Last active
June 23, 2016 07:43
-
-
Save hubgit/46a868b912ccd65e4a6b to your computer and use it in GitHub Desktop.
Authenticating an ORCID user using the public API
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* start editable */ | |
// Register your client at https://orcid.org/developer-tools and replace the details below | |
define('OAUTH_CLIENT_ID', 'YOUR-CLIENT-ID'); | |
define('OAUTH_CLIENT_SECRET', 'YOUR-CLIENT-SECRET'); | |
define('OAUTH_REDIRECT_URI', 'https://developers.google.com/oauthplayground'); // URL of this script | |
define('ORCID_PRODUCTION', false); // sandbox; change to true when ready to leave the sandbox | |
/* end editable */ | |
if (ORCID_PRODUCTION) { | |
// production endpoints | |
define('OAUTH_AUTHORIZATION_URL', 'https://orcid.org/oauth/authorize'); | |
define('OAUTH_TOKEN_URL', 'https://pub.orcid.org/oauth/token'); // public | |
//define('OAUTH_TOKEN_URL', 'https://api.orcid.org/oauth/token'); // members | |
} else { | |
// sandbox endpoints | |
define('OAUTH_AUTHORIZATION_URL', 'https://sandbox.orcid.org/oauth/authorize'); | |
define('OAUTH_TOKEN_URL', 'https://pub.sandbox.orcid.org/oauth/token'); // public | |
//define('OAUTH_TOKEN_URL', 'https://api.sandbox.orcid.org/oauth/token'); // members | |
} | |
// redirect the user to approve the application | |
if (!$_GET['code']) { | |
$state = bin2hex(openssl_random_pseudo_bytes(16)); | |
setcookie('oauth_state', $state, time() + 3600, null, null, false, true); | |
$url = OAUTH_AUTHORIZATION_URL . '?' . http_build_query(array( | |
'response_type' => 'code', | |
'client_id' => OAUTH_CLIENT_ID, | |
'redirect_uri' => OAUTH_REDIRECT_URI, | |
'scope' => '/authenticate', | |
'state' => $state, | |
)); | |
header('Location: ' . $url); | |
exit(); | |
} | |
// code is returned, check the state | |
if (!$_GET['state'] || $_GET['state'] !== $_COOKIE['oauth_state']) { | |
exit('Invalid state'); | |
} | |
// fetch the access token | |
$curl = curl_init(); | |
curl_setopt_array($curl, array( | |
CURLOPT_URL => OAUTH_TOKEN_URL, | |
CURLOPT_RETURNTRANSFER => true, | |
CURLOPT_HTTPHEADER => array('Accept: application/json'), | |
CURLOPT_POST => true, | |
CURLOPT_POSTFIELDS => http_build_query(array( | |
'code' => $_GET['code'], | |
'grant_type' => 'authorization_code', | |
'client_id' => OAUTH_CLIENT_ID, | |
'client_secret' => OAUTH_CLIENT_SECRET, | |
)) | |
)); | |
$result = curl_exec($curl); | |
//$info = curl_getinfo($curl); | |
$response = json_decode($result, true); | |
// ORCID = $response['orcid'] | |
print_r($response); | |
exit(); |
Hi, i probe with that script but get an empty response in authorization, any idea to solve this?? i found in my error logs but have no errors
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for this. I was going in circles trying to build this myself and just because I had scope=AUTHENTICATE rather than scope=/authenticate. However, it's really helpful to have the elegant state checking so thanks for this.