From e6624d81c4ccfb9f8aad62f72b007880dc08eabb Mon Sep 17 00:00:00 2001
From: Robert Kaiser <kairo@kairo.at>
Date: Fri, 30 Sep 2016 16:46:09 +0200
Subject: [PATCH] add example files to auth server

---
 authorize.php | 39 +++++++++++++++++++++++++++++++++++++++
 resource.php  | 18 ++++++++++++++++++
 server.php    | 31 +++++++++++++++++++++++++++++++
 token.php     | 14 ++++++++++++++
 4 files changed, 102 insertions(+)
 create mode 100644 authorize.php
 create mode 100644 resource.php
 create mode 100644 server.php
 create mode 100644 token.php

diff --git a/authorize.php b/authorize.php
new file mode 100644
index 0000000..23c9308
--- /dev/null
+++ b/authorize.php
@@ -0,0 +1,39 @@
+<?php
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// Simple server based on https://bshaffer.github.io/oauth2-server-php-docs/cookbook
+
+// include our OAuth2 Server object
+require_once __DIR__.'/server.php';
+
+$request = OAuth2\Request::createFromGlobals();
+$response = new OAuth2\Response();
+
+// validate the authorize request
+if (!$server->validateAuthorizeRequest($request, $response)) {
+    $response->send();
+    die;
+}
+// display an authorization form
+if (empty($_POST)) {
+  exit('
+<form method="post">
+  <label>Do You Authorize TestClient?</label><br />
+  <input type="submit" name="authorized" value="yes">
+  <input type="submit" name="authorized" value="no">
+</form>');
+}
+
+// print the authorization code if the user has authorized your client
+$is_authorized = ($_POST['authorized'] === 'yes');
+$server->handleAuthorizeRequest($request, $response, $is_authorized);
+if ($is_authorized) {
+  // this is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client
+  $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
+  exit("SUCCESS! Authorization Code: $code");
+}
+$response->send();
+
+?>
diff --git a/resource.php b/resource.php
new file mode 100644
index 0000000..fdd5a91
--- /dev/null
+++ b/resource.php
@@ -0,0 +1,18 @@
+<?php
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// Simple server based on https://bshaffer.github.io/oauth2-server-php-docs/cookbook
+
+// include our OAuth2 Server object
+require_once __DIR__.'/server.php';
+
+// Handle a request to a resource and authenticate the access token
+if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
+    $server->getResponse()->send();
+    die;
+}
+echo json_encode(array('success' => true, 'message' => 'You accessed my APIs!'));
+
+?>
diff --git a/server.php b/server.php
new file mode 100644
index 0000000..20f22b0
--- /dev/null
+++ b/server.php
@@ -0,0 +1,31 @@
+<?php
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// Simple server based on https://bshaffer.github.io/oauth2-server-php-docs/cookbook
+
+$dsn      = 'mysql:dbname=kairo_at_auth;host=localhost';
+$username = 'kairo_at_auth';
+$password = '6z0KIuUsHJhgD5rB';
+
+// error reporting (this is a demo, after all!)
+ini_set('display_errors',1);error_reporting(E_ALL);
+
+// Autoloading (composer is preferred, but for this example let's just do this)
+require_once('../oauth2-server-php/src/OAuth2/Autoloader.php');
+OAuth2\Autoloader::register();
+
+// $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"
+$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
+
+// Pass a storage object or array of storage objects to the OAuth2 server class
+$server = new OAuth2\Server($storage);
+
+// Add the "Client Credentials" grant type (it is the simplest of the grant types)
+$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
+
+// Add the "Authorization Code" grant type (this is where the oauth magic happens)
+$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
+
+?>
diff --git a/token.php b/token.php
new file mode 100644
index 0000000..31bb0cc
--- /dev/null
+++ b/token.php
@@ -0,0 +1,14 @@
+<?php
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// Simple server based on https://bshaffer.github.io/oauth2-server-php-docs/cookbook
+
+// include our OAuth2 Server object
+require_once __DIR__.'/server.php';
+
+// Handle a request for an OAuth2.0 Access Token and send the response to the client
+$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
+
+?>
-- 
2.35.3