core/controllers/endpoint/SBTOAuth1Endpoint.php'; } // Create endpoint $oauth = new SBTOAuth1Endpoint(); // Send request to authenticate user (auth token is automatically being stored when callback method = authenticationCallback) // find out the domain: $domain = $_SERVER['HTTP_HOST']; // find out the path to the current file: $path = $_SERVER['SCRIPT_NAME']; // find out the QueryString: $queryString = $_SERVER['QUERY_STRING']; // put it all together: $protocol = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://"; $url = $protocol . $domain . $path . "?" . $queryString; $body = null; if (strpos(BASE_LOCATION, 'core') !== FALSE) { $body = $oauth->request($url, BASE_LOCATION . '/index.php?plugin=guzzle&class=SBTOAuth1Endpoint&method=authenticationCallback', 'POST', $endpointName); } else { $body = $oauth->request($url, BASE_LOCATION . '/core/index.php?plugin=guzzle&class=SBTOAuth1Endpoint&method=authenticationCallback', 'POST', $endpointName); } var_dump($body); } } else { if ($authMethod == 'oauth2') { // Check if we have an access token. If not, re-direct user to authentication page $this->loadModel('SBTCredentialStore'); $store = SBTCredentialStore::getInstance(); $token = $store->getOAuthAccessToken($endpointName); if ($token == null) { // Autoloader if (file_exists('../../../autoload.php')) { include_once '../../../autoload.php'; } else { if (function_exists('plugin_dir_path')) { $dir = plugin_dir_path(__FILE__); include_once $dir . '../../autoload.php'; } } $parameters = array('response_type' => 'code', 'client_id' => $settings->getClientId($endpointName), 'callback_uri' => $settings->getOAuth2CallbackURL($endpointName)); $authURL = $settings->getAuthorizationURL($endpointName) . '?' . http_build_query($parameters, null, '&'); if (!headers_sent()) { header("Location: " . $authURL); } else { echo '<script type="text/javascript" language="javascript">window.location = "' . $authURL . '";</script>'; } } } } }