Last active
October 2, 2018 21:32
-
-
Save FelisPhasma/384b30f98dbdf69272953e04bc7f1d1f to your computer and use it in GitHub Desktop.
Login with GitHub OAuth API simple implementation in PHP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- other html... --> | |
| <!-- be sure to enter your own client ID below --> | |
| <a href="/path/to/login?login">login with github</a> | |
| <!-- ... --> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| # Your app callback should point to this page | |
| # You should enter your own values below on the next 3 lines: | |
| $CLIENT_ID = ""; | |
| $CLIENT_SECRET = ""; | |
| $USER_AGENT = ""; | |
| session_start(); | |
| // If there's a ?login at the end of the url then we need to direct to the authorization page | |
| if(isset($_GET["login"])) { | |
| $_SESSION["state"] = bin2hex(openssl_random_pseudo_bytes(16)); | |
| header("Location: https://github.com/login/oauth/authorize?scope=read:user&client_id=$CLIENT_ID&state=" . $_SESSION["state"]); | |
| die(); | |
| } | |
| // Otherwise we need to handle the rest of the authentication | |
| // Check that the code parameter is set | |
| if(empty($_GET["code"])) { | |
| die("Missing code."); | |
| } | |
| // Check that the state parameter is set and that it matches the state | |
| if(empty($_GET["state"])) { | |
| die("Missing state."); | |
| } else { | |
| if($_GET["state"] != $_SESSION["state"]) { | |
| die("Incorrect state."); | |
| } | |
| } | |
| // Send return and get access key | |
| $url = "https://github.com/login/oauth/access_token"; | |
| $content = http_build_query(array( | |
| "client_id" => CLIENT_ID, | |
| "client_secret" => CLIENT_SECRET, | |
| "code" => $_GET["code"], | |
| "state" => $_SESSION["state"] | |
| )); | |
| $curl = curl_init($url); | |
| curl_setopt($curl, CURLOPT_HEADER, false); | |
| curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); | |
| curl_setopt($curl, CURLOPT_HTTPHEADER, array("Accept: application/json")); | |
| curl_setopt($curl, CURLOPT_POST, true); | |
| curl_setopt($curl, CURLOPT_POSTFIELDS, $content); | |
| $json_response = curl_exec($curl); | |
| $status = curl_getinfo($curl, CURLINFO_HTTP_CODE); | |
| curl_close($curl); | |
| $response = json_decode($json_response, true); | |
| // Verify hte correct scope was granted | |
| $scopes = explode(",", $response["scope"]); | |
| if(!in_array("read:user", $scopes)) { | |
| die("Failed to aquire correct scope."); | |
| } | |
| $_SESSION["access_token"] = $response["access_token"]; | |
| unset($_SESSION["state"]); // Don't need this anymore | |
| // At this point you could redirect to your user page or homepage again: | |
| // header('Location: user.php'); | |
| // Authenticated call demo | |
| // Get user info using access token | |
| $url = "https://api.github.com/user?access_token=" . $_SESSION["access_token"]; | |
| $curl = curl_init($url); | |
| curl_setopt($curl, CURLOPT_HEADER, false); | |
| curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); | |
| curl_setopt($curl, CURLOPT_HTTPHEADER, array("Accept: application/json", "User-Agent: $USER_AGENT")); | |
| $json_response = curl_exec($curl); | |
| curl_close($curl); | |
| $response = json_decode($json_response, true); | |
| var_dump($response); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment