index.php @ 753

Revision 753, 10.5 kB (checked in by nadya, 3 years ago)
OpenAuth Sample Code added

Line
1	<?php
2
3	$endpoint = getEnvVar('endpoint');
4	$wrap_client_id = getEnvVar('wrap_client_id');
5	$wrap_client_secret = getEnvVar('wrap_client_secret');
6	$wlevel = getEnvVar('wlevel');
7	$wduration = getEnvVar('wduration');
8
9	$wrap_verification_code = getEnvVar('wrap_verification_code');
10	$wrap_client_state = getEnvVar('wrap_client_state');
11	$wrap_refresh_token = getEnvVar('wrap_refresh_token');
12	$wrap_access_token_expires_in = null;
13
14	$action = getEnvVar('action');
15
16	function getEnvVar( $keyname ) {
17	if (array_key_exists($keyname, $_GET)) {
18	return $_GET[$keyname];
19	}
20	elseif (array_key_exists($keyname, $_POST)) {
21	return $_POST[$keyname];
22	}
23	else {
24	return null;
25	}
26	}
27
28	# Load the config file
29	$config = parse_ini_file("oauth-config.ini", true);
30
31	# Make a database connection
32	$mysqli = new mysqli(
33	$config['database']['host' ],
34	$config['database']['username'],
35	$config['database']['password'],
36	$config['database']['db' ]
37	);
38
39	function createEntryId ($mysqli) {
40
41	$select_last = $mysqli->prepare('SELECT MAX(id) FROM access');
42	$create_entry = $mysqli->prepare('INSERT INTO access SET id=?');
43
44	$select_last->execute();
45	$select_last->bind_result($last_id);
46	$select_last->fetch();
47	$select_last->close();
48
49	$last_id ? 0 : $last_id; # $last_id \|\|= 0;
50	$last_id += 1;
51
52	# There shouldn't be much, if any, time between the previous query
53	# and this statement.. (famous last words)
54	$create_entry->bind_param('i', $last_id);
55	$create_entry->execute();
56	$create_entry->close();
57
58	return $last_id;
59	}
60
61	function getEndpoint ($mysqli, $endpoint = null) {
62
63	if (!$endpoint) {
64	die("No endpoint specified");
65	return null;
66	}
67
68	$result= $mysqli->query('SELECT id, endpoint FROM endpoints WHERE endpoint="'.$endpoint.'"');
69	$endpoint = $result->fetch_object();
70
71	return $endpoint;
72	}
73
74	function createEndpoint ($mysqli, $endpoint = null) {
75
76	if (!$endpoint) {
77	die("No endpoint specified");
78	return null;
79	}
80
81	$mysqli->query('INSERT INTO endpoints SET endpoint="'.$endpoint.'"');
82	return getEndpoint($mysqli, $endpoint);
83	}
84
85	function addEntry ($mysqli, $endpoint, $client_id, $client_level, $client_duration, $client_secret) {
86
87	$id = createEntryId($mysqli);
88
89	$endpointrec = getEndpoint($mysqli, $endpoint);
90	if (!$endpointrec) {
91	$endpointrec = createEndpoint($mysqli, $endpoint);
92	}
93
94	$query = $mysqli->prepare('UPDATE access SET endpoint=?, client_id=?, client_level=?, client_duration=?, client_secret=? WHERE id=?');
95	$query->bind_param('issssi', $endpointrec->id, $client_id, $client_level, $client_duration, $client_secret, $id);
96
97	$query->execute();
98
99	return $id;
100	}
101
102	function deleteEntry ($mysqli, $id) {
103	$mysqli->query("DELETE FROM access WHERE id=$id");
104	}
105
106	function getEntry ($mysqli, $id) {
107
108	if (!$id) {
109	die("No id specified");
110	return null;
111	}
112
113	$result = $mysqli->query("SELECT access.*, endpoints.id as endpoint_id, endpoints.endpoint FROM access LEFT JOIN endpoints ON (access.endpoint=endpoints.id) WHERE access.id=$id");
114	$entry = $result->fetch_object();
115
116	return $entry;
117	}
118
119	function setAccessToken ($mysqli, $id, $token) {
120
121	$query = $mysqli->prepare("UPDATE access SET access_token=? WHERE access.id=?");
122	$query->bind_param('si', $token, $id);
123	$query->execute();
124	}
125
126	function setRefreshToken ($mysqli, $id, $token) {
127
128	$query = $mysqli->prepare("UPDATE access SET refresh_token=? WHERE access.id=?");
129	$query->bind_param('si', $token, $id);
130	$query->execute();
131	}
132
133	function curPageURL() {
134
135	$pageURL = 'http';
136
137	if (array_key_exists("HTTPS", $_SERVER)) {
138	if ($_SERVER["HTTPS"] == "on") {
139	$pageURL .= "s";
140	}
141	}
142
143	$pageURL .= "://";
144
145	if ($_SERVER["SERVER_PORT"] != "80") {
146	$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["SCRIPT_NAME"];
147	}
148	else {
149	$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["SCRIPT_NAME"];
150	}
151
152	return $pageURL;
153	}
154
155	function do_post_request($url, $data = array()) {
156	$params = array(
157	'http' => array(
158	'method' => 'POST',
159	'content' => $data
160	)
161	);
162
163	$ctx = stream_context_create($params);
164	$fp = @fopen($url, 'rb', false, $ctx);
165
166	if (!$fp) {
167	echo "<!--\n";
168	print_r($params);
169	echo "-->\n";
170	die("Problem accessing $url");
171	}
172
173	$response = @stream_get_contents($fp);
174
175	if ($response === false) {
176	//throw new Exception("Problem reading data from $url, $php_errormsg");
177	die("Problem reading data from $url");
178	}
179
180	return $response;
181	}
182
183	function redirect ($url) {
184	header("HTTP/1.1 303 See Other");
185	header("Location: $url");
186	exit;
187	}
188
189	if ($endpoint && $wrap_client_id && $wrap_client_secret && $wlevel && $wduration) {
190
191	$wrap_client_state = addEntry(
192	$mysqli,
193	$endpoint,
194	$wrap_client_id,
195	$wlevel,
196	$wduration,
197	$wrap_client_secret
198	);
199
200	# Make auth request
201	$request_params = array(
202	'wrap_client_id' => $wrap_client_id,
203	'wrap_client_state' => $wrap_client_state,
204	'wrap_callback' => curPageURL(),
205	'wrap_scope' => $wlevel.'/'.$wduration,
206	);
207
208	redirect("https://$endpoint/g2/auth_login.action?".http_build_query($request_params));
209	}
210	elseif ($wrap_verification_code) {
211	# We made a request and have a token.
212	# Store the token, and allow us to request access
213
214	# Need endpoint from DB
215	$entry = getEntry($mysqli, $wrap_client_state);
216	$endpoint = "https://".$entry->endpoint."/oauth/request_access_token";
217
218	# Forget the link above. We need to POST the info to the endpoint.
219	$data = array(
220	'wrap_client_id' => $entry->client_id,
221	'wrap_client_secret' => $entry->client_secret,
222	'wrap_callback' => curPageURL(),
223	'wrap_verification_code' => $wrap_verification_code,
224	);
225
226	$result = do_post_request($endpoint, http_build_query($data));
227
228	if ($result) {
229	preg_replace("/[\f\n\r]+$/si", null, $result);
230	$lines = preg_split("/[\f\n\r]+/", $result);
231	$details = array();
232
233	foreach ($lines as $line) {
234	preg_replace("/[\f\n\r]*$/si", null, $line);
235	if ($line) {
236	$values = preg_split("/:\ /", $line);
237	$details[$values[0]] = $values[1];
238	}
239	}
240
241	# Save the details to the DB..
242	setAccessToken ($mysqli, $wrap_client_state, $details['wrap_access_token' ]);
243	setRefreshToken($mysqli, $wrap_client_state, $details['wrap_refresh_token']);
244
245	$wrap_access_token_expires_in = $details['wrap_access_token_expires_in'];
246	}
247	else {
248	print '<div style="color: red">Error from server</div>';
249
250	print_r($result);
251	}
252
253	}
254	elseif ($action) {
255	if ($action == 'refresh') {
256
257	# Need endpoint from DB
258	$entry = getEntry($mysqli, $wrap_client_state);
259	$endpoint = "https://".$entry->endpoint."/oauth/refresh_access_token";
260
261	# Forget the link above. We need to POST the info to the endpoint.
262	$data = array(
263	'wrap_client_id' => $entry->client_id,
264	'wrap_client_secret' => $entry->client_secret,
265	'wrap_refresh_token' => $wrap_refresh_token,
266	);
267
268	$result = do_post_request($endpoint, http_build_query($data));
269
270	if ($result) {
271
272	preg_replace("/[\f\n\r]+$/", null, $result);
273	$lines = preg_split("/[\f\n\r]+/", $result);
274	$details = array();
275
276	foreach ($lines as $line) {
277	preg_replace("/[\f\n\r]*$/", null, $line);
278	if ($line) {
279	$values = preg_split("/:\ /", $line);
280	$details[$values[0]] = $values[1];
281	}
282	}
283
284	# Save the details to the DB..
