Home Explore Help
Sign In
yeungalan
/
ArOZ-System-Patch
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 189ecd789f
Branches Tags
ArOZ-System-...
/
oauthgithub.php

oauthgithub.php 2.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 
  1. <?php
    2. 

  2. session_start();
    3. 

  3. //demo https://aroz.alanyeung.co/oauth.php
    4. 

  4. //please go to https://github.com/settings/applications/ to get the client_id and client_secret, pleae remind that the redirect_uri must be same as github.com
    5. 

  5. $baselink = "https://github.com/login/oauth"; //do not change it
    6. 

  6. 

  7. // CHNAGE HERE
    8. 

  8. $client_id = "8757b82f0e4c52d34ec8"; //Client ID
    9. 

  9. $client_secret = "96cfe75be2a9ffb6b8fca3811d76ebef63a17bbd"; //Client Secret
    10. 

  10. $redirect_uri = "https://aroz.alanyeung.co/AOB/oauthgithub.php"; //Authorization callback URL
    11. 

  11. // CHANGE HERE
    12. 

  12. 

  13. if(isset($_GET["code"])){
    14. 

  14. 	//we use the one time code ($_GET["code"]) to get the access_token
    15. 

  15.     $fields = array(
    16. 

  16.         'grant_type' => 'authorization_code',
    17. 

  17. 		'client_id' => $client_id,
    18. 

  18. 		'client_secret' => $client_secret,
    19. 

  19. 		'redirect_uri' => $redirect_uri,
    20. 

  20. 		'code' => $_GET["code"],
    21. 

  21.     );
    22. 

  22.     $postvars = http_build_query($fields);
    23. 

  23.     $ch = curl_init();
    24. 

  24.     curl_setopt($ch, CURLOPT_URL, $baselink."/access_token");
    25. 

  25.     curl_setopt($ch, CURLOPT_POST, count($fields));
    26. 

  26.     curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars);
    27. 

  27. 	curl_setopt($ch,CURLOPT_RETURNTRANSFER, true);
    28. 

  28. 	curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    29. 

  29. 	  'Accept: application/json'
    30. 

  30. 	));
    31. 

  31.     $result = curl_exec($ch);
    32. 

  32.     curl_close($ch);
    33. 

  33. 	$data = json_decode($result,true);
    34. 

  34. 	//$data had access_token,token_type,scope inside, but only access_token needed.
    35. 

  35. 	//print_r($data);
    36. 

  36. 	
    37. 

  37. 	//obtain the userinfo here due to github had their own OAuth implementions
    38. 

  38. 	$chs = curl_init();
    39. 

  39.     curl_setopt($chs, CURLOPT_URL, "https://api.github.com/user");
    40. 

  40. 	curl_setopt($chs,CURLOPT_RETURNTRANSFER, true);
    41. 

  41. 	curl_setopt($chs, CURLOPT_HTTPHEADER, array(
    42. 

  42. 	  "Authorization: token ".$data["access_token"],
    43. 

  43. 	  "User-Agent: Test" 
    44. 

  44. 	));
    45. 

  45.     $result = curl_exec($chs);
    46. 

  46.     curl_close($chs);
    47. 

  47. 	$userinfo = [];
    48. 

  48. 	$userinfo = json_decode($result,true);
    49. 

  49. 	if($userinfo == []){
    50. 

  50. 		echo "Error!";
    51. 

  51. 	}else{
    52. 

  52. 		$_SESSION["method"] = "Github";
    53. 

  53. 		$_SESSION["login"] = $userinfo["login"];
    54. 

  54. 		setcookie("username",$userinfo["login"],time()+ 172800 );
    55. 

  55. 		setcookie("password","OAuthGithub",time()+ 172800 );
    56. 

  56. 		echo '<script>localStorage.ArOZusername = "'.$userinfo["login"].'";window.location = "./index.php"</script>';
    57. 

  57. 	}
    58. 

  58. }
    59.