You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
<?php
|
|
|
|
|
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
|
|
require '_common.php';
|
|
|
|
|
|
|
|
use authkit2\Authkit2;
|
|
|
|
|
|
|
|
// Initialize the three-legged oauth flow
|
|
|
|
$flow = new \authkit2\Oidc\Flows\UserFlow(Authkit2::get_client());
|
|
|
|
|
|
|
|
// Step 2: Exchange the authentication code for a actual token
|
|
|
|
|
|
|
|
// First, validate state to ensure this request is a response to the one we
|
|
|
|
// triggered by validating the nonce
|
|
|
|
$state = $_GET['state'];
|
|
|
|
try
|
|
|
|
{
|
|
|
|
$flow->validateState($state);
|
|
|
|
}
|
|
|
|
catch (\Exception $ex)
|
|
|
|
{
|
|
|
|
die('Invalid state returned');
|
|
|
|
}
|
|
|
|
|
|
|
|
// If that passes, then we can exchange the authentication code for a token
|
|
|
|
$code = $_GET['code'];
|
|
|
|
$token = $flow->exchangeCodeForToken($code, OPENID_CALLBACK_URL);
|
|
|
|
|
|
|
|
// Set the token in the session
|
|
|
|
$_SESSION['access_token'] = $token->getAccessToken();
|
|
|
|
$_SESSION['refresh_token'] = $token->getRefreshToken();
|
|
|
|
|
|
|
|
// Now redirect them back to the home page!
|
|
|
|
header('Location: index.php');
|