-
-
Save dardevelin/53f608212ff31584c352 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* start editable */ | |
// Register your client at https://orcid.org/developer-tools and replace the details below | |
define('OAUTH_CLIENT_ID', 'YOUR-CLIENT-ID'); | |
define('OAUTH_CLIENT_SECRET', 'YOUR-CLIENT-SECRET'); | |
define('OAUTH_REDIRECT_URI', 'https://developers.google.com/oauthplayground'); // URL of this script | |
define('ORCID_PRODUCTION', false); // sandbox; change to true when ready to leave the sandbox | |
/* end editable */ | |
if (ORCID_PRODUCTION) { | |
// production endpoints | |
define('OAUTH_AUTHORIZATION_URL', 'https://orcid.org/oauth/authorize'); | |
define('OAUTH_TOKEN_URL', 'https://pub.orcid.org/oauth/token'); // public | |
//define('OAUTH_TOKEN_URL', 'https://api.orcid.org/oauth/token'); // members | |
} else { | |
// sandbox endpoints | |
define('OAUTH_AUTHORIZATION_URL', 'https://sandbox.orcid.org/oauth/authorize'); | |
define('OAUTH_TOKEN_URL', 'https://pub.sandbox.orcid.org/oauth/token'); // public | |
//define('OAUTH_TOKEN_URL', 'https://api.sandbox.orcid.org/oauth/token'); // members | |
} | |
// redirect the user to approve the application | |
if (!$_GET['code']) { | |
$state = bin2hex(openssl_random_pseudo_bytes(16)); | |
setcookie('oauth_state', $state, time() + 3600, null, null, false, true); | |
$url = OAUTH_AUTHORIZATION_URL . '?' . http_build_query(array( | |
'response_type' => 'code', | |
'client_id' => OAUTH_CLIENT_ID, | |
'redirect_uri' => OAUTH_REDIRECT_URI, | |
'scope' => '/authenticate', | |
'state' => $state, | |
)); | |
header('Location: ' . $url); | |
exit(); | |
} | |
// code is returned, check the state | |
if (!$_GET['state'] || $_GET['state'] !== $_COOKIE['oauth_state']) { | |
exit('Invalid state'); | |
} | |
// fetch the access token | |
$curl = curl_init(); | |
curl_setopt_array($curl, array( | |
CURLOPT_URL => OAUTH_TOKEN_URL, | |
CURLOPT_RETURNTRANSFER => true, | |
CURLOPT_HTTPHEADER => array('Accept: application/json'), | |
CURLOPT_POST => true, | |
CURLOPT_POSTFIELDS => http_build_query(array( | |
'code' => $_GET['code'], | |
'grant_type' => 'authorization_code', | |
'client_id' => OAUTH_CLIENT_ID, | |
'client_secret' => OAUTH_CLIENT_SECRET, | |
'redirect_uri' => OAUTH_REDIRECT_URI, | |
)) | |
)); | |
$result = curl_exec($curl); | |
//$info = curl_getinfo($curl); | |
$response = json_decode($result, true); | |
// ORCID = $response['orcid'] | |
print_r($response); | |
exit(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment