|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Examples\Controllers; |
|
4
|
|
|
|
|
5
|
|
|
use Examples\Models\Store; |
|
6
|
|
|
use Lifeboat\App; |
|
7
|
|
|
use Lifeboat\Exceptions\OAuthException; |
|
8
|
|
|
|
|
9
|
|
|
/** |
|
10
|
|
|
* Class Auth |
|
11
|
|
|
* @package Examples\Controllers |
|
12
|
|
|
* |
|
13
|
|
|
* An example controller as how to handle the Lifeboat Auth process |
|
14
|
|
|
* |
|
15
|
|
|
* BEFORE YOU START |
|
16
|
|
|
* You will need to register your app with Lifeboat team. |
|
17
|
|
|
* Contact [email protected] to get your app credentials. |
|
18
|
|
|
* |
|
19
|
|
|
* This controller is designed to show how your app will authenticate with Lifeboat APIs |
|
20
|
|
|
* and allow your app to interact with Lifeboat APIs where the logged in user permissions |
|
21
|
|
|
* are automatically checked at an API level. |
|
22
|
|
|
* |
|
23
|
|
|
* Base url: /auth |
|
24
|
|
|
* |
|
25
|
|
|
* /auth/process |
|
26
|
|
|
* @see Auth::process() |
|
27
|
|
|
* This controller action shows how to handle the response from the Lifeboat Auth, |
|
28
|
|
|
* using the Lifeboat SDK |
|
29
|
|
|
* |
|
30
|
|
|
* /auth/error |
|
31
|
|
|
* @see Auth::error() |
|
32
|
|
|
* This controller action shows how to handle Lifeboat Auth errors |
|
33
|
|
|
*/ |
|
34
|
|
|
class Auth extends Controller { |
|
35
|
|
|
|
|
36
|
|
|
const LIFEBOAT_APP_ID = '[[Lifeboat App ID]]'; |
|
37
|
|
|
const LIFEBOAT_APP_SECRET = '[[Lifeboat App Secret]]'; |
|
38
|
|
|
|
|
39
|
|
|
private static $url_segment = 'auth'; |
|
40
|
|
|
private static $allowed_actions = ['process', 'error']; |
|
41
|
|
|
|
|
42
|
|
|
/** @var \Lifeboat\App $app */ |
|
43
|
|
|
private static $_app; |
|
44
|
|
|
|
|
45
|
|
|
/** |
|
46
|
|
|
* Process the code returns by the Lifeboat Auth process |
|
47
|
|
|
* and ensure the user has selected an active site |
|
48
|
|
|
*/ |
|
49
|
|
|
public function process() |
|
50
|
|
|
{ |
|
51
|
|
|
// It's essential for the app to run correctly that sessions |
|
52
|
|
|
// are started and working |
|
53
|
|
|
if (session_status() !== PHP_SESSION_ACTIVE) { |
|
54
|
|
|
session_start(); |
|
55
|
|
|
} |
|
56
|
|
|
|
|
57
|
|
|
// This function will automatically create an access token |
|
58
|
|
|
// and save it into $_SESSIONS |
|
59
|
|
|
try { |
|
60
|
|
|
self::get_app()->fetchAccessToken($_GET['code'] ?? ''); |
|
61
|
|
|
} catch (OAuthException $e) { |
|
62
|
|
|
error_log($e); |
|
63
|
|
|
$this->reloadAuth(); |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
/** |
|
67
|
|
|
* OPTIONAL: |
|
68
|
|
|
* If you need to perform actions off-session (cron, etc...) |
|
69
|
|
|
* You'll need to store the host and site_key |
|
70
|
|
|
* @see Store::find_or_make() |
|
71
|
|
|
* @see App::setActiveSite() |
|
72
|
|
|
* @see App::getAccessToken() |
|
73
|
|
|
*/ |
|
74
|
|
|
Store::find_or_make(self::get_app()->getSiteKey(), self::get_app()->getHost()); |
|
75
|
|
|
|
|
76
|
|
|
header("Location: /"); |
|
77
|
|
|
flush(); |
|
78
|
|
|
die(); |
|
|
|
|
|
|
79
|
|
|
} |
|
80
|
|
|
|
|
81
|
|
|
public function reloadAuth() |
|
82
|
|
|
{ |
|
83
|
|
|
// URL to process the auth response |
|
84
|
|
|
$process = '/auth/process'; |
|
85
|
|
|
|
|
86
|
|
|
// URL to handle auth errors |
|
87
|
|
|
$error = '/auth/error'; |
|
88
|
|
|
|
|
89
|
|
|
// A one-time use challenge code to prevent man in the middle attacks |
|
90
|
|
|
$challenge = self::get_app()->getAPIChallenge(); |
|
91
|
|
|
|
|
92
|
|
|
// Redirect to the auth URL |
|
93
|
|
|
header("Location: " . self::get_app()->getAuthURL($process, $error, $challenge)); |
|
94
|
|
|
flush(); |
|
95
|
|
|
die(); |
|
|
|
|
|
|
96
|
|
|
} |
|
97
|
|
|
|
|
98
|
|
|
|
|
99
|
|
|
/** |
|
100
|
|
|
* @return App |
|
101
|
|
|
*/ |
|
102
|
|
|
public static function get_app(): App |
|
103
|
|
|
{ |
|
104
|
|
|
if (!self::$_app) { |
|
105
|
|
|
self::$_app = new App(self::LIFEBOAT_APP_ID, self::LIFEBOAT_APP_SECRET); |
|
106
|
|
|
} |
|
107
|
|
|
|
|
108
|
|
|
return self::$_app; |
|
109
|
|
|
} |
|
110
|
|
|
} |
|
111
|
|
|
|
lifeboat-app /
php-sdk
Loading history...
In general, usage of exit should be done with care and only when running in a scripting context like a CLI script.