This repository has been archived by the owner on Apr 29, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 63
/
oauth.php
96 lines (67 loc) · 1.71 KB
/
oauth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
<?php
$dir = dirname(__FILE__);
include("$dir/lib/init.php");
#
# exchange the code for a token
#
$params = array(
'client_id' => $cfg['client_id'],
'client_secret' => $cfg['client_secret'],
'code' => $_GET['code'],
'redirect_uri' => "{$cfg['root_url']}oauth.php",
);
if ($_GET['debug']) $params['redirect_uri'] .= '?debug=1';
$url = $cfg['slack_root']."api/oauth.access";
$ret = SlackHTTP::post($url, $params);
if ($ret['ok'] && $ret['code'] == '200'){
$obj = json_decode($ret['body'], true);
if ($obj['ok']){
$token = $obj['access_token'];
}else{
echo "problem with oauth.access call";
dumper($obj);
exit;
}
}else{
echo "problem with oauth.access call";
dumper($ret);
exit;
}
if ($_GET['debug']){
echo "debug mode:";
dumper($obj);
exit;
}
#
# fetch user info
#
$url = $cfg['slack_root']."api/auth.test?token={$token}";
$ret = SlackHTTP::get($url);
if ($ret['ok'] && $ret['code'] == '200'){
$obj = json_decode($ret['body'], true);
}else{
echo "problem with auth.test call";
dumper($ret);
exit;
}
$info = $obj;
unset($info['ok']);
$info['access_token'] = $token;
$info['secret'] = substr(md5(rand()), 0, 10);
$cookie = $info['user_id'].'-'.$info['secret'];
$expire = time() + (365 * 24 * 60 * 60);
setcookie($cfg['cookie_name'], $cookie, $expire, $cfg['cookie_path'], $cfg['cookie_domain'], isset($_SERVER["HTTPS"]), true);
$data->set('users', $info['user_id'], $info);
#
# is this the first use?
#
$team = $data->get('metadata', 'team');
if (!$team['id']){
$data->set('metadata', 'team', array(
'id' => $info['team_id'],
'name' => $info['team'],
'token' => $info['access_token'],
));
}
header("location: ./");
exit;