Skip to content

Instantly share code, notes, and snippets.

@bagofarms

bagofarms/oauth2response.php Secret

Last active April 25, 2016 13:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bagofarms/13736c790f9856458ae67abdbea96388 to your computer and use it in GitHub Desktop.
Save bagofarms/13736c790f9856458ae67abdbea96388 to your computer and use it in GitHub Desktop.
Download ZIP
Replace your oauth2response.php file with this one to display exactly what Canvas is sending back.
Raw
oauth2response.php
<?php
/**
* Copyright (C) 2014 University of Central Florida, created by Jacob Bates, Eric Colon, Fenel Joseph, and Emily Sachs.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Primary Author Contact: Jacob Bates <jacob.bates@ucf.edu>
*/
require_once('../config/settings.php');
session_start();
function printError($msg){
echo '
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>UDOIT Accessibility Checker</title>
<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css" />
<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap-theme.min.css" />
</head>
<body>
<div style="padding: 12px;">
<div class="alert alert-danger">
<span class="glyphicon glyphicon-exclamation-sign"></span> '.$msg.'
</div>
</div>
</body>
</html>
';
die();
}
$base_url = $_SESSION['base_url'];
if (isset($_GET['code'])) {
//Exchange code for API key
$url = $base_url . '/login/oauth2/token';
$postdata = array(
'grant_type' => 'authorization_code',
'client_id' => $oauth2_id,
'redirect_uri' => $oauth2_uri,
'client_secret' => $oauth2_key,
'code' => $_GET['code']
);
$post = http_build_query($postdata);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$raw_resp = curl_exec($ch);
echo $raw_resp;
die();
$response = json_decode($raw_resp);
curl_close($ch);
// It should have access_token and refresh_token
if( !isset($response->access_token) || !isset($response->refresh_token) ){
printError('Authentication problem: Please contact support.');
}
// Save the API key to the session variable
$_SESSION['api_key'] = $response->access_token;
// Save Refresh Key to DB
$dbh = include('../lib/db.php');
$sth = $dbh->prepare("SELECT * FROM $db_user_table WHERE id=:userid LIMIT 1");
$sth->bindParam(':userid', $_SESSION['launch_params']['custom_canvas_user_id'], PDO::PARAM_INT);
$sth->execute();
$result = $sth->fetchAll();
if(isset($result[0])) {
$sth = $dbh->prepare("UPDATE $db_user_table SET api_key=:key WHERE id=:userid LIMIT 1");
} else {
$sth = $dbh->prepare("INSERT INTO $db_user_table (id, api_key, date_created) VALUES (:userid, :key, CURRENT_TIMESTAMP)");
}
$sth->bindParam(':key', $response->refresh_token, PDO::PARAM_STR);
$sth->bindParam(':userid', $_SESSION['launch_params']['custom_canvas_user_id'], PDO::PARAM_INT);
$sth->execute();
session_write_close();
header('Location:index.php');
} elseif (isset($_GET['error'])) {
printError('Authentication problem: Access Denied.');
} else {
printError('Authentication problem, please ensure that your instance of UDOIT is configured correctly.');
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment