From 5c7f2f17f9c471d306955df457c7cab4e5c6ed3b Mon Sep 17 00:00:00 2001 From: Snap Date: Thu, 16 Apr 2015 14:51:26 -0700 Subject: Google's OpenID Connect method $google_client_id & $google_client_secret must be added to db.inc.php! --- .../examples/idtoken.php | 107 +++++++++++++++++++++ 1 file changed, 107 insertions(+) create mode 100644 includes/google-api-php-client-master/examples/idtoken.php (limited to 'includes/google-api-php-client-master/examples/idtoken.php') diff --git a/includes/google-api-php-client-master/examples/idtoken.php b/includes/google-api-php-client-master/examples/idtoken.php new file mode 100644 index 0000000..af21b8d --- /dev/null +++ b/includes/google-api-php-client-master/examples/idtoken.php @@ -0,0 +1,107 @@ +'; +$client_secret = ''; +$redirect_uri = ''; + +$client = new Google_Client(); +$client->setClientId($client_id); +$client->setClientSecret($client_secret); +$client->setRedirectUri($redirect_uri); +$client->setScopes('email'); + +/************************************************ + If we're logging out we just need to clear our + local access token in this case + ************************************************/ +if (isset($_REQUEST['logout'])) { + unset($_SESSION['access_token']); +} + +/************************************************ + If we have a code back from the OAuth 2.0 flow, + we need to exchange that with the authenticate() + function. We store the resultant access token + bundle in the session, and redirect to ourself. + ************************************************/ +if (isset($_GET['code'])) { + $client->authenticate($_GET['code']); + $_SESSION['access_token'] = $client->getAccessToken(); + $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; + header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL)); +} + +/************************************************ + If we have an access token, we can make + requests, else we generate an authentication URL. + ************************************************/ +if (isset($_SESSION['access_token']) && $_SESSION['access_token']) { + $client->setAccessToken($_SESSION['access_token']); +} else { + $authUrl = $client->createAuthUrl(); +} + +/************************************************ + If we're signed in we can go ahead and retrieve + the ID token, which is part of the bundle of + data that is exchange in the authenticate step + - we only need to do a network call if we have + to retrieve the Google certificate to verify it, + and that can be cached. + ************************************************/ +if ($client->getAccessToken()) { + $_SESSION['access_token'] = $client->getAccessToken(); + $token_data = $client->verifyIdToken()->getAttributes(); +} + +echo pageHeader("User Query - Retrieving An Id Token"); +if (strpos($client_id, "googleusercontent") == false) { + echo missingClientSecretsWarning(); + exit; +} +?> +
+
+Connect Me!"; +} else { + echo "Logout"; +} +?> +
+ +
+ +
+
+