Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame^] | 1 | <?php |
| 2 | /** |
| 3 | * PHPMailer - PHP email creation and transport class. |
| 4 | * PHP Version 5.5 |
| 5 | * @package PHPMailer |
| 6 | * @see https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project |
| 7 | * @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk> |
| 8 | * @author Jim Jagielski (jimjag) <jimjag@gmail.com> |
| 9 | * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net> |
| 10 | * @author Brent R. Matzelle (original founder) |
| 11 | * @copyright 2012 - 2017 Marcus Bointon |
| 12 | * @copyright 2010 - 2012 Jim Jagielski |
| 13 | * @copyright 2004 - 2009 Andy Prevost |
| 14 | * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License |
| 15 | * @note This program is distributed in the hope that it will be useful - WITHOUT |
| 16 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 17 | * FITNESS FOR A PARTICULAR PURPOSE. |
| 18 | */ |
| 19 | /** |
| 20 | * Get an OAuth2 token from an OAuth2 provider. |
| 21 | * * Install this script on your server so that it's accessible |
| 22 | * as [https/http]://<yourdomain>/<folder>/get_oauth_token.php |
| 23 | * e.g.: http://localhost/phpmailer/get_oauth_token.php |
| 24 | * * Ensure dependencies are installed with 'composer install' |
| 25 | * * Set up an app in your Google/Yahoo/Microsoft account |
| 26 | * * Set the script address as the app's redirect URL |
| 27 | * If no refresh token is obtained when running this file, |
| 28 | * revoke access to your app and run the script again. |
| 29 | */ |
| 30 | |
| 31 | namespace PHPMailer\PHPMailer; |
| 32 | |
| 33 | /** |
| 34 | * Aliases for League Provider Classes |
| 35 | * Make sure you have added these to your composer.json and run `composer install` |
| 36 | * Plenty to choose from here: |
| 37 | * @see http://oauth2-client.thephpleague.com/providers/thirdparty/ |
| 38 | */ |
| 39 | // @see https://github.com/thephpleague/oauth2-google |
| 40 | use League\OAuth2\Client\Provider\Google; |
| 41 | // @see https://packagist.org/packages/hayageek/oauth2-yahoo |
| 42 | use Hayageek\OAuth2\Client\Provider\Yahoo; |
| 43 | // @see https://github.com/stevenmaguire/oauth2-microsoft |
| 44 | use Stevenmaguire\OAuth2\Client\Provider\Microsoft; |
| 45 | |
| 46 | if (!isset($_GET['code']) && !isset($_GET['provider'])) { |
| 47 | ?> |
| 48 | <html> |
| 49 | <body>Select Provider:<br/> |
| 50 | <a href='?provider=Google'>Google</a><br/> |
| 51 | <a href='?provider=Yahoo'>Yahoo</a><br/> |
| 52 | <a href='?provider=Microsoft'>Microsoft/Outlook/Hotmail/Live/Office365</a><br/> |
| 53 | </body> |
| 54 | </html> |
| 55 | <?php |
| 56 | exit; |
| 57 | } |
| 58 | |
| 59 | require 'vendor/autoload.php'; |
| 60 | |
| 61 | session_start(); |
| 62 | |
| 63 | $providerName = ''; |
| 64 | |
| 65 | if (array_key_exists('provider', $_GET)) { |
| 66 | $providerName = $_GET['provider']; |
| 67 | $_SESSION['provider'] = $providerName; |
| 68 | } elseif (array_key_exists('provider', $_SESSION)) { |
| 69 | $providerName = $_SESSION['provider']; |
| 70 | } |
| 71 | if (!in_array($providerName, ['Google', 'Microsoft', 'Yahoo'])) { |
| 72 | exit('Only Google, Microsoft and Yahoo OAuth2 providers are currently supported in this script.'); |
| 73 | } |
| 74 | |
| 75 | //These details are obtained by setting up an app in the Google developer console, |
| 76 | //or whichever provider you're using. |
| 77 | $clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com'; |
| 78 | $clientSecret = 'RANDOMCHARS-----lGyjPcRtvP'; |
| 79 | |
| 80 | //If this automatic URL doesn't work, set it yourself manually to the URL of this script |
| 81 | $redirectUri = (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; |
| 82 | //$redirectUri = 'http://localhost/PHPMailer/redirect'; |
| 83 | |
| 84 | $params = [ |
| 85 | 'clientId' => $clientId, |
| 86 | 'clientSecret' => $clientSecret, |
| 87 | 'redirectUri' => $redirectUri, |
| 88 | 'accessType' => 'offline' |
| 89 | ]; |
| 90 | |
| 91 | $options = []; |
| 92 | $provider = null; |
| 93 | |
| 94 | switch ($providerName) { |
| 95 | case 'Google': |
| 96 | $provider = new Google($params); |
| 97 | $options = [ |
| 98 | 'scope' => [ |
| 99 | 'https://mail.google.com/' |
| 100 | ] |
| 101 | ]; |
| 102 | break; |
| 103 | case 'Yahoo': |
| 104 | $provider = new Yahoo($params); |
| 105 | break; |
| 106 | case 'Microsoft': |
| 107 | $provider = new Microsoft($params); |
| 108 | $options = [ |
| 109 | 'scope' => [ |
| 110 | 'wl.imap', |
| 111 | 'wl.offline_access' |
| 112 | ] |
| 113 | ]; |
| 114 | break; |
| 115 | } |
| 116 | |
| 117 | if (null === $provider) { |
| 118 | exit('Provider missing'); |
| 119 | } |
| 120 | |
| 121 | if (!isset($_GET['code'])) { |
| 122 | // If we don't have an authorization code then get one |
| 123 | $authUrl = $provider->getAuthorizationUrl($options); |
| 124 | $_SESSION['oauth2state'] = $provider->getState(); |
| 125 | header('Location: ' . $authUrl); |
| 126 | exit; |
| 127 | // Check given state against previously stored one to mitigate CSRF attack |
| 128 | } elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) { |
| 129 | unset($_SESSION['oauth2state']); |
| 130 | unset($_SESSION['provider']); |
| 131 | exit('Invalid state'); |
| 132 | } else { |
| 133 | unset($_SESSION['provider']); |
| 134 | // Try to get an access token (using the authorization code grant) |
| 135 | $token = $provider->getAccessToken( |
| 136 | 'authorization_code', |
| 137 | [ |
| 138 | 'code' => $_GET['code'] |
| 139 | ] |
| 140 | ); |
| 141 | // Use this to interact with an API on the users behalf |
| 142 | // Use this to get a new access token if the old one expires |
| 143 | echo 'Refresh Token: ', $token->getRefreshToken(); |
| 144 | } |