Last active
December 11, 2015 17:58
-
-
Save ffflabs/4637744 to your computer and use it in GitHub Desktop.
Auth tipo para comprobar que alguien pertenece a una organización. Se puede pegar en el config.inc.php de PHPMyadmin
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$client_id = CLIENT_ID; | |
$redirect_url = REDIRECT_URL; | |
$client_secret=CLIENT_SECRET; | |
$organizacion=ORGANIZATION; | |
if( empty($_COOKIE[$organizacion]) || sha1($_COOKIE[$client_id].$cfg['blowfish_secret'])!=$_COOKIE[$organizacion]) { | |
$code = $_GET['code']; | |
if(empty($code)) { | |
$url = "https://github.com/login/oauth/authorize?client_id=$client_id&redirect_uri=$redirect_url&scope=user"; | |
header("Location: $url"); | |
} else { | |
$post = http_build_query(array( | |
'client_id' => $client_id , | |
'redirect_uri' => $redirect_url , | |
'client_secret' => $client_secret, | |
'code' => $code | |
)); | |
$context = stream_context_create(array("http" => array( | |
"method" => "POST", | |
"header" => "Content-Type: application/x-www-form-urlencoded\r\n" . | |
"Content-Length: ". strlen($post) . "\r\n". | |
"Accept: application/json" , | |
"content" => $post, | |
))); | |
if($json_data = file_get_contents("https://github.com/login/oauth/access_token", false, $context)) { | |
$r = json_decode($json_data , true); | |
$access_token = $r['access_token']; | |
if(isset($access_token)) { | |
$organizations=file_get_contents("https://api.github.com/user/orgs?access_token=$access_token"); | |
$organizations = json_decode($organizations , true); | |
$orglogin=array(); | |
foreach($organizations as $organization) { | |
$orglogin[]=$organization['login']; | |
} | |
if(in_array($organizacion,$orglogin)) { | |
setcookie($client_id, $access_token,time()+3600,"/","",1,1); | |
setcookie($organizacion, sha1($_COOKIE[$client_id].$cfg['blowfish_secret']),time()+3600,"/","",1,1); | |
} else { | |
die ('No autorizado 1'); | |
} | |
} else { | |
$url = "https://github.com/login/oauth/authorize?client_id=$client_id&redirect_uri=$redirect_url&scope=user"; | |
header("Location: $url"); | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment