Пример #1
0
 public function github()
 {
     $provider = new \League\OAuth2\Client\Provider\Github(['clientId' => env('GITHUB_CLIENT_ID'), 'clientSecret' => env('GITHUB_CLIENT_SECRET'), 'redirectUri' => env('GITHUB_REDIRECT_URI')]);
     if (!isset($this->request->query['code'])) {
         // If we don't have an authorization code then get one
         $authUrl = $provider->getAuthorizationUrl($options);
         // $_SESSION['oauth2state'] = $provider->getState(); // stateをつけるともっとセキュアに!
         $this->redirect($authUrl);
         // Check given state against previously stored one to mitigate CSRF attack
         // stateのチェック
         // } elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
         //     unset($_SESSION['oauth2state']);
         //     exit('Invalid state');
     } else {
         // Try to get an access token (using the authorization code grant)
         $token = $provider->getAccessToken('authorization_code', ['code' => $this->request->query['code']]);
         // Optional: Now you have a token you can look up a users profile data
         try {
             // We got an access token, let's now get the user's details
             $user = $provider->getResourceOwner($token);
             // githubユーザー情報を配列で取得
             $user_to_array = $user->toArray();
             // 登録済みか確認
             $query = TableRegistry::get('Users')->find();
             $signed_up_user = $query->where(['uid' => $user_to_array['id']])->first();
             if (isset($signed_up_user['uid'])) {
                 // access_tokenをGitHubから取得してきた値で更新
                 $usersTable = TableRegistry::get('Users');
                 $data = ['access_token' => $token->getToken()];
                 $signed_up_user->set($data);
                 $usersTable->save($signed_up_user);
                 $this->loginAndRedirect($signed_up_user);
             } else {
                 // 未登録の場合はデータベースに登録する
                 $data = ['name' => empty($user->getName()) ? $user->getNickname() : $user->getName(), 'uid' => $user->getId(), 'nickname' => $user->getNickname(), 'avatar' => $user_to_array['avatar_url'], 'access_token' => $token->getToken(), 'email' => $user->getEmail()];
                 if (is_null($user->getEmail())) {
                     $this->request->session()->write('user_data', $data);
                     $this->redirect('/oauth/edit');
                 } else {
                     $this->saveUserAndLogin($data);
                 }
             }
         } catch (Exception $e) {
             // TODO: 後でちゃんとすること
             // Failed to get user details
             exit('Oh dear...');
         }
     }
 }
Пример #2
0
    $authUrl = $provider->getAuthorizationUrl($options);
    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: ' . $authUrl);
    exit;
    // Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || $_GET['state'] != $_SESSION['oauth2state']) {
    echo "state is : " . $_GET['state'];
    echo "session state is : " . $_SESSION['oauth2state'];
    //unset($_SESSION['oauth2state']);
    exit('Invalid state');
} else {
    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
    // Optional: Now you have a token you can look up a users profile data
    try {
        // We got an access token, let's now get the user's details
        $user = $provider->getResourceOwner($token);
        // Use these details to create a new profile
        //printf('Hello %s - testing - login functionality coming soon ...!', $user->getNickname());
        $_SESSION['loggedin'] = 'true';
        $_SESSION['login'] = $user->getNickname();
        $scheme = 'https://';
        header("Location: " . $scheme . $_SERVER['SERVER_NAME'] . dirname($_SERVER['REQUEST_URI']) . $user->getNickname());
        exit;
    } catch (Exception $e) {
        // Failed to get user details
        exit('Oh dear...');
    }
    // Use this to interact with an API on the users behalf
    // echo $token->getToken();
}