diff --git a/php/AuthSCHClient.class.php b/php/AuthSCHClient.class.php
index a664507d30bd50c019b0ee18b7b497595ca6e1b9..8c86bd07ca5a982a067143d4cf4f807e214f2800 100644
--- a/php/AuthSCHClient.class.php
+++ b/php/AuthSCHClient.class.php
@@ -6,8 +6,7 @@ class AuthSCHClient {
private static $username = ""; // your application's id
private static $password = ""; // your application's password
private static $scope = ""; // wanted data, separated with plus sign. For more information see your website profile on auth.sch.bme.hu.
-
- private $curl = null; // curl session
+
private $tokens;
public function __construct($checkLogin = true) {
@@ -33,19 +32,22 @@ class AuthSCHClient {
}
- private function curlSetOpt($urlPart, $data) {
- curl_setopt($this->curl, CURLOPT_URL, self::$host . $urlPart);
- curl_setopt($this->curl, CURLOPT_HEADER, 0);
- curl_setopt($this->curl, CURLOPT_USERPWD, self::$username . ":" . self::$password);
- curl_setopt($this->curl, CURLOPT_TIMEOUT, 30);
- curl_setopt($this->curl, CURLOPT_POST, 1);
- curl_setopt($this->curl, CURLOPT_POSTFIELDS, http_build_query($data));
- curl_setopt($this->curl, CURLOPT_RETURNTRANSFER, TRUE);
+ private function curlExec($urlPart, $data) {
+ $ch = curl_init();
+ curl_setopt($ch, CURLOPT_URL, self::$host . $urlPart);
+ curl_setopt($ch, CURLOPT_HEADER, 0);
+ if($urlPart != "oauth2/resource")
+ curl_setopt($curl, CURLOPT_USERPWD, self::$username . ":" . self::$password);
+ curl_setopt($ch, CURLOPT_TIMEOUT, 30);
+ curl_setopt($ch, CURLOPT_POST, 1);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
+ $ret = curl_exec($ch);
+ curl_close($ch);
+ return $ret;
}
private function authenticate() {
- $this->curl = curl_init();
-
// before authentication & authorization
if (!isset($_GET['code'])) {
// get token
@@ -53,33 +55,33 @@ class AuthSCHClient {
'grant_type' => 'client_credentials',
);
- $this->curlSetOpt("oauth2/token", $data);
+ $ch = $this->curlExec("oauth2/token", $data);
$data = array(
- 'access_token' => json_decode(curl_exec($this->curl))->access_token,
+ 'access_token' => json_decode($ch)->access_token,
);
- $this->curlSetOpt("oauth2/resource", $data);
+ $ch = $this->curlExec("oauth2/resource", $data);
// check api access & redirect to auth.sch.bme.hu for authorization
- if (json_decode(curl_exec($this->curl))->success == true)
- header("Location: " . $host . "site/login?response_type=code&client_id&". self::$username ."&state=" . sha1($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']) . "&scope=" . self::$scope);
+ if ($res != null && isset($res->success) && $res->success == true)
+ header("Location: " . self::$host . "site/login?response_type=code&client_id&". self::$username ."&state=" . sha1($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']) . "&scope=" . self::$scope);
+ else
+ throw new Exception("error during api check");
} else {
$data = array(
'grant_type'=>'authorization_code',
'code'=>$_GET['code'],
);
- $this->curlSetOpt("oauth2/token", $data);
- $tokens = json_decode(curl_exec($this->curl));
+ $ch = $this->curlExec("oauth2/token", $data);
+ $tokens = json_decode($ch);
if($tokens === null || !isset($tokens->access_token) || empty($tokens->access_token))
throw new Exception ("invalid token data");
$this->tokens = $tokens;
}
-
- curl_close($this->curl);
}
-}
+}
\ No newline at end of file