-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathget_token.php
More file actions
58 lines (47 loc) · 1.39 KB
/
get_token.php
File metadata and controls
58 lines (47 loc) · 1.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<?php
session_start();
$c = require_once '_config.php';
/**
* USER DENY REQUEST
*/
if ( ! empty($_GET['error'])) {
die($_GET['error'].': '.$_GET['error_description']);
}
/**
* USER ALLOW REQUEST
*/
if( ! function_exists('curl_version')) {
die('CURL extension required');
}
if (empty($_GET['code'])) {
die('Invalid code');
}
// state - optional param
if (empty($_GET['state'])) {
die('Invalid state');
}
if (session_id() != $_GET['state']) {
die('Invalid session id. Probably the user has logged out');
}
$ch = curl_init($c['provider'].'/oauth/access_token?'.http_build_query(array('code' => $_GET['code'], 'client_secret' => $c['client_secret'], 'client_id' => $c['client_id'])));
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
if ( ! $request_token = curl_exec($ch)) {
die('Request Error');
}
$response_token = json_decode($request_token, TRUE);
if ( ! empty($response_token['error']))
{
die($response_token['error'].': '.$response_token['error_description']);
}
else
{
$_SESSION['vipparcel_access'] = array(
'access_token' => $response_token['access_token'],
'expires_in' => $response_token['expires_in'],
'user_id' => $response_token['user_id'],
);
header('Location: '.$c['script_url']);
}