-
Notifications
You must be signed in to change notification settings - Fork 65
/
oauth2response.php
executable file
·103 lines (87 loc) · 3.38 KB
/
oauth2response.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
<?php
/**
* Copyright (C) 2014 University of Central Florida, created by Jacob Bates, Eric Colon, Fenel Joseph, and Emily Sachs.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Primary Author Contact: Jacob Bates <jacob.bates@ucf.edu>
*/
require_once('../config/settings.php');
session_start();
function printError($msg){
echo '
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>UDOIT Accessibility Checker</title>
<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css" />
<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap-theme.min.css" />
</head>
<body>
<div style="padding: 12px;">
<div class="alert alert-danger">
<span class="glyphicon glyphicon-exclamation-sign"></span> '.$msg.'
</div>
</div>
</body>
</html>
';
die();
}
$base_url = $_SESSION['base_url'];
if (isset($_GET['code'])) {
//Exchange code for API key
$url = $base_url . '/login/oauth2/token';
$postdata = array(
'grant_type' => 'authorization_code',
'client_id' => $oauth2_id,
'redirect_uri' => $oauth2_uri,
'client_secret' => $oauth2_key,
'code' => $_GET['code']
);
$post = http_build_query($postdata);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = json_decode(curl_exec($ch));
curl_close($ch);
// It should have access_token and refresh_token
if( !isset($response->access_token) || !isset($response->refresh_token) ){
printError('Authentication problem: Please contact support.');
}
// Save the API key to the session variable
$_SESSION['api_key'] = $response->access_token;
// Save Refresh Key to DB
$dbh = include('../lib/db.php');
$sth = $dbh->prepare("SELECT * FROM $db_user_table WHERE id=:userid LIMIT 1");
$sth->bindParam(':userid', $_SESSION['launch_params']['custom_canvas_user_id'], PDO::PARAM_INT);
$sth->execute();
$result = $sth->fetchAll();
if(isset($result[0])) {
$sth = $dbh->prepare("UPDATE $db_user_table SET api_key=:key WHERE id=:userid LIMIT 1");
} else {
$sth = $dbh->prepare("INSERT INTO $db_user_table (id, api_key, date_created) VALUES (:userid, :key, CURRENT_TIMESTAMP)");
}
$sth->bindParam(':key', $response->refresh_token, PDO::PARAM_STR);
$sth->bindParam(':userid', $_SESSION['launch_params']['custom_canvas_user_id'], PDO::PARAM_INT);
$sth->execute();
session_write_close();
header('Location:index.php');
} elseif (isset($_GET['error'])) {
printError('Authentication problem: Access Denied.');
} else {
printError('Authentication problem, please ensure that your instance of UDOIT is configured correctly.');
}