Created
February 4, 2020 15:51
-
-
Save chadwilken/d4805341bc21e7c0bffed365940b2ceb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$provider = new \League\OAuth2\Client\Provider\GenericProvider([ | |
'clientId' => '', // Your client ID | |
'clientSecret' => '', // Your secret key | |
'redirectUri' => 'https://lonestarhazmatapp.com/wp-json/moserver/authorize', // This is where we redirect you/the user after they say it is okay for you to access CompanyCam on their behalf | |
'urlAuthorize' => 'https://app.companycam.com/oauth/authorize', | |
'urlAccessToken' => 'https://app.companycam.com/oauth/token' | |
]); | |
// If we don't have an authorization code then get one | |
// This would be in the Wordpress Admin UI, hook it up to a button or something | |
if (!isset($_GET['code'])) { | |
// Fetch the authorization URL from the provider; this returns the | |
// urlAuthorize option and generates and applies any necessary parameters | |
// (e.g. state). | |
$authorizationUrl = $provider->getAuthorizationUrl(); | |
// Get the state generated for you and store it to the session. | |
$_SESSION['oauth2state'] = $provider->getState(); | |
// Redirect the user to the authorization URL. | |
header('Location: ' . $authorizationUrl); | |
exit; | |
// Check given state against previously stored one to mitigate CSRF attack | |
} elseif (empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])) { | |
if (isset($_SESSION['oauth2state'])) { | |
unset($_SESSION['oauth2state']); | |
} | |
exit('Invalid state'); | |
} else { | |
// Once the user click the button outlined above and is sent to CompanyCam | |
// and then redirected back, this code will be executed. | |
try { | |
// Try to get an access token using the authorization code grant. | |
$accessToken = $provider->getAccessToken('authorization_code', [ | |
'code' => $_GET['code'] | |
]); | |
// We have an access token, which we may use in authenticated | |
// requests with CompanyCam. | |
// Store the access token, refresh token, and expiration date (not the seconds, but calculate WHEN). | |
echo 'Access Token: ' . $accessToken->getToken() . "<br>"; | |
echo 'Refresh Token: ' . $accessToken->getRefreshToken() . "<br>"; | |
echo 'Expired in: ' . $accessToken->getExpires() . "<br>"; | |
echo 'Already expired? ' . ($accessToken->hasExpired() ? 'expired' : 'not expired') . "<br>"; | |
// The provider provides a way to get an authenticated API request for | |
// the service, using the access token; it returns an object conforming | |
// to Psr\Http\Message\RequestInterface. | |
$request = $provider->getAuthenticatedRequest( | |
'GET', | |
'https://api.companycam.com/v2/projects', | |
$accessToken | |
); | |
} catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { | |
// Failed to get the access token or user details. | |
exit($e->getMessage()); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment