-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcallback.php
93 lines (81 loc) · 2.62 KB
/
callback.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<?php
/**
* Callback for Opauth
*
* This file (callback.php) provides an example on how to properly receive auth response of Opauth.
*
* Basic steps:
* 1. Fetch auth response based on callback transport parameter in config.
* 2. Validate auth response
* 3. Once auth response is validated, your PHP app should then work on the auth response
* (eg. registers or logs user in to your site, save auth data onto database, etc.)
*
*/
/**
* Define paths
*/
define('CONF_FILE', dirname(__FILE__).'/'.'opauth.conf.php');
define('OPAUTH_LIB_DIR', dirname(__FILE__).'/vendor/opauth/opauth/lib/Opauth/');
/**
* Load config
*/
if (!file_exists(CONF_FILE)) {
trigger_error('Config file missing at '.CONF_FILE, E_USER_ERROR);
exit();
}
require CONF_FILE;
/**
* Instantiate Opauth with the loaded config but not run automatically
*/
require OPAUTH_LIB_DIR.'Opauth.php';
$Opauth = new Opauth( $config, false );
/**
* Fetch auth response, based on transport configuration for callback
*/
$response = null;
switch($Opauth->env['callback_transport']) {
case 'session':
session_start();
$response = $_SESSION['opauth'];
unset($_SESSION['opauth']);
break;
case 'post':
$response = json_decode(base64_decode( $_POST['opauth'] ), true);
break;
case 'get':
$response = json_decode(base64_decode( $_GET['opauth'] ), true);
break;
default:
echo '<strong style="color: red;">Error: </strong>Unsupported callback_transport.'."<br>\n";
break;
}
/**
* Check if it's an error callback
*/
if (array_key_exists('error', $response)) {
echo '<strong style="color: red;">Authentication error: </strong> Opauth returns error auth response.'."<br>\n";
}
/**
* Auth response validation
*
* To validate that the auth response received is unaltered, especially auth response that
* is sent through GET or POST.
*/
else{
if (empty($response['auth']) || empty($response['timestamp']) || empty($response['signature']) || empty($response['auth']['provider']) || empty($response['auth']['uid'])) {
echo '<strong style="color: red;">Invalid auth response: </strong>Missing key auth response components.'."<br>\n";
} elseif (!$Opauth->validate(sha1(print_r($response['auth'], true)), $response['timestamp'], $response['signature'], $reason)) {
echo '<strong style="color: red;">Invalid auth response: </strong>'.$reason.".<br>\n";
} else {
echo '<strong style="color: green;">OK: </strong>Auth response is validated.'."<br>\n";
/**
* It's all good. Go ahead with your application-specific authentication logic
*/
}
}
/**
* Auth response dump
*/
echo "<pre>";
print_r($response);
echo "</pre>";