forked from workos/php-example-applications
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrouter.php
123 lines (97 loc) · 4.1 KB
/
router.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
require __DIR__ . "/vendor/autoload.php";
use Twig\Environment;
use Twig\Loader\FilesystemLoader;
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__);
$dotenv->load();
//Set API Key, ClientID, and Organization ID
$WORKOS_API_KEY = $_ENV['WORKOS_API_KEY'];
$WORKOS_CLIENT_ID = $_ENV['WORKOS_CLIENT_ID'];
$WORKOS_ORGANIZATION_ID = $_ENV['WORKOS_ORGANIZATION_ID'];
// Setup html templating library
$loader = new FilesystemLoader(__DIR__ . '/templates');
$twig = new Environment($loader);
// Configure WorkOS with API Key and Client ID
\WorkOS\WorkOS::setApiKey($WORKOS_API_KEY);
\WorkOS\WorkOS::setClientId($WORKOS_CLIENT_ID);
// Convenient function for throwing a 404
function httpNotFound()
{
header($_SERVER["SERVER_PROTOCOL"] . " 404");
return true;
}
// Routing
switch (strtok($_SERVER["REQUEST_URI"], "?")) {
case (preg_match("/\.css$/", $_SERVER["REQUEST_URI"]) ? true : false):
$path = __DIR__ . "/static/css" .$_SERVER["REQUEST_URI"];
if (is_file($path)) {
header("Content-Type: text/css");
readfile($path);
return true;
}
return httpNotFound();
case (preg_match("/\.png$/", $_SERVER["REQUEST_URI"]) ? true : false):
$path = __DIR__ . "/static/images" .$_SERVER["REQUEST_URI"];
if (is_file($path)) {
header("Content-Type: image/png");
readfile($path);
return true;
}
return httpNotFound();
// /auth route is what will run the getAuthorizationUrl function
/* There are 6 parameters for the GetAuthorizationURL Function
Domain (deprecated), Redirect URI, State, Provider, Connection and Organization
These can be read about here: https://workos.com/docs/reference/sso/authorize/get */
case ("/auth"):
$loginType = $_POST['login_method'];
// Set the organization or provider based on the login type
if ($loginType == "saml") {
$authorizationUrl = (new \WorkOS\SSO())
->getAuthorizationUrl(
null, //domain is deprecated, use organization instead
'http://localhost:8000/callback', //redirectURI
[], //state array, also empty
null, //Provider which can remain null unless being used
null, //Connection which is the WorkOS Organization ID,
$WORKOS_ORGANIZATION_ID //organization ID, to identify connection based on organization ID,
);
} else {
$authorizationUrl = (new \WorkOS\SSO())
->getAuthorizationUrl(
null, //domain is deprecated, use organization instead
'http://localhost:8000/callback', //redirectURI
null, //state array, also empty
$loginType, //Provider which can remain null unless being used
);
}
header('Location: ' . $authorizationUrl, true, 302);
return true;
// /callback route is what will run the getProfileAndToken function and return it
case ("/callback"):
$profile = (new \WorkOS\SSO())->getProfileAndToken($_GET["code"]);
$first_name = $profile->raw['profile']['first_name'];
session_start();
$_SESSION['first_name'] = $first_name;
$_SESSION['profile'] = $profile;
$_SESSION['isactive'] = true;
header('Location: ' . '/', true, 302);
return true;
// / route renders the login page if no user set, logged in page if user is set
case ("/"):
session_start();
if (isset($_SESSION['first_name'])) {
echo $twig->render("login_successful.html.twig", ['raw_profile' => json_encode($_SESSION['profile'], JSON_PRETTY_PRINT), 'first_name' => $_SESSION['first_name']]);
} else {
echo $twig->render("login.html.twig");
}
return true;
// /logout clears and ends the session
case ("/logout"):
session_start();
session_unset();
session_destroy();
header('Location: ' . '/', true, 302);
return true;
default:
return httpNotFound();
}