TODO: lire les documentation officielles provenant des 4 plate-formes tranquillement afin de ccomprendre commet doit on tester ces type d'auth quitte a créé un sous domaine particulier directement hebergé sur gittea
-->Sécuriser le serveur de dev
... | ... |
@@ -3,7 +3,7 @@ |
3 | 3 |
* A simple example that shows how to use multiple providers, opening provider authentication in a pop-up. |
4 | 4 |
*/ |
5 | 5 |
|
6 |
-use Hybridauth\Hybridauth; |
|
6 |
+use MVC\Classe\Dumper; |
|
7 | 7 |
|
8 | 8 |
require CONFIG_PATH . DIRECTORY_SEPARATOR . "authentification-config-example.php"; |
9 | 9 |
|
... | ... |
@@ -20,9 +20,9 @@ try { |
20 | 20 |
// Validate provider exists in the $config |
21 | 21 |
if (in_array($url_params['provider'], $hybridauth->getProviders())) { |
22 | 22 |
// Store the provider for the callback event |
23 |
- $storage->set('provider', $_GET['provider']); |
|
23 |
+ $storage->set('provider', $url_params['provider']); |
|
24 | 24 |
} else { |
25 |
- $error = $_GET['provider']; |
|
25 |
+ $error = $url_params['provider']; |
|
26 | 26 |
} |
27 | 27 |
} |
28 | 28 |
|
... | ... |
@@ -42,7 +42,7 @@ try { |
42 | 42 |
// |
43 | 43 |
// Handle invalid provider errors |
44 | 44 |
// |
45 |
- if ($error) { |
|
45 |
+ if ($error !== false) { |
|
46 | 46 |
error_log('HybridAuth Error: Provider ' . json_encode($error) . ' not found or not enabled in $config'); |
47 | 47 |
// Close the pop-up window |
48 | 48 |
echo " |
... | ... |
@@ -56,22 +56,32 @@ try { |
56 | 56 |
// |
57 | 57 |
// Event 3: Provider returns via CALLBACK |
58 | 58 |
// |
59 |
- if ($provider = $storage->get('provider')) { |
|
59 |
+ if ($url_params['provider'] = $storage->get('provider')) { |
|
60 | 60 |
|
61 |
- $hybridauth->authenticate($provider); |
|
61 |
+ $hybridauth->authenticate($url_params['provider']); |
|
62 |
+ |
|
63 |
+ die('OK!'); |
|
62 | 64 |
$storage->set('provider', null); |
63 | 65 |
|
64 | 66 |
// Retrieve the provider record |
65 |
- $adapter = $hybridauth->getAdapter($provider); |
|
66 |
- $userProfile = $adapter->getUserProfile(); |
|
67 |
- $accessToken = $adapter->getAccessToken(); |
|
67 |
+ $adapter = $hybridauth->getAdapter($url_params['provider']); |
|
68 |
+ |
|
69 |
+ Dumper::dump($adapter->getUserProfile()); |
|
70 |
+ Dumper::dump($adapter->getAccessToken()); |
|
71 |
+ |
|
72 |
+ |
|
73 |
+ \MVC\Classe\Session::start(); |
|
74 |
+ \MVC\Classe\Session::setUserProfile($adapter->getUserProfile()); |
|
75 |
+ \MVC\Classe\Session::setToken($adapter->getAccessToken()); |
|
68 | 76 |
|
69 | 77 |
// Close pop-up window |
70 |
- echo " |
|
78 |
+ echo <<<EOD |
|
79 |
+ |
|
71 | 80 |
<script> |
72 |
- window.opener.location.reload(); |
|
73 |
- window.close(); |
|
74 |
- </script>"; |
|
81 |
+ window.opener.location.assign('compte'); |
|
82 |
+ self.close(); |
|
83 |
+ </script> |
|
84 |
+EOD; |
|
75 | 85 |
|
76 | 86 |
} |
77 | 87 |
|
TODO: aller chercher les token et les id des authentifcation pour google, github, facebook, twitter ... Reste a tester et à décider pour les autres types d'authentification.
