Skip to content

Instantly share code, notes, and snippets.

@kangaroodev
Last active October 15, 2016 21:38
Embed
What would you like to do?
Callback sample code
<?php
require_once 'vendor/autoload.php';
session_start();
date_default_timezone_set('UTC');
const CLIENT_ID = {Client ID};
const CLIENT_SECRET = {Client Secret};
const REDIRECT_URI_MAIN = 'http://example.com/index.php';
const REDIRECT_URI_OAUTH = 'http://example.comp/callback.php';
use KangarooRewards\OAuth2\Client\Provider\Kangaroo as KangarooProvider;
$kangaroo = new KangarooProvider([
'clientId' => CLIENT_ID,
'clientSecret' => CLIENT_SECRET,
'redirectUri' => REDIRECT_URI_OAUTH,
]);
//store the state statically only if you want to request authorization from resource owner by email
$mySecretState = 'N6OC7oKtVxBGpkzhyCIxJEuOSIQRYCiA';//any random string
if (isset($_GET['error'])) {
echo $_GET['error'];
$message = (isset($_GET['message'])) ? $_GET['message'] : '' ;
if ($message) {
echo ': ' . $message;
}
exit;
} elseif (!isset($_GET['code'])) {
// If we don't have an authorization code then get one
$authUrl = $kangaroo->getAuthorizationUrl();
//store state parameter in session if you don't plan to request authorization from resource owner by email
//$_SESSION['oauth2state'] = $kangaroo->getState();
header('Location: ' . $authUrl); die('Redirect');
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $mySecretState) ) {
//$_GET['state'] !== $_SESSION['oauth2state']
echo 'Invalid state.';
exit;
}
try {
// Try to get an access token (using the authorization code grant)
$token = $kangaroo->getAccessToken('authorization_code', [
'code' => $_GET['code'],
]);
$accessToken = $token->getToken();
//you may want to store it in a database
$_SESSION['kangaroo_access_token'] = $token;
} catch (\Exception $e) {
echo $e->getMessage(); die;
}
header('Location: ' . REDIRECT_URI_MAIN);
die('Redirect');
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment