* Adapted from Oauth2-server-php cookbook
* @see http://bshaffer.github.io/oauth2-server-php-docs/cookbook/
*/
// include our OAuth2 Server object
require_once __DIR__.'/server.php';
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
// If user has clicked on "not me" link, disconnect him by cleaning PHP SESSION variables.
if ($_POST['disconnect']) {
$_SESSION=array();
}
// Validate the authorize request
if (!$server->validateAuthorizeRequest($request, $response)) {
$response->send();
die;
}
// If user is not yet authenticated, he is redirected.
if (!isset($_SESSION['uid']))
{
// Store the authorize request
$explode_url=explode("/", strip_tags(trim($_SERVER['REQUEST_URI'])));
$_SESSION['auth_page']=end($explode_url);
header('Location: index.php');
exit();
}
// Check if user has already authorized oauth to share data with Mattermost. In this case, user should exist in 'user' table.
if ($server->userExists($_SESSION['uid'])) {
// Bypass authorize form, continue Oauth process.
$server->handleAuthorizeRequest($request, $response, true, $_SESSION['uid']);
}
// Display an authorization form
else if (empty($_POST)) {
exit('
Authorisation Mattermost
Mattermost desires access to your LDAP data:
');
}
else {
// Print the authorization code if the user has authorized your client
$is_authorized = ($_POST['authorized'] === 'Authorize');
$server->handleAuthorizeRequest($request, $response, $is_authorized, $_SESSION['uid']);
}
if ($is_authorized)
{
// This is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client
$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
header('Location: ' . $response->getHttpHeader('Location'));
exit();
}
// Send message in case of error
$response->send();