require_once 'common.inc.php';
/* this file handles the entire OAuth API token negotiation for a user token --
   update it to include a better explanation, pertinent to your app, for why the
   user is about to be asked to log into Canvas in the middle of Canvas */
try {
    $oauth = new OAuthNegotiator();
} catch (OAuthNegotiator_Exception $e) {
}
if (isset($_REQUEST['oauth'])) {
    switch ($_REQUEST['oauth']) {
        case 'request':
            $smarty->assign('content', '<h1>Token Request</h1>
		<p>This application requires access to the Canvas APIs. Canvas is about to ask you to give permission for this.</p>
		<p><a href="' . $_SERVER['PHP_SELF'] . '?oauth=process">Click to continue</a></p>');
            $smarty->display();
            exit;
        case 'process':
            $oauth = new OAuthNegotiator('https://' . $toolProvider->user->getResourceLink()->settings['custom_canvas_api_domain'] . '/login/oauth2', (string) $secrets->oauth->id, (string) $secrets->oauth->key, "{$_SERVER['PHP_SELF']}?oauth=complete", (string) $secrets->app->name);
            break;
        case 'complete':
            $user = new UserAPIToken($_SESSION['user_consumer_key'], $_SESSION['user_id'], $sql);
            $user->setToken($oauth->getToken());
            $user->setAPIUrl("{$metadata['CANVAS_INSTANCE_URL']}/api/v1");
            $_SESSION['apiToken'] = $user->getToken();
            $_SESSION['apiUrl'] = $user->getAPIUrl();
            $_SESSION['isUserToken'] = true;
            header("Location: {$metadata['APP_URL']}/app.php");
            exit;
    }
}