Skip to content

Instantly share code, notes, and snippets.

@standa

standa/oauth2-client.php

Created March 9, 2015 09:45
Show Gist options
  • Save standa/6c46dbb0a184a6218a63 to your computer and use it in GitHub Desktop.
Save standa/6c46dbb0a184a6218a63 to your computer and use it in GitHub Desktop.
Download ZIP
PHP League oauth2-client implementation
Raw
oauth2-client.php
<?php
ini_set('session.cookie_lifetime', 86400);
ini_set('session.gc_maxlifetime', 86400);
session_set_cookie_params(86400, dirname($_SERVER['REQUEST_URI']));
session_start();
require 'vendor/autoload.php';
echo '<a href="?logout=1">logout</a> | <a href="?">login</a> | <a href="?normal">normal page</a><br>';
if (isset($_GET['logout'])) {
unset($_SESSION['user']);
unset($_SESSION['oauth2state']);
session_destroy();
echo 'logged out';
exit;
}
/** @link https://github.com/thephpleague/oauth2-client */
$provider = new League\OAuth2\Client\Provider\Google([
'clientId' => 'fasdfasdjfkjasf.apps.googleusercontent.com', // your clientId
'clientSecret' => '132546978', // your clientSecret
'redirectUri' => 'http://mydomain.com/oauth2-client/index.php?oauth2callback=1', // your domain (this script)
// 'scope' => 'email'
]);
if (!empty($_SESSION['accessToken'])) {
try {
$token = new League\OAuth2\Client\Token\AccessToken(['access_token' => $_SESSION['accessToken']]);
$userDetails = $provider->getUserDetails($token);
echo 'already logged in<br>';
echo 'new token:'.print_r($token, true).'<br>';
echo 'new user details: <pre>'.print_r($userDetails, true).'</pre><br>';
echo 'session: <pre>'.print_r($_SESSION, true).'</pre>';
echo '<h1>SECRET CONTENTS HERE</h1>';
} catch (Exception $e) {
// Failed to get user details
echo $e->getMessage();
echo $e->getTraceAsString();
session_destroy();
exit;
}
exit;
}
if (!isset($_GET['code'])) {
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->state;
header('Location: '.$authUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', [
'code' => $_GET['code']
]);
// Optional: Now you have a token you can look up a users profile data
try {
// We got an access token, let's now get the user's details
$userDetails = $provider->getUserDetails($token);
// Use these details to create a new profile
printf('Hello %s!', $userDetails->firstName);
echo '<pre>'.print_r($userDetails, true).'</pre>';
echo '<pre>'.print_r($token, true).'</pre>';
// $_SESSION['user'] = $userDetails;
/*
[uid:protected] => 132132546
[nickname:protected] =>
[name:protected] => SS
[firstName:protected] => SS
[lastName:protected] => JJ
[email:protected] => standa@example.com
[location:protected] =>
[description:protected] =>
[imageUrl:protected] => https://lh3.googleusercontent.com/-sdfa/fads/fadsf/DI049-gJtDc/photo.jpg?sz=50
[urls:protected] =>
[gender:protected] =>
[locale:protected] =>
*/
$_SESSION['user'] = array(
'name' => $userDetails->name,
'email' => $userDetails->email,
'image' => $userDetails->imageUrl
);
} catch (Exception $e) {
// Failed to get user details
echo $e->getMessage();
echo $e->getTraceAsString();
exit('Oh dear...');
}
// Use this to interact with an API on the users behalf
$_SESSION['accessToken'] = $token->accessToken;
// Use this to get a new access token if the old one expires
$_SESSION['refreshToken'] = $token->refreshToken;
// Number of seconds until the access token will expire, and need refreshing
$_SESSION['tokenExpires'] = $token->expires;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment