Mastodonでログインするやつ。instancesディレクトリだけ掘っとく。

common.php

<?php
$scope = "read write";
$callback = "http://eject.kokuda.org/joya/don/joya.php";

index.php

<?php
require_once("common.php");
session_start();

if ($_POST['login']) {
  $scheme = $_POST['scheme'];
  $domain = $_POST['domain'];
  $app    = create_app($scheme, $domain);
  get_request_token($scheme, $domain, $app->client_id);
}

function create_app($scheme, $domain) {
  global $scope, $callback;

  # check exists known instance
  if (file_exists("instances/".$domain) === FALSE) {
    # unknown instance, create app
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $scheme."://".$domain."/api/v1/apps");

    $data = array(
      'client_name'   => "除夜のEject for Mastodon",
      'redirect_uris' => $callback,
      'scopes'        => $scope
    );
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));

    $fp = fopen("instances/".$domain, "w");
    curl_setopt($ch, CURLOPT_FILE, $fp);
    curl_exec($ch);
    curl_close($ch);
    fclose($fp);
  }
  return json_decode(file_get_contents("instances/".$domain));
}

function get_request_token($scheme, $domain, $client_id) {
  global $scope, $callback;

  $data = array(
    "response_type"    => "code",
    "redirect_uri"     => $callback,
    "scope"            => $scope,
    "client_id"        => $client_id
  );

  $_SESSION['scheme'] = $scheme;
  $_SESSION['domain'] = $domain;

  header("Location: ".$scheme."://".$domain."/oauth/authorize?".http_build_query($data));
}

?>
<!DOCTYPE html>
<html lang="ja">
  <head>
    <meta charset="utf-8">
    <title>joya for don</title>
  </head>

<body>

  <form action="index.php" method="post">
    <input name="scheme" value="https">://<input name="domain"><br>
    <input name="login" type="submit" value="ログイン">
  </form>
</body>
</html>

joya.php

<?php
require_once("common.php");
session_start();

$scheme = (isset($_SESSION['scheme'])) ? $_SESSION['scheme'] : "";
$domain = (isset($_SESSION['domain'])) ? $_SESSION['domain'] : "";

if ($domain == "") { print "もうおわかりだろう！ドメンメがないのである！！！";exit(); }
$app = json_decode(file_get_contents("instances/".$domain));

if (isset($_GET['code'])) {
  $data = array(
    "grant_type"    => "authorization_code",
    "redirect_uri"  => $callback,
    "client_id"     => $app->client_id,
    "client_secret" => $app->client_secret,
    "code"          => $_GET['code']
  );
  $ch = curl_init();
  curl_setopt($ch, CURLOPT_POST, true);
  curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
  curl_setopt($ch, CURLOPT_URL, $scheme."://".$domain."/oauth/token");
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
  $result = json_decode(curl_exec($ch));
  curl_close($ch);
  $token = $result->access_token;
}
print $token;

$header = [
  'Authorization: Bearer '.$token,
  'Content-Type: application/json',
];
$data = array(
  'status' => "NYAAAAAAN"
);
$ch = curl_init();
#curl_setopt($ch, CURLOPT_URL, $scheme."://".$domain."/api/v1/accounts/verify_credentials");
curl_setopt($ch, CURLOPT_URL, $scheme."://".$domain."/api/v1/statuses");
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
print curl_exec($ch);
curl_close($ch);

?>
(☝ ՞ਊ ՞)☝