Skip to content

Instantly share code, notes, and snippets.

@rabin-io
Created June 3, 2018 15:50
Show Gist options
  • Save rabin-io/0849d698f879fa7f0f70f8038f527348 to your computer and use it in GitHub Desktop.
Save rabin-io/0849d698f879fa7f0f70f8038f527348 to your computer and use it in GitHub Desktop.
<?php
/***********************************************************************************
*
* A minimal example showing how to handle the OAuth login process and make API calls
* using the Salesforce REST interface in PHP
*
* By Pete Warden, October 28th 2010
*
* Freely reusable with no restrictions
************************************************************************************/
// You need to set these three to the values for your own application
define('CONSUMER_KEY' , 'xxx');
define('CONSUMER_SECRET', 'xxx');
define('REDIRECT_URI' , 'https://xxx');
define('LOGIN_BASE_URL' , 'https://login.salesforce.com');
//define('CONSUMER_KEY', $_ENV('CONSUMER_KEY'));
//define('CONSUMER_SECRET', $_ENV('CONSUMER_SECRET'));
//define('REDIRECT_URI', $_ENV('REDIRECT_URI'));
//define('LOGIN_BASE_URL', $_ENV('LOGIN_BASE_URL'));
//
// This example uses PHP sessions to save the authorization tokens. If you plan on
// deploying across multiple machines behind a load-balancer, be aware you'll need
// to use something more sophisticated
session_start();
$is_authorized = isset($_SESSION['access_token']);
// If we aren't yet authorized, so either we need to send the user to the login page
// or they've just logged in and Salesforce is giving us the tokens we need
if (!$is_authorized) {
$has_code = isset($_REQUEST['code']);
// We haven't been given a code, so this must be the user's first visit to the
// page, so we'll send them to the Salesforce login screen for our app
if (!$has_code) {
$auth_url = LOGIN_BASE_URL
. '/services/oauth2/authorize?response_type=code'
. '&client_id=' . CONSUMER_KEY
. '&redirect_uri=' . urlencode(REDIRECT_URI);
// Redirect to the authorization page
header('Location: ' . $auth_url);
// DEBUG STUFF
// $ch = curl_init();
// curl_setopt($ch, CURLOPT_URL, $auth_url);
// curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
// curl_setopt($ch, CURLOPT_POST, true);
//// curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
// $token_request_body = curl_exec($ch);
// $next_url = preg_match("@window.location.href ='([^']+)';@m", $token_request_body, $matches);
// $auth_url = $matches[1];
// curl_setopt($ch, CURLOPT_URL, $auth_url);
// $token_request_body = curl_exec($ch);
// Exit early, since we don't want to do any more until the user's logged in
exit();
}
// If we're here, Salesforce must be returning us a code that we can exchange for
// a proper access token
$code = $_REQUEST['code'];
// Make our first call to the API to convert that code into an access token that
// we can use on subsequent API calls
$token_url = LOGIN_BASE_URL . '/services/oauth2/token';
$post_fields = array(
'code' => $code,
'grant_type' => 'authorization_code',
'client_id' => CONSUMER_KEY,
'client_secret' => CONSUMER_SECRET,
'redirect_uri' => REDIRECT_URI,
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $token_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
// Make the API call, and then extract the information from the response
$token_request_body = curl_exec($ch)
or die("Call to get token from code failed: '$token_url' - " . print_r($post_fields, true));
$token_response_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if (($token_response_code < 200) || ($token_response_code >= 300) || empty($token_request_body)) {
die("Call to get token from code failed with $token_response_code: '$token_url' - " . print_r(
$post_fields,
true
) . " - '$token_request_body'");
}
$token_request_data = json_decode($token_request_body, true);
if (empty($token_request_data)) {
die("Couldn't decode '$token_request_data' as a JSON object");
}
if (!isset($token_request_data['access_token'], $token_request_data['instance_url'])) {
die('Missing expected data from ' . print_r($token_request_data, true));
}
// Save off the values we need for future use
$_SESSION['access_token'] = $token_request_data['access_token'];
$_SESSION['instance_url'] = $token_request_data['instance_url'];
// Redirect to the main page without the code in the URL
header('Location: ' . REDIRECT_URI);
exit();
}
// If we're here, we must have a valid session containing the access token for the
// API, so grab it ready for subsequent use
$access_token = $_SESSION['access_token'];
$instance_url = $_SESSION['instance_url'];
error_log("access_token: '$access_token'");
// Now we're going to test the API by querying some data from our accounts table
// Start by specifying the URL of the call
$query_url = $instance_url . '/services/data/v35.0/analytics/reports/00O580000045N4NEAU';
// Now append the actual query we want to run
//$query_url .= '?q='.urlencode('SELECT Name, Id from Account LIMIT 100');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $query_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// We need to pass the access token in the header, *not* as a URL parameter
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Authorization: OAuth ' . $access_token));
// Make the API call, and then extract the information from the response
$query_request_body = curl_exec($ch)
or die("Query API call failed: '$query_url'");
$query_response_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if (($query_response_code < 200) || ($query_response_code >= 300) || empty($query_request_body)) {
unset($_SESSION['access_token'], $_SESSION['instance_url']);
die("Query API call failed with $query_response_code: '$query_url' - '$query_request_body'");
}
$query_request_data = json_decode($query_request_body, true);
if (empty($query_request_data)) {
die("Couldn't decode '$query_request_data' as a JSON object");
}
echo implode(PHP_EOL,
array_map(function ($array) {
return $array['dataCells'][0]['label'];
}, $query_request_data['factMap']['T!T']['rows'])
);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment