oauth-yandex.php
См. документацию.
1 <?php
2 
3 /**
4  * @file
5  * @brief обработчик oauth авторизации через яндекс
6  */
7 
8 isset($user) or require $_SERVER['DOCUMENT_ROOT'] . '/page/404.php';
9 
10 
11 if (isset($_POST['action'])) {
12  $params = array(
13  'client_id' => Wrong\Start\Env::$e->YANDEX_OAUTH_CLIENT_ID,
14  'redirect_uri' => 'https://' . Wrong\Start\Env::$e->HTTP_HOST . '/api/action/' . $basename,
15  'response_type' => 'code',
16  'state' => '123'
17  );
18 
19  $url = 'https://oauth.yandex.ru/authorize?' . urldecode(http_build_query($params));
20  exit("
21  if (!window.open('$url','oauth','left='+Math.ceil((window.screen.width - 800)/2)+', top='+Math.ceil((window.screen.height-600)/2)+', width=800, height=600')) {
22  location.href='$url';
23  }
24  ");
25 }
26 
27 if (!empty($_GET['code'])) {
28  $params = array(
29  'client_id' => Wrong\Start\Env::$e->YANDEX_OAUTH_CLIENT_ID,
30  'client_secret' => Wrong\Start\Env::$e->YANDEX_OAUTH_CLIENT_SECRET,
31  'grant_type' => 'authorization_code',
32  'code' => $_GET['code']
33  );
34 
35  $ch = curl_init('https://oauth.yandex.ru/token');
36  curl_setopt($ch, CURLOPT_POST, 1);
37  curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
38  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
39  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
40  curl_setopt($ch, CURLOPT_HEADER, false);
41  $data = curl_exec($ch);
42  curl_close($ch);
43 
44  $data = json_decode($data, true);
45  if (!empty($data['access_token'])) {
46  $ch = curl_init('https://login.yandex.ru/info');
47  curl_setopt($ch, CURLOPT_POST, 1);
48  curl_setopt($ch, CURLOPT_POSTFIELDS, array('format' => 'json'));
49  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Authorization: OAuth ' . $data['access_token']));
50  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
51  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
52  curl_setopt($ch, CURLOPT_HEADER, false);
53  $info = curl_exec($ch);
54  curl_close($ch);
55 
56  $info = json_decode($info, true);
57 
58  if (!empty($info['default_email'])) {
59  if ($user = Wrong\Auth\User::match($info['default_email'])) {
60  Wrong\Auth\User::session($user->id);
61  $user = new Wrong\Auth\User($user->id);
62  $user->set_confirm(1);
63  } else {
64  if ($id = Wrong\Auth\User::session(Wrong\Models\Users::create($info['default_email'], substr(str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890'), 0, 10), Wrong\Start\Env::$e->GROUPS_USERS, Wrong\Start\Env::$e->OWNER_GROUP_USERS))) {
65  $user = new Wrong\Auth\User($id);
66  $user->set_confirm(1);
67  Wrong\Task\Stackjs::add('$(function(){successToast("Приятной работы в системе!");});', 2, 'sign-up');
68  }
69  }
70  if ($user->access()->page('/system')) {
71  exit('<!DOCTYPE html><html lang="en"><head><title>...</title></head><body><script>if(window.opener){window.opener.location.href="/system";window.close();}else{location.href="/system";}</script></body></html>');
72  } else {
73  exit('<!DOCTYPE html><html lang="en"><head><title>...</title></head><body><script>if(window.opener){window.opener.location.reload();window.close();}else{location.href="/";}</script></body></html>');
74  }
75  }
76  }
77 }
$_POST
$_POST['groups']
Definition: add-action.php:16
$data
if(! $response->_meta) $data
Definition: anycomment.php:18
Wrong\Auth\User
User отвечает за работу с данными пользователя
Definition: User.php:21
Wrong\Auth\User\session
static session($init_id=0)
Definition: User.php:222
Wrong\Task\Stackjs\add
static add($code, $timeout=0, $key='')
Definition: Stackjs.php:25
$user
$user
Definition: from-user.php:38
$_SERVER
setcookie('FROM_UID', $uid, [ 'expires'=> time()+31536000, 'path'=> '/', 'domain'=> $_SERVER['HTTP_HOST'], 'secure'=> Wrong\Start\Env::$e->IS_SECURE, 'httponly'=> false, 'samesite'=> Wrong\Start\Env::$e->IS_SECURE ? 'None' :'Lax']) or setcookie('FROM_UID' $_SERVER['HTTP_HOST']
Definition: from-user.php:36
exit
if(($dbh=Connect::getInstance(true) ->dbh) && $dbh->query("SHOW TABLES") ->fetchAll() && $dbh->query("SELECT COUNT(*) FROM `users`") ->fetchColumn()) if(!empty($_POST)) exit
Definition: install.php:198