+ function getOAuthServer() {
+ // Simple server based on https://bshaffer.github.io/oauth2-server-php-docs/cookbook
+
+ // dbata needs to be set and be an associative array with the members 'dsn', 'username', and 'password'.
+ // dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"
+ $oauth2_storage = new OAuth2\Storage\Pdo($this->settings['dbdata']);
+
+ // Set configuration
+ $oauth2_config = array(
+ 'require_exact_redirect_uri' => false,
+ 'always_issue_new_refresh_token' => true, // Needs to be handed below as well as there it's not constructed from within the server object.
+ 'refresh_token_lifetime' => 90*24*3600,
+ );
+
+ // Pass a storage object or array of storage objects to the OAuth2 server class
+ $server = new OAuth2\Server($oauth2_storage, $oauth2_config);
+
+ // Add the "Client Credentials" grant type (it is the simplest of the grant types)
+ //$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
+
+ // Add the "Authorization Code" grant type (this is where the oauth magic happens)
+ $server->addGrantType(new OAuth2\GrantType\AuthorizationCode($oauth2_storage));
+
+ // Add the "Refresh Token" grant type (required to get longer-living resource access by generating new access tokens)
+ $server->addGrantType(new OAuth2\GrantType\RefreshToken($oauth2_storage, array('always_issue_new_refresh_token' => true)));
+
+ return $server;
+ }
+
+ function initHTMLDocument($titletext, $headlinetext = null) {
+ global $settings;
+ if (is_null($headlinetext)) { $headlinetext = $titletext; }
+ // Start HTML document as a DOM object.
+ extract(ExtendedDocument::initHTML5()); // sets $document, $html, $head, $title, $body
+ $document->formatOutput = true; // we want a nice output
+
+ $style = $head->appendElement('link');
+ $style->setAttribute('rel', 'stylesheet');
+ $style->setAttribute('href', 'authsystem.css');
+ $head->appendJSFile('authsystem.js');
+ if ($settings['piwik_enabled']) {
+ $head->setAttribute('data-piwiksite', $settings['piwik_site_id']);
+ $head->setAttribute('data-piwikurl', $settings['piwik_url']);
+ $head->appendJSFile('piwik.js', true, true);
+ }
+ $title->appendText($titletext);
+ $h1 = $body->appendElement('h1', $headlinetext);
+
+ if ($settings['piwik_enabled']) {
+ // Piwik noscript element
+ $noscript = $body->appendElement('noscript');
+ $para = $noscript->appendElement('p');
+ $img = $para->appendImage($settings['piwik_url'].'piwik.php?idsite='.$settings['piwik_site_id']);
+ $img->setAttribute('style', 'border:0;');
+ }
+
+ // Make the document not be scaled on mobile devices.
+ $vpmeta = $head->appendElement('meta');
+ $vpmeta->setAttribute('name', 'viewport');
+ $vpmeta->setAttribute('content', 'width=device-width, height=device-height');
+
+ $para = $body->appendElement('p', _('This login system does not work without JavaScript. Please activate JavaScript for this site to log in.'));
+ $para->setAttribute('id', 'jswarning');
+ $para->setAttribute('class', 'warn');
+
+ return array('document' => $document,
+ 'html' => $html,
+ 'head' => $head,
+ 'title' => $title,
+ 'body' => $body);
+ }
+