ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
get_oauth_token.php
Go to the documentation of this file.
1<?php
17
18require 'vendor/autoload.php';
19
20use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
21use League\OAuth2\Client\Token\AccessToken;
22use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
23use Psr\Http\Message\ResponseInterface;
24
25session_start();
26
27//If this automatic URL doesn't work, set it yourself manually
28$redirectUri = isset($_SERVER['HTTPS']) ? 'https://' : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
29//$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php';
30
31//These details obtained are by setting up app in Google developer console.
32$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
33$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
34
36{
37 use BearerAuthorizationTrait;
38
40
45 protected $accessType;
46
51 protected $hostedDomain;
52
57 protected $scope;
58
59 public function getBaseAuthorizationUrl()
60 {
61 return 'https://accounts.google.com/o/oauth2/auth';
62 }
63
64 public function getBaseAccessTokenUrl(array $params)
65 {
66 return 'https://accounts.google.com/o/oauth2/token';
67 }
68
69 public function getResourceOwnerDetailsUrl(AccessToken $token)
70 {
71 return ' ';
72 }
73
74 protected function getAuthorizationParameters(array $options)
75 {
76 if (is_array($this->scope)) {
78 $this->scope = implode($separator, $this->scope);
79 }
80
81 $params = array_merge(
82 parent::getAuthorizationParameters($options),
83 array_filter([
84 'hd' => $this->hostedDomain,
85 'access_type' => $this->accessType,
86 'scope' => $this->scope,
87 // if the user is logged in with more than one account ask which one to use for the login!
88 'authuser' => '-1'
89 ])
90 );
91 return $params;
92 }
93
94 protected function getDefaultScopes()
95 {
96 return [
97 'email',
98 'openid',
99 'profile',
100 ];
101 }
102
103 protected function getScopeSeparator()
104 {
105 return ' ';
106 }
107
108 protected function checkResponse(ResponseInterface $response, $data)
109 {
110 if (!empty($data['error'])) {
111 $code = 0;
112 $error = $data['error'];
113
114 if (is_array($error)) {
115 $code = $error['code'];
116 $error = $error['message'];
117 }
118
119 throw new IdentityProviderException($error, $code, $data);
120 }
121 }
122
123 protected function createResourceOwner(array $response, AccessToken $token)
124 {
125 return new GoogleUser($response);
126 }
127}
128
129
130//Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
132 array(
133 'clientId' => $clientId,
134 'clientSecret' => $clientSecret,
135 'redirectUri' => $redirectUri,
136 'scope' => array('https://mail.google.com/'),
137 'accessType' => 'offline'
138 )
139);
140
141if (!isset($_GET['code'])) {
142 // If we don't have an authorization code then get one
143 $authUrl = $provider->getAuthorizationUrl();
144 $_SESSION['oauth2state'] = $provider->getState();
145 header('Location: ' . $authUrl);
146 exit;
147// Check given state against previously stored one to mitigate CSRF attack
148} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
149 unset($_SESSION['oauth2state']);
150 exit('Invalid state');
151} else {
152 // Try to get an access token (using the authorization code grant)
153 $token = $provider->getAccessToken(
154 'authorization_code',
155 array(
156 'code' => $_GET['code']
157 )
158 );
159
160 // Use this to get a new access token if the old one expires
161 echo 'Refresh Token: ' . $token->getRefreshToken();
162}
$_GET["client_id"]
$_SESSION["AccountId"]
createResourceOwner(array $response, AccessToken $token)
getResourceOwnerDetailsUrl(AccessToken $token)
checkResponse(ResponseInterface $response, $data)
$data
$params
Definition: example_049.php:96
$code
Definition: example_050.php:99
$separator
exit
Definition: login.php:54
Get an OAuth2 token from Google.
if(!is_array($argv)) $options
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']