Upload files to ''

login.php

@@ -131,6 +131,7 @@ if (file_exists("SystemAOB/functions/personalization/sysconf/login.config")){
 		<button class="ts primary button" style="background-color:<?php echo $themeColor; ?>;border-width: 0px;" onClick="postLogin();">Sign In</button>
 		<br><br>
 		<a class="ts primary button" style="background-color:<?php echo $themeColor; ?>;border-width: 0px;" href="https://adfs.alanyeung.co/adfs/oauth2/authorize?client_id=c5c68c24-153c-4bf5-90e7-7552baea7f39&redirect_uri=https%3A%2F%2Faroz.alanyeung.co%2FAOB%2Foauth.php&scope=openid&response_type=code&response_mode=form_post&nonce=tacv8wxjk5">Sign in via ADFS</a>
+		<a class="ts primary button" style="background-color:<?php echo $themeColor; ?>;border-width: 0px;" href="https://github.com/login/oauth/authorize?client_id=8757b82f0e4c52d34ec8&redirect_uri=https://aroz.alanyeung.co/AOB/oauthgithub.php">Sign in via GitHub</a>
 		<?php
 		$template = '<div class="ts outlined message">
 			<div id="logoutmsg" style="color:#3fb7e2;"><i class="log out icon"></i>You have been logged out.</div>

oauthgithub.php

@@ -0,0 +1,53 @@
+<?php
+//demo https://aroz.alanyeung.co/oauth.php
+//please go to https://github.com/settings/applications/ to get the client_id and client_secret, pleae remind that the redirect_uri must be same as github.com
+$baselink = "https://github.com/login/oauth"; //do not change it
+
+// CHNAGE HERE
+$client_id = "8757b82f0e4c52d34ec8"; //Client ID
+$client_secret = "96cfe75be2a9ffb6b8fca3811d76ebef63a17bbd"; //Client Secret
+$redirect_uri = "https://aroz.alanyeung.co/AOB/oauthgithub.php"; //Authorization callback URL
+// CHANGE HERE
+
+if(isset($_GET["code"])){
+	//we use the one time code ($_GET["code"]) to get the access_token
+    $fields = array(
+        'grant_type' => 'authorization_code',
+		'client_id' => $client_id,
+		'client_secret' => $client_secret,
+		'redirect_uri' => $redirect_uri,
+		'code' => $_GET["code"],
+    );
+    $postvars = http_build_query($fields);
+    $ch = curl_init();
+    curl_setopt($ch, CURLOPT_URL, $baselink."/access_token");
+    curl_setopt($ch, CURLOPT_POST, count($fields));
+    curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars);
+	curl_setopt($ch,CURLOPT_RETURNTRANSFER, true);
+	curl_setopt($ch, CURLOPT_HTTPHEADER, array(
+	  'Accept: application/json'
+	));
+    $result = curl_exec($ch);
+    curl_close($ch);
+	$data = json_decode($result,true);
+	//$data had access_token,token_type,scope inside, but only access_token needed.
+	//print_r($data);
+	
+	//obtain the userinfo here due to github had their own OAuth implementions
+	$chs = curl_init();
+    curl_setopt($chs, CURLOPT_URL, "https://api.github.com/user");
+	curl_setopt($chs,CURLOPT_RETURNTRANSFER, true);
+	curl_setopt($chs, CURLOPT_HTTPHEADER, array(
+	  "Authorization: token ".$data["access_token"],
+	  "User-Agent: Test" 
+	));
+    $result = curl_exec($chs);
+    curl_close($chs);
+	$userinfo = json_decode($result,true);
+	//print_r($userinfo);
+	session_start();
+	$_SESSION["login"] = $userinfo["login"];
+	setcookie("username",$userinfo["login"],time()+ 172800 );
+	setcookie("password","OAuthGithub",time()+ 172800 );
+	echo '<script>localStorage.ArOZusername = "'.$userinfo["login"].'";window.location = "./index.php"</script>';
+}