aboutsummaryrefslogtreecommitdiff
path: root/oauth/embed
diff options
context:
space:
mode:
Diffstat (limited to 'oauth/embed')
-rw-r--r--oauth/embed/index.php52
1 files changed, 0 insertions, 52 deletions
diff --git a/oauth/embed/index.php b/oauth/embed/index.php
deleted file mode 100644
index d77be15..0000000
--- a/oauth/embed/index.php
+++ /dev/null
@@ -1,52 +0,0 @@
-<?php
-
-header("Content-Type: text/plain");
-// TODO: handle errors
-$_CONFIG = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/private/FamilineConfig.json"), true);
-
-if (!isset($_GET['code'])) {
- die();
-}
-
-$appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/app.json"), true);
-
-$crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/token');
-curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
-curl_setopt($crl, CURLINFO_HEADER_OUT, true);
-curl_setopt($crl, CURLOPT_POST, true);
-curl_setopt($crl, CURLOPT_HTTPHEADER, [
- "Authorization: Basic " . base64_encode($appdata["id"] . ":" . $appdata["secret"]),
- "Content-Type: application/x-www-form-urlencoded",
- "Accept: application/json"
-]);
-curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://" . $_CONFIG["Global"]["domain"] . "/oauth/embed") . "&code=" . $_GET['code']);
-
-$result = curl_exec($crl);
-var_dump($result);
-$result = json_decode($result, true);
-
-curl_close($crl);
-
-if (isset($result["access_token"])) {
- $crl = curl_init('https://' . $_CONFIG["Global"]["federation"]. '/auth/realms/Familine/protocol/openid-connect/userinfo');
- curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($crl, CURLINFO_HEADER_OUT, true);
- curl_setopt($crl, CURLOPT_HTTPHEADER, [
- "Authorization: Bearer " . $result["access_token"],
- "Accept: application/json"
- ]);
-
- $result = curl_exec($crl);
- var_dump($result);
- $result = json_decode($result, true);
-
- $token = bin2hex(random_bytes(32));
- $result["login"] = $result["preferred_username"];
- $result["name_internal"] = $result["name"];
- $result["name"] = $result["family_name"] . " " . $result["given_name"];
- $result["id"] = $result["sub"];
- file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/private/tokens/" . $token, json_encode($result));
- setcookie("FL_SESSION_TOKEN", $token, strtotime('+365 days'), "/", "." . $_CONFIG["Global"]["domain"], true, true);
-
- header("Location: /statusbar.php");
-} \ No newline at end of file
© Floofi Systems, Some rights reserved. Powered by cgit.