Skip to content

Instantly share code, notes, and snippets.

@aaronpk

aaronpk/ticket-endpoint.php Secret

Created Jun 29, 2020
Embed
What would you like to do?
<?php
require('vendor/autoload.php');
# Note: this is a single-user endpoint so will ignore the audience parameter
# Do I care about this resource URL?
# Endpoints may make this decision differently depending on various criteria.
# Is this already someone I follow?
# Am I interested in knowing about anyone who is offering to share with me?
# Redeem the ticket for an access token
$resource_url = $_POST['resource'];
$http = new p3k\HTTP();
$response = $http->get($resource_url);
if(!isset($response['rels']['token_endpoint'][0])) {
# The response here doesn't really matter, but maybe the other user would want to know whether this user has tried to get an access token or completely ignore the request
die('no token endpoint found for '.$resource_url);
}
$token_endpoint = $response['rels']['token_endpoint'][0];
$response = $http->post($token_endpoint, [
'grant_type' => 'ticket',
'ticket' => $_POST['ticket'],
]);
$data = json_decode($response['body'], true);
if(isset($data['access_token'])) {
# Store the access token for later, send it to the microsub server, whatever
$token = [
'resource' => $resource_url,
'access_token' => $data['access_token'],
'token_response' => $response,
];
file_put_contents('tokens/'.date('Ymd-His').'.txt', json_encode($token, JSON_PRETTY_PRINT+JSON_UNESCAPED_SLASHES));
echo 'got it';
} else {
echo 'no access token returned: ';
echo $response['body'];
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment