nettsiden/OAuth2Client.php

123 lines
3.5 KiB
PHP
Raw Normal View History

2016-06-30 13:45:29 +02:00
<?php
2016-07-19 15:58:46 +02:00
namespace Kasperrt;
2016-06-30 13:45:29 +02:00
class OAuth2 {
private $client_id;
private $client_secret;
private $redirect_uri;
private $scope;
private $access_token;
private $url;
private $URL_AUTH;
private $URL_TOKEN;
private $auth_type;
private $session;
private $grant_type;
private $response_type;
public function __construct($params){
2016-06-30 13:45:29 +02:00
/* REQUIRED */
$this->client_id = $params["client_id"];
2016-07-01 14:49:57 +02:00
$this->client_secret = $params["client_secret"];
$this->redirect_uri = $params["redirect_uri"];
$this->URL_AUTH = $params["auth"] . "?";
$this->URL_TOKEN = $params["token"] . "?";
/* OPTIONAL */
2016-07-01 14:49:57 +02:00
$this->auth_type = isset($params["authorization_type"]) ? $params["authorization_type"] : "Bearer";
$this->session = isset($params["session"]) ? $params["session"] : false;
$this->verify_ssl_peer = isset($params["verify"]) ? ($params["verify"] ? 1 : 0) : 1;
$this->verify_ssl_host = $this->verify_ssl_peer === 1 ? 2 : 0;
$this->grant_type = isset($params["grant_type"]) ? $params["grant_type"] : "authorization_code";
$this->response_type = isset($params["response_type"]) ? $params["response_type"] : "code";
2016-06-30 13:45:29 +02:00
}
2016-07-19 16:43:26 +02:00
public function get_access_token($state = false, $code = false) {
if(!$state) {
$state = htmlspecialchars($_GET['state']);
}
if(!$code) {
$state = htmlspecialchars($_GET['code']);
}
2016-06-30 13:45:29 +02:00
if($this->session && $state) {
if($_SESSION['state'] != $state) {
die('States does not match');
}
}
$access_token = $this->get_oauth_token($code);
2016-06-30 13:45:29 +02:00
return $access_token;
}
private function get_oauth_token($code) {
2016-06-30 13:45:29 +02:00
$params = array(
2016-07-01 14:49:57 +02:00
'grant_type' => $this->grant_type,
'client_id' => $this->client_id,
2016-06-30 13:45:29 +02:00
'client_secret' => $this->client_secret,
2016-07-01 14:49:57 +02:00
'code' => $code,
2016-06-30 13:45:29 +02:00
'redirect_uri' => $this->redirect_uri,
);
$url_params = http_build_query($params);
2016-07-01 14:49:57 +02:00
$url = $this->URL_TOKEN . $url_params;
2016-06-30 13:45:29 +02:00
2016-07-01 14:49:57 +02:00
$result = curl_exec($this->create_curl($url, false, $params));
2016-06-30 13:45:29 +02:00
$result_obj = json_decode($result, true);
$access_token = $result_obj['access_token'];
2016-07-01 14:49:57 +02:00
2016-06-30 13:45:29 +02:00
return $access_token;
}
public function get_identity($access_token, $identity_url) {
2016-07-19 16:43:26 +02:00
if(!$access_token || !$identity_url) throw new \Exception("Missing either \$access_token or \$identity_url in get_identity function.");
2016-06-30 13:45:29 +02:00
$params = array(
'access_token' => $access_token,
);
$url_params = http_build_query($params);
2016-07-01 14:49:57 +02:00
$url = $identity_url . "?" . $url_params;
$result = curl_exec($this->create_curl($url, array('Authorization: ' . $this->auth_type . ' ' . $access_token), false));
2016-06-30 13:45:29 +02:00
$result_obj = json_decode($result, true);
return $result_obj;
}
public function redirect($state = false) {
if(!$state) $state = uniqid('', true);
$params = array(
2016-07-01 14:49:57 +02:00
'client_id' => $this->client_id,
2016-06-30 13:45:29 +02:00
'response_type' => $this->response_type,
'redirect_uri' => $this->redirect_uri,
2016-07-01 14:49:57 +02:00
'state' => $state,
2016-06-30 13:45:29 +02:00
);
if($this->session) $_SESSION['state'] = $state;
$url = $this->URL_AUTH . http_build_query($params);
2016-07-01 14:49:57 +02:00
2016-06-30 13:45:29 +02:00
header("Location: $url");
exit;
}
private function create_curl($url, $header, $extended) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
if ($header){
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
}
if ($extended) {
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $extended);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verify_ssl_peer);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verify_ssl_host);
}
return $curl;
}
}
2016-07-01 14:49:57 +02:00
?>