json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/credentials.json"), true)["id"], 'client_secret' => json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/credentials.json"), true)["secret"], 'code' => $_GET['code'] ); $post_data = json_encode($data); $crl = curl_init('https://github.com/login/oauth/access_token'); curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); curl_setopt($crl, CURLINFO_HEADER_OUT, true); curl_setopt($crl, CURLOPT_POST, true); curl_setopt($crl, CURLOPT_POSTFIELDS, $post_data); curl_setopt($crl, CURLOPT_HTTPHEADER, array( 'Content-Type: application/json', "Accept: application/json" )); $result = curl_exec($crl); if ($result === false) { throw new ErrorException("GitHub OAuth Flow interrupted", 214, E_ERROR); } curl_close($crl); $data = json_decode($result, true); $crl = curl_init('https://api.github.com/user'); curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); curl_setopt($crl, CURLINFO_HEADER_OUT, true); curl_setopt($crl, CURLOPT_POST, false); curl_setopt($crl, CURLOPT_HTTPHEADER, array( 'Content-Type: application/json', "Accept: application/json", "Authorization: token " . $data["access_token"], "User-Agent: UnchainedTech-Admin/0.0.0 (nekostarfan@gmail.com)" )); $result = curl_exec($crl); $ndata = json_decode($result, true); if (!in_array($ndata["login"], json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/authorized.json"), true))) { header("Location: /admin/denied"); die(); } file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/tokens/" . $data["access_token"], $ndata["login"]); setcookie("ADMIN_TOKEN", $data["access_token"], 0, "/", ".minteck.ro.lt", true, true); header("Location: /admin"); die();