These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | require dirname(__DIR__) . '/vendor/autoload.php'; |
||
4 | |||
5 | session_start(); |
||
6 | |||
7 | // Create a server instance. Provide your trello app identifier and secret. |
||
8 | $server = new \League\OAuth1\Client\Server\Trello([ |
||
9 | 'identifier' => '', |
||
10 | 'secret' => '', |
||
11 | 'callbackUri' => 'http://localhost:9000/', |
||
12 | // The following can be used to set defaults for the server |
||
13 | 'scope' => 'read,write,account', |
||
14 | 'expiration' => '1day', |
||
15 | 'name' => 'Trello App' |
||
16 | ]); |
||
17 | |||
18 | // Create some basic UI help |
||
19 | function display($data, $fullWidth = true) { |
||
20 | if ($fullWidth) { |
||
21 | echo '<pre style="background: #efefef; margin: 1%; padding: 1%;">'; |
||
22 | } else { |
||
23 | echo '<pre style="background: #efefef; margin: 1%; padding: 1%; width: 46%; float: left; clear: none;">'; |
||
24 | } |
||
25 | |||
26 | var_dump($data); |
||
1 ignored issue
–
show
Security
Debugging Code
introduced
by
Loading history...
|
|||
27 | |||
28 | echo '</pre>'; |
||
29 | }; |
||
30 | |||
31 | // Obtain Temporary Credentials and User Authorization |
||
32 | if (!isset($_GET['oauth_token'], $_GET['oauth_verifier'])) { |
||
33 | |||
34 | if (!isset($_GET['start'])) { |
||
35 | echo '<a href="/?start=true">Login</a>'; |
||
36 | } else { |
||
37 | |||
38 | // First part of OAuth 1.0 authentication is to |
||
39 | // obtain Temporary Credentials. |
||
40 | $temporaryCredentials = $server->getTemporaryCredentials(); |
||
41 | |||
42 | // Store credentials in the session, we'll need them later |
||
43 | $_SESSION['temporary_credentials'] = serialize($temporaryCredentials); |
||
44 | session_write_close(); |
||
45 | |||
46 | // Second part of OAuth 1.0 authentication is to obtain User Authorization |
||
47 | // by redirecting the resource owner to the login screen on the server. |
||
48 | // Create an authorization url. |
||
49 | $authorizationUrl = $server->getAuthorizationUrl($temporaryCredentials); |
||
50 | |||
51 | // Redirect the user to the authorization URL. The user will be redirected |
||
52 | // to the familiar login screen on the server, where they will login to |
||
53 | // their account and authorize your app to access their data. |
||
54 | header('Location: ' . $authorizationUrl); |
||
55 | exit; |
||
56 | } |
||
57 | |||
58 | // Obtain Token Credentials |
||
59 | } else { |
||
60 | try { |
||
61 | |||
62 | // Add a link to reset the flow |
||
63 | echo '<a href="/">Reset</a>'; |
||
64 | |||
65 | // Retrieve the temporary credentials we saved before. |
||
66 | $temporaryCredentials = unserialize($_SESSION['temporary_credentials']); |
||
67 | |||
68 | // We will now obtain Token Credentials from the server. |
||
69 | $tokenCredentials = $server->getTokenCredentials( |
||
70 | $temporaryCredentials, |
||
71 | $_GET['oauth_token'], |
||
72 | $_GET['oauth_verifier'] |
||
73 | ); |
||
74 | |||
75 | // We have token credentials, which we may use in authenticated |
||
76 | // requests against the service provider's API. Let's look at them. |
||
77 | display( $tokenCredentials->getIdentifier() ); |
||
78 | display( $tokenCredentials->getSecret() ); |
||
79 | |||
80 | |||
81 | // Using the access token, we may look up details about the |
||
82 | // resource owner. |
||
83 | $resourceOwner = $server->getResourceOwner($tokenCredentials); |
||
84 | |||
85 | // Let's view the details about the resource owner. |
||
86 | display( $resourceOwner->toArray(), false ); |
||
87 | |||
88 | // The server provides a way to get an authenticated API request for |
||
89 | // the service, using the access token; it returns an object conforming |
||
90 | // to Psr\Http\Message\RequestInterface. |
||
91 | // |
||
92 | // Let's create a request to retrieve the details of the |
||
93 | // resource owner's boards. |
||
94 | $request = $server->getAuthenticatedRequest( |
||
95 | 'GET', |
||
96 | 'https://api.trello.com/1/members/me/boards', |
||
97 | $tokenCredentials |
||
98 | ); |
||
99 | |||
100 | $response = $server->getHttpClient()->send($request); |
||
101 | |||
102 | $json = (string) $response->getBody(); |
||
103 | |||
104 | $payload = json_decode($json); |
||
105 | |||
106 | // Let's view the details of the resource owner's boards. |
||
107 | display( $payload, false ); |
||
108 | |||
109 | } catch (\League\OAuth1\Client\Exceptions\Exception $e) { |
||
110 | |||
111 | // Failed to get the token credentials or user details. |
||
112 | exit($e->getMessage()); |
||
113 | |||
114 | } |
||
115 | |||
116 | } |
||
117 |