285	setAccessToken($mysqli, $wrap_client_state, $details['wrap_access_token']);
286
287	$wrap_access_token_expires_in = $details['wrap_access_token_expires_in'];
288	}
289	else {
290	print '<div style="color: red">Error with server</div>';
291	print_r($result);
292	}
293	}
294	elseif ($action == 'delete') {
295
296	deleteEntry($mysqli, $wrap_client_state);
297	print '<div style="color: green">Entry #'.$wrap_client_state.' deleted</div>';
298	}
299	}
300
301	if ($endpoint) {
302	$endpoint = preg_replace("{^https://(.+?)/.*$}", "\\1", $endpoint);
303	}
304
305	?>
306
307	<html>
308	<head>
309	<title>Telnic PHP OpenAuth Tester</title>
310	<style type="text/css">
311
312	body {
313	width: 1200px;
314	margin: 0 auto;
315	padding: 0;
316	font-family: "trebuchet ms", arial, sans;
317	font-size: 13px;
318	}
319
320	div#tel-logo {
321	background:url("tel-logo.png") no-repeat scroll 0 0 transparent;
322	float:right;
323	height:90px;
324	left:-700px;
325	position:relative;
326	top:148px;
327	width:90px;
328	}
329
330	div.title {
331	font-size: 26px;
332	}
333
334	ul.form-group {
335	display:block;
336	list-style-type:none;
337	}
338
339	li.form-head {
340	color: black;
341	float: left;
342	width: 160px;
343	}
344
345	ul.entry {
346	border: 1px solid #5D29A4;
347	padding: 10px;
348	margin-left: 40px;
349	width: 1016px;
350	}
351
352	ul.entry, ul.entry ul {
353	display:block;
354	list-style-type:none;
355	}
356
357	ul.entry ul {
358	clear: both;
359	padding-left: 0;
360	}
361
362	ul.entry ul li.entry-head {
363	color: #5D29A4;
364	float: left;
365	width: 120px;
366	}
367
368	ul.entry ul li.entry-data {
369	}
370
371	.mono {
372	font-family: courier;
373	font-size: 11px;
374	}
375
376	</style>
377	</head>
378	<body>
379	<div class="title">Telnic OpenAuth Tester</div>
380	<div id="tel-logo"></div>
381	<form method="POST" action="<?= curPageURL() ?>">
382	<ul class="form-group">
383	<li class="form-head">NSP Endpoint</li>
384	<li class="form-data"><input name="endpoint"<? if ($endpoint) { ?> value="<?= $endpoint ?>"<? } ?>></li>
385	</ul>
386	<ul class="form-group">
387	<li class="form-head">Wrap Client ID</li>
388	<li class="form-data"><input name="wrap_client_id"<? if ($wrap_client_id) { ?> value="<?= $wrap_client_id ?>"<? } ?>></li>
389	</ul>
390	<ul class="form-group">
391	<li class="form-head">Wrap Client Secret</li>
392	<li class="form-data"><input name="wrap_client_secret"<? if ($wrap_client_secret) { ?> value="<?= $wrap_client_secret ?>"<? } ?>></li>
393	</ul>
394	<ul class="form-group">
395	<li class="form-head">Wrap Client Access Level</li>
396	<li class="form-data">
397	<select name="wlevel">
398	<option value="backup"<?= $wlevel=="backup"?' selected':''?>>Backup</option>
399	<option value="profiles"<?= $wlevel=="profiles"?' selected':''?>>Profiles</option>
400	<option value="records"<?= $wlevel=="records"?' selected':''?>>Records</option>
401	<option value="complete"<?= $wlevel=="complete"?' selected':''?>>Complete</option>
402	</select>
403	</li>
404	</ul>
405	<ul class="form-group">
406	<li class="form-head">Wrap Access Duration</li>
407	<li class="form-data">
408	<select name="wduration">
409	<option value="oneday"<?= $wduration=="oneday"?' selected':''?>>One day</option>
410	<option value="forever"<?= $wduration=="forever"?' selected':''?>>Forever</option>
411	</select>
412	</li>
413	</ul>
414	<ul class="form-group">
415	<li><input type="submit" value="Request Token"></input></li>
416	</ul>
417	</form>
418	<? if ($wrap_access_token_expires_in) { ?>
419	<div class="expiry">Token expiration: <?= $wrap_access_token_expires_in ?></div>
420	<? } ?>
421	<? include "entries.php" ?>
422	</body>
423	</html>

Note: See TracBrowser for help on using the browser.