ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
get_oauth_token.php
Go to the documentation of this file.
1 <?php
16 namespace League\OAuth2\Client\Provider;
17 
18 require 'vendor/autoload.php';
19 
20 use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
21 use League\OAuth2\Client\Token\AccessToken;
22 use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
23 use Psr\Http\Message\ResponseInterface;
24 
25 session_start();
26 
27 //If this automatic URL doesn't work, set it yourself manually
28 $redirectUri = isset($_SERVER['HTTPS']) ? 'https://' : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
29 //$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php';
30 
31 //These details obtained are by setting up app in Google developer console.
32 $clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
33 $clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
34 
35 class Google extends AbstractProvider
36 {
37  use BearerAuthorizationTrait;
38 
39  const ACCESS_TOKEN_RESOURCE_OWNER_ID = 'id';
40 
45  protected $accessType;
46 
51  protected $hostedDomain;
52 
57  protected $scope;
58 
59  public function getBaseAuthorizationUrl()
60  {
61  return 'https://accounts.google.com/o/oauth2/auth';
62  }
63 
64  public function getBaseAccessTokenUrl(array $params)
65  {
66  return 'https://accounts.google.com/o/oauth2/token';
67  }
68 
69  public function getResourceOwnerDetailsUrl(AccessToken $token)
70  {
71  return ' ';
72  }
73 
74  protected function getAuthorizationParameters(array $options)
75  {
76  if (is_array($this->scope)) {
77  $separator = $this->getScopeSeparator();
78  $this->scope = implode($separator, $this->scope);
79  }
80 
81  $params = array_merge(
82  parent::getAuthorizationParameters($options),
83  array_filter([
84  'hd' => $this->hostedDomain,
85  'access_type' => $this->accessType,
86  'scope' => $this->scope,
87  // if the user is logged in with more than one account ask which one to use for the login!
88  'authuser' => '-1'
89  ])
90  );
91  return $params;
92  }
93 
94  protected function getDefaultScopes()
95  {
96  return [
97  'email',
98  'openid',
99  'profile',
100  ];
101  }
102 
103  protected function getScopeSeparator()
104  {
105  return ' ';
106  }
107 
108  protected function checkResponse(ResponseInterface $response, $data)
109  {
110  if (!empty($data['error'])) {
111  $code = 0;
112  $error = $data['error'];
113 
114  if (is_array($error)) {
115  $code = $error['code'];
116  $error = $error['message'];
117  }
118 
119  throw new IdentityProviderException($error, $code, $data);
120  }
121  }
122 
123  protected function createResourceOwner(array $response, AccessToken $token)
124  {
125  return new GoogleUser($response);
126  }
127 }
128 
129 
130 //Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
131 $provider = new Google(
132  array(
133  'clientId' => $clientId,
134  'clientSecret' => $clientSecret,
135  'redirectUri' => $redirectUri,
136  'scope' => array('https://mail.google.com/'),
137  'accessType' => 'offline'
138  )
139 );
140 
141 if (!isset($_GET['code'])) {
142  // If we don't have an authorization code then get one
143  $authUrl = $provider->getAuthorizationUrl();
144  $_SESSION['oauth2state'] = $provider->getState();
145  header('Location: ' . $authUrl);
146  exit;
147 // Check given state against previously stored one to mitigate CSRF attack
148 } elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
149  unset($_SESSION['oauth2state']);
150  exit('Invalid state');
151 } else {
152  // Try to get an access token (using the authorization code grant)
153  $token = $provider->getAccessToken(
154  'authorization_code',
155  array(
156  'code' => $_GET['code']
157  )
158  );
159 
160  // Use this to get a new access token if the old one expires
161  echo 'Refresh Token: ' . $token->getRefreshToken();
162 }
exit
exit
Definition: login.php:54
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$separator
$separator
Definition: inc.check_pear.php:45
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$code
$code
Definition: example_050.php:99
League\OAuth2\Client\Provider\Google\createResourceOwner
createResourceOwner(array $response, AccessToken $token)
Definition: get_oauth_token.php:123
League\OAuth2\Client\Provider\Google\getResourceOwnerDetailsUrl
getResourceOwnerDetailsUrl(AccessToken $token)
Definition: get_oauth_token.php:69
$data
$data
Definition: example_011.php:126
$options
if(!is_array($argv)) $options
Definition: tcpdf_addfont.php:137
League\OAuth2\Client\Provider\Google\checkResponse
checkResponse(ResponseInterface $response, $data)
Definition: get_oauth_token.php:108
League\OAuth2\Client\Provider
Get an OAuth2 token from Google.
Definition: get_oauth_token.php:16
$params
$params
Definition: example_049.php:96