-
-
Save lszeremeta/77413633b4557325ae6e to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| error_reporting(E_ALL); | |
| ini_set("display_errors", 1); | |
| /* USOS API Base URL, trailing slash included. */ | |
| $usosapi_base_url = ''; | |
| /* URL of THIS script. Required for callback support. */ | |
| $self_url = ''; | |
| /* Your USOS API Consumer Key and Secret. Visit developers page to get one. */ | |
| $consumer_key = ''; | |
| $consumer_secret = ''; | |
| /* Required scopes. The only functionality of this application is to say hello, | |
| * so it does not really require any. But, if you want, you may access user's | |
| * email, just do the following: | |
| * - put array('email') here, | |
| * - append 'email' to the 'fields' argument of 'services/users/user' method, | |
| * you will find it below in this script. | |
| */ | |
| $scopes = array(); | |
| /* | |
| * This application stores User's Access Token in $_SESSION. This means | |
| * that it is allowed to act on User's behalf until the session OR | |
| * Access Token is expired. When session expires, it will redo the | |
| * authorization process. If the User is logged in at that time, he | |
| * won't see the authorization screen, because USOS API remembers that | |
| * he already authorized this application (the authorization notice | |
| * will be skipped). | |
| */ | |
| session_start(); | |
| /* Some USOS API methods require secure connection. Usually you'll | |
| * want to use SSL only for these methods which require you to do so | |
| * - most notably, the authorization dance. Using it for all other | |
| * methods will probably degrade performance of your application. */ | |
| $secure_base_url = str_replace("http://", "https://", $usosapi_base_url); | |
| $req_url = $secure_base_url.'services/oauth/request_token?scopes='.implode("|", $scopes); | |
| $authurl = $secure_base_url.'services/oauth/authorize'; | |
| $acc_url = $secure_base_url.'services/oauth/access_token'; | |
| class States | |
| { | |
| const BEFORE_AUTH = 1; | |
| const AUTH_IN_PROGRESS = 2; | |
| const AFTER_AUTH = 3; | |
| } | |
| /* Determine session state and page to be displayed. */ | |
| if (!isset($_SESSION['state'])) | |
| $_SESSION['state'] = States::BEFORE_AUTH; | |
| if (isset($_GET['reset'])) | |
| $_SESSION['state'] = States::BEFORE_AUTH; | |
| $page = isset($_GET['page']) ? $_GET['page'] : 'welcome'; | |
| if (!in_array($page, array('welcome', 'protected'))) | |
| $page = 'welcome'; | |
| if ($page == 'welcome') | |
| { | |
| print " | |
| <html> | |
| <head> | |
| <title>Hello World</title> | |
| <meta http-equiv='content-type' content='text/html; charset=UTF-8'> | |
| </head> | |
| <body> | |
| <p>This is simple Hello World USOS API application, written in PHP.</p> | |
| <p>It requires <a href='http://php.net/oauth'>OAuth extension</a> to run. | |
| If your provider doesn't support this extension, you will have to rewrite it using one | |
| of available PHP libraries, like <a href='http://code.google.com/p/oauth-php/'>oauth-php</a>.</p> | |
| <p><a href='?page=protected'>Click here to access a protected resource</a></p> | |
| <p>Note, that once you've authorized this application, you won't see the | |
| authorization notice again (unless you undo the authorization in your | |
| <a href='" . $usosapi_base_url . "apps/'>USOSapps Administration Panel</a>).</p> | |
| </body> | |
| </html> | |
| "; | |
| exit; | |
| } | |
| assert($page == 'protected'); | |
| try { | |
| $oauth = new OAuth($consumer_key, $consumer_secret, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_URI); | |
| $oauth->enableDebug(); | |
| if ($_SESSION['state'] == States::BEFORE_AUTH) { | |
| $request_token_info = $oauth->getRequestToken($req_url, $self_url.'?page=protected'); | |
| $_SESSION['secret'] = $request_token_info['oauth_token_secret']; | |
| $_SESSION['state'] = States::AUTH_IN_PROGRESS; | |
| header('Location: '.$authurl.((strpos($authurl, '?') === false) ? '?' : '&').'oauth_token='.$request_token_info['oauth_token']); | |
| exit; | |
| } | |
| if ($_SESSION['state'] == States::AUTH_IN_PROGRESS) { | |
| if (!isset($_GET['oauth_token'])) { | |
| print " | |
| <html> | |
| <head> | |
| <title>Failure</title> | |
| <meta http-equiv='content-type' content='text/html; charset=UTF-8'> | |
| </head> | |
| <body> | |
| <p>You came back from the authorization page, but haven't allowed access!</p> | |
| <p>Usually, I would probably redirect you <a href='?page=welcome&reset=true'>here</a>.</p> | |
| </body> | |
| </html> | |
| "; | |
| exit; | |
| } | |
| $oauth->setToken($_GET['oauth_token'],$_SESSION['secret']); | |
| $access_token_info = $oauth->getAccessToken($acc_url); | |
| $_SESSION['state'] = States::AFTER_AUTH; | |
| $_SESSION['token'] = $access_token_info['oauth_token']; | |
| $_SESSION['secret'] = $access_token_info['oauth_token_secret']; | |
| /* We might just fall through here, but we will make a redirect to | |
| * keep the URL clean (remove the token and verifier). */ | |
| header('Location: '.$self_url.'?page=protected'); | |
| exit; | |
| } | |
| if ($_SESSION['state'] == States::AFTER_AUTH) { | |
| $oauth->setToken($_SESSION['token'],$_SESSION['secret']); | |
| $oauth->fetch($usosapi_base_url."services/users/user?fields=id|first_name|last_name|sex|homepage_url|profile_url"); | |
| $json = json_decode($oauth->getLastResponse()); | |
| print " | |
| <html> | |
| <head> | |
| <title>Success!</title> | |
| <meta http-equiv='content-type' content='text/html; charset=UTF-8'> | |
| </head> | |
| <body> | |
| <p>Hello $json->first_name!</p> | |
| <p>I just used the <a href='${usosapi_base_url}developers/api/services/users/#user'> | |
| services/users/user</a> method in order to get some of your details. These are the | |
| ones I got:</p> | |
| <pre>".print_r($json, true)."</pre> | |
| <p>Things for you to try:</p> | |
| <ul> | |
| <li>log out of USOS, then refresh this page,</li> | |
| <li>withdraw the privileges you gave me (see your | |
| <a href='" . $usosapi_base_url . "apps/'>USOSapps Administration Panel</a>), | |
| then refresh this page,</li> | |
| <li><a href='?page=welcome&reset=true'>start over</a>.</li> | |
| </ul> | |
| </body> | |
| </html> | |
| "; | |
| exit; | |
| } | |
| } catch(OAuthException $E) { | |
| session_destroy(); | |
| print " | |
| <html> | |
| <head> | |
| <title>Failure</title> | |
| <meta http-equiv='content-type' content='text/html; charset=UTF-8'> | |
| </head> | |
| <body> | |
| <p>I got an OAuth error! If you haven't messed around with the code, then I should | |
| assume the the Access Token I used have expired. In this case, I should just redo | |
| the authorization process. Usually, I wouldn't ask you to confirm that!</p> | |
| <p><a href='?page=protected&reset=true'>Click here to continue!</a> | |
| <hr>Last response:<br><b>".print_r($E->lastResponse, true)."</b><br><br>Exception dump:<pre>".print_r($E, true)."</pre> | |
| </body></html> | |
| "; | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment