ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
get_oauth_token.php
Go to the documentation of this file.
1<?php
32
39// @see https://github.com/thephpleague/oauth2-google
40use League\OAuth2\Client\Provider\Google;
41// @see https://packagist.org/packages/hayageek/oauth2-yahoo
42use Hayageek\OAuth2\Client\Provider\Yahoo;
43// @see https://github.com/stevenmaguire/oauth2-microsoft
44use Stevenmaguire\OAuth2\Client\Provider\Microsoft;
45
46if (!isset($_GET['code']) && !isset($_GET['provider'])) {
47?>
48<html>
49<body>Select Provider:<br/>
50<a href='?provider=Google'>Google</a><br/>
51<a href='?provider=Yahoo'>Yahoo</a><br/>
52<a href='?provider=Microsoft'>Microsoft/Outlook/Hotmail/Live/Office365</a><br/>
53</body>
54</html>
55<?php
56exit;
57}
58
59require 'vendor/autoload.php';
60
61session_start();
62
64
65if (array_key_exists('provider', $_GET)) {
66 $providerName = $_GET['provider'];
67 $_SESSION['provider'] = $providerName;
68} elseif (array_key_exists('provider', $_SESSION)) {
69 $providerName = $_SESSION['provider'];
70}
71if (!in_array($providerName, ['Google', 'Microsoft', 'Yahoo'])) {
72 exit('Only Google, Microsoft and Yahoo OAuth2 providers are currently supported in this script.');
73}
74
75//These details are obtained by setting up an app in the Google developer console,
76//or whichever provider you're using.
77$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
78$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
79
80//If this automatic URL doesn't work, set it yourself manually to the URL of this script
81$redirectUri = (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
82//$redirectUri = 'http://localhost/PHPMailer/redirect';
83
85 'clientId' => $clientId,
86 'clientSecret' => $clientSecret,
87 'redirectUri' => $redirectUri,
88 'accessType' => 'offline'
89];
90
92$provider = null;
93
94switch ($providerName) {
95 case 'Google':
96 $provider = new Google($params);
97 $options = [
98 'scope' => [
99 'https://mail.google.com/'
100 ]
101 ];
102 break;
103 case 'Yahoo':
104 $provider = new Yahoo($params);
105 break;
106 case 'Microsoft':
107 $provider = new Microsoft($params);
108 $options = [
109 'scope' => [
110 'wl.imap',
111 'wl.offline_access'
112 ]
113 ];
114 break;
115}
116
117if (null === $provider) {
118 exit('Provider missing');
119}
120
121if (!isset($_GET['code'])) {
122 // If we don't have an authorization code then get one
123 $authUrl = $provider->getAuthorizationUrl($options);
124 $_SESSION['oauth2state'] = $provider->getState();
125 header('Location: ' . $authUrl);
126 exit;
127// Check given state against previously stored one to mitigate CSRF attack
128} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
129 unset($_SESSION['oauth2state']);
130 unset($_SESSION['provider']);
131 exit('Invalid state');
132} else {
133 unset($_SESSION['provider']);
134 // Try to get an access token (using the authorization code grant)
135 $token = $provider->getAccessToken(
136 'authorization_code',
137 [
138 'code' => $_GET['code']
139 ]
140 );
141 // Use this to interact with an API on the users behalf
142 // Use this to get a new access token if the old one expires
143 echo 'Refresh Token: ', $token->getRefreshToken();
144}
html()
exit
Definition: backend.php:16
$_GET["client_id"]
$_SESSION["AccountId"]
An exception for terminatinating execution or to throw for unit testing.
Get an OAuth2 token from an OAuth2 provider.
if(array_key_exists('provider', $_GET)) elseif(array_key_exists( 'provider', $_SESSION)) if(!in_array($providerName, ['Google', 'Microsoft', 'Yahoo'])) $clientId
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']