-
Notifications
You must be signed in to change notification settings - Fork 0
/
callback.php
118 lines (93 loc) · 3.21 KB
/
callback.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<?php
declare(strict_types = 1);
if(isset($_POST["error"])) {
header('Location: error.html?msg=login');
exit;
}
if(! (isset($_POST["code"]) && isset($_POST["state"])))
die("params invalid");
$code = $_POST["code"];
$state = $_POST["state"];
require __DIR__ . '/vendor/autoload.php';
require __DIR__ . '/dotenv-loader.php';
use \Auth0\SDK\API\Authentication;
$auth0_api = new Authentication(
getenv('AUTH0_DOMAIN'),
getenv('AUTH0_CLIENT_ID'),
getenv('AUTH0_CLIENT_SECRET'), null, null
//$guzzleOptions = ['proxy' => 'http:https://localhost:8888', 'verify' => false]
);
try {
$result = $auth0_api->code_exchange($code, getenv('AUTH0_CALLBACK_URL'));
} catch (Exception $e) {
die( $e->getMessage() );
}
$access_token = $result["access_token"];
if(!isset($access_token))
die('error in exchange');
setcookie('otp_access_token', $access_token,
[ 'expires' => time()+3600, 'path' => '/', 'secure' => false, 'httpOnly' => true, 'samesite' => 'Strict']);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Registration - Callback</title>
<script src="https://cdn.auth0.com/js/auth0/9.12.2/auth0.min.js"></script>
</head>
<body>
<h1>Few more questions</h1>
<label for="given_name">Given name:</label>
<input type="text" id="given_name" name="given_name"><br><br>
<label for="family_name">Family name:</label>
<input type="text" id="family_name" name="family_name"><br><br>
<label for="password">Password:</label>
<input type="password" id="password" name="password"><br><br>
<input type="submit" value="Create Account" onclick="submit()">
<br/><a href="index.html">Start again</a>
<script>
const auth0js = new auth0.WebAuth({
domain: "<?= getenv('AUTH0_DOMAIN') ?>",
clientID: "<?= getenv('AUTH0_CLIENT_ID') ?>",
redirectUri: "<?= getenv('SUCCESS_REDIRECT_URI') ?>",
responseType: 'id_token'
});
function create_user(given_name, family_name, password) {
let url = 'create-user.php';
let data = {
given_name: given_name,
family_name: family_name,
password: password
};
const params = {
headers: {
'content-type': 'application/json',
},
method: 'POST',
body: JSON.stringify(data)
};
fetch(url, params)
.then(data => data.json())
.then(value => {
auth0js.login({
'email' : value.email,
'password' : password,
'realm' : value.connection,
},
err => {
window.location.href = 'error.html?msg=' + err.error;
}
);
})
.catch(err => console.log('error in create-user call: ' + err));
}
function submit() {
let given_name = document.getElementById('given_name').value;
let family_name = document.getElementById('family_name').value;
let password = document.getElementById('password').value;
create_user(given_name, family_name, password);
}
</script>
</body>
</html>