Emmanuel ROY authored on 26/09/2019 04:27:051 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,81 @@ |
1 |
+<?php |
|
2 |
+/** |
|
3 |
+ * A simple example that shows how to use multiple providers, opening provider authentication in a pop-up. |
|
4 |
+ */ |
|
5 |
+ |
|
6 |
+use Hybridauth\Hybridauth; |
|
7 |
+ |
|
8 |
+require CONFIG_PATH . DIRECTORY_SEPARATOR . "authentification-config-example.php"; |
|
9 |
+ |
|
10 |
+try { |
|
11 |
+ |
|
12 |
+ $hybridauth = new Hybridauth\Hybridauth($config); |
|
13 |
+ $storage = new Hybridauth\Storage\Session(); |
|
14 |
+ $error = false; |
|
15 |
+ |
|
16 |
+ // |
|
17 |
+ // Event 1: User clicked SIGN-IN link |
|
18 |
+ // |
|
19 |
+ if (isset($url_params['provider'])) { |
|
20 |
+ // Validate provider exists in the $config |
|
21 |
+ if (in_array($url_params['provider'], $hybridauth->getProviders())) { |
|
22 |
+ // Store the provider for the callback event |
|
23 |
+ $storage->set('provider', $_GET['provider']); |
|
24 |
+ } else { |
|
25 |
+ $error = $_GET['provider']; |
|
26 |
+ } |
|
27 |
+ } |
|
28 |
+ |
|
29 |
+ // |
|
30 |
+ // Event 2: User clicked LOGOUT link |
|
31 |
+ // |
|
32 |
+ if (isset($url_params['logout'])) { |
|
33 |
+ if (in_array($url_params['logout'], $hybridauth->getProviders())) { |
|
34 |
+ // Disconnect the adapter |
|
35 |
+ $adapter = $hybridauth->getAdapter($url_params['logout']); |
|
36 |
+ $adapter->disconnect(); |
|
37 |
+ } else { |
|
38 |
+ $error = $url_params['logout']; |
|
39 |
+ } |
|
40 |
+ } |
|
41 |
+ |
|
42 |
+ // |
|
43 |
+ // Handle invalid provider errors |
|
44 |
+ // |
|
45 |
+ if ($error) { |
|
46 |
+ error_log('HybridAuth Error: Provider ' . json_encode($error) . ' not found or not enabled in $config'); |
|
47 |
+ // Close the pop-up window |
|
48 |
+ echo " |
|
49 |
+ <script> |
|
50 |
+ window.opener.location.reload(); |
|
51 |
+ window.close(); |
|
52 |
+ </script>"; |
|
53 |
+ exit; |
|
54 |
+ } |
|
55 |
+ |
|
56 |
+ // |
|
57 |
+ // Event 3: Provider returns via CALLBACK |
|
58 |
+ // |
|
59 |
+ if ($provider = $storage->get('provider')) { |
|
60 |
+ |
|
61 |
+ $hybridauth->authenticate($provider); |
|
62 |
+ $storage->set('provider', null); |
|
63 |
+ |
|
64 |
+ // Retrieve the provider record |
|
65 |
+ $adapter = $hybridauth->getAdapter($provider); |
|
66 |
+ $userProfile = $adapter->getUserProfile(); |
|
67 |
+ $accessToken = $adapter->getAccessToken(); |
|
68 |
+ |
|
69 |
+ // Close pop-up window |
|
70 |
+ echo " |
|
71 |
+ <script> |
|
72 |
+ window.opener.location.reload(); |
|
73 |
+ window.close(); |
|
74 |
+ </script>"; |
|
75 |
+ |
|
76 |
+ } |
|
77 |
+ |
|
78 |
+} catch (Exception $e) { |
|
79 |
+ error_log($e->getMessage()); |
|
80 |
+ echo $e->getMessage(); |
|
81 |
+} |