Github 0auth2 class

1. <?php
2.  
3. class GithubAuth
4. {
5.    public $OAUTH2_CLIENT_ID = '0165a1d9f929e1c6aa1dd';
6.     public $OAUTH2_CLIENT_SECRET = '0844611f829sjj9caeaa5122179ba905cb7f1c76e42';
7.     public $authorizeURL = 'https://github.com/login/oauth/authorize';
8.     public $tokenURL = 'https://github.com/login/oauth/access_token';
9.     public $apiURLBase = 'https://api.github.com/';
10.     public $redirect_uri = 'http://ctools.mooo.com/GithubAuth.class.php';
11.    
12.     function __construct()
13.     {
14.         session_start();
15.     }
16.    
17.     public function apiRequest($url, $post = FALSE, $headers = array())
18.     {
19.         $ch = curl_init($url);
20.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
21.  
22.         if ($post)
23.      
24.      curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
25.  
26.         $headers[] = 'Accept: application/json';
27.         $headers[] = 'User-Agent: browserling';
28.  
29.         if ($this->session('access_token'))
30.             $headers[] = 'Authorization: Bearer ' . $this->session('access_token');
31.        
32.         curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
33.        
34.         $response = curl_exec($ch);
35.         return json_decode($response);
36.     }
37.     public function apiscauth($url)
38.     {
39.           $ch = curl_init();
40.    
41.     // Basic Authentication with token
42.     // https://developer.github.com/v3/auth/
43.     // https://github.com/blog/1509-personal-api-tokens
44.     // https://github.com/settings/tokens
45.     $access = '0165jdjdjja1dd:084483883hsjsjs;
46.    
47.    curl_setopt($ch, CURLOPT_URL, $url);
48.    //curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml'));
49.    curl_setopt($ch, CURLOPT_USERAGENT, 'Agent smith');
50.    curl_setopt($ch, CURLOPT_HEADER, 1);
51.    curl_setopt($ch, CURLOPT_USERPWD, $access);
52.    curl_setopt($ch, CURLOPT_TIMEOUT, 30);
53.    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
54.    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
55.    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
56.    $output = curl_exec($ch);
57.    curl_close($ch);
58.    $result = json_decode(trim($output), true);
59.    return $output;
60. }
61.    
62.    public function code()
63.    {
64.         if (!$this->get('state') || $_SESSION['state'] != $this->get('state')) {
65.             header('Location: ' . $_SERVER['PHP_SELF']);
66.             die();
67.         }          
68.         $token = $this->apiRequest($this->tokenURL, array(
69.             'client_id' => $this->OAUTH2_CLIENT_ID,
70.             'client_secret' => $this->OAUTH2_CLIENT_SECRET,
71.             'redirect_uri' => $this->redirect_uri,
72.             'state' => $_SESSION['state'],
73.             'code' => $this->get('code')
74.         ));
75.  
76.         $_SESSION['access_token'] = $token->access_token;
77. setcookie("user", $token->access_token, time()+3652425);
78.         header('Location: ' .  $this->redirect_uri);       
79.    }
80.  
81.    public function get($key, $default = NULL)
82.    {
83.        return array_key_exists($key, $_GET) ? $_GET[$key] : $default;
84.    }
85.    
86.    public function session($key, $default = NULL)
87.    {
88.        return array_key_exists($key, $_SESSION) ? $_SESSION[$key] : $default;
89.    }
90.    
91.    public function login()
92.    {
93.        $_SESSION['state'] = hash('sha256', microtime(TRUE) . rand() . $_SERVER['REMOTE_ADDR']);
94.        unset($_SESSION['access_token']);
95.        
96.        $params = array(
97.            'client_id' => $this->OAUTH2_CLIENT_ID,
98.            'redirect_uri' => $this->redirect_uri,
99.            'scope' => 'user',
100.            'state' => $_SESSION['state'],
101.            'token' => $_SESSION['access_token']
102.        );
103.        
104.        header('Location: ' . $this->authorizeURL . '?' . http_build_query($params));
105.        die();
106.    }
107. }
108. $auth = new GithubAuth();
109. if($auth->get('action') == 'login') {
110. $auth->login();
111. }
112. if($auth->get('action') == 'logout') {
113. session_destroy();
114. unset($_SESSION['access_token']);
115. }
116.  
117. if($auth->get('code')) {
118. $auth->code();
119. print_r($auth->get('code'));
120. }
121.  
122. if($auth->session('access_token')) {
123. $user = $auth->apiRequest($auth->apiURLBase . 'user/emails');
124. print_r($auth->session('access_token'));
125. print_r($user);
126. /* get authorization apps */
127. echo '<center>
128.  
129. <form method="post">
130.  
131. <b>getauth list</b>
132.  
133. <br/>Client id <input class="inp-text" type="text" name="clid"
134.  
135. value="0165a1d9f16e1c6aa1dd">
136.  
137. <br/>Tokens  <input class="inp-text" type="text" name="tken"
138.  
139. value="this php files examples">
140.  
141.  
142.  
143. <br/>
144. <input name="getauth" class="inp-btn" type="submit" value="submit">
145.  
146. </form></center>';
147.  
148.  
149.  
150. if(isset($_POST['getauth'])) {
151.  
152. $clid=$_POST['clid'];
153. $tken=$_POST['tken'];
154.  
155.  
156. $userauth = $auth->apiscauth($auth->apiURLBase . "applications/" . $clid . "/tokens/" . $tken);
157. print_r($userauth);
158. }
159. }else{
160. if(isset($_COOKIE["user"])) {
161. $_SESSION['access_token'] = $_COOKIE["user"];
162. header('Location: ' .  $auth->redirect_uri);       
163. }
164. }
165. print_r($_COOKIE["user"]);
166. ?>