-
Notifications
You must be signed in to change notification settings - Fork 1
/
callback.php
127 lines (107 loc) · 3.71 KB
/
callback.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
<?php
/**
* Riot Games RSO Callback Handler
*
* This script handles the OAuth2 callback from Riot Games authentication.
* It processes the authorization code, exchanges it for an access token,
* and retrieves the user's account information.
*/
declare(strict_types=1);
require_once('config.php');
require_once('helpers.php');
require_once $_SERVER["DOCUMENT_ROOT"] . '/vendor/autoload.php';
// Validate configuration before proceeding
validateConfig();
// Verify the authorization code is present
if (!isset($_GET['code'])) {
die('Authorization code is missing. Please try logging in again.');
}
// Initialize OAuth2 provider
$provider = new \League\OAuth2\Client\Provider\GenericProvider([
'clientId' => RIOT_CLIENT_ID,
'urlAuthorize' => 'https://auth.riotgames.com/authorize',
'urlAccessToken' => 'https://auth.riotgames.com/token',
'urlResourceOwnerDetails' => 'https://auth.riotgames.com/userinfo'
]);
// Configure HTTP client with reasonable timeouts
$client = new \GuzzleHttp\Client([
'timeout' => 30,
'connect_timeout' => 5,
'http_errors' => true,
'verify' => true
]);
try {
// Step 1: Exchange authorization code for access token
$tokenResponse = $client->post('https://auth.riotgames.com/token', [
'form_params' => [
'grant_type' => 'authorization_code',
'code' => $_GET['code'],
'redirect_uri' => ensureTrailingSlash(BASE_URI) . 'callback.php',
'client_id' => RIOT_CLIENT_ID,
'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
'client_assertion' => RIOT_CLIENT_SECRET
]
]);
$tokenData = json_decode($tokenResponse->getBody()->getContents(), true);
if (!isset($tokenData['access_token'])) {
throw new RuntimeException('Access token not found in response');
}
// Step 2: Fetch user account information
$accountResponse = $client->request(
'GET',
'https://europe.api.riotgames.com/riot/account/v1/accounts/me',
[
'headers' => [
'Authorization' => sprintf('Bearer %s', $tokenData['access_token']),
'Accept' => 'application/json',
]
]
);
$accountData = json_decode($accountResponse->getBody()->getContents(), true);
// Validate required user data fields
$requiredFields = ['gameName', 'tagLine', 'puuid'];
foreach ($requiredFields as $field) {
if (!isset($accountData[$field])) {
throw new RuntimeException(sprintf('Missing required field: %s', $field));
}
}
// Prepare sanitized user data
$userData = [
'riot_id' => htmlspecialchars($accountData['gameName']),
'tagline' => htmlspecialchars($accountData['tagLine']),
'puuid' => htmlspecialchars($accountData['puuid'])
];
} catch (Exception $e) {
$errorMessage = handleError($e);
die($errorMessage);
}
// Render the response
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Riot Account Information</title>
<style>
body {
font-family: Arial, sans-serif;
max-width: 800px;
margin: 0 auto;
padding: 20px;
}
pre {
background: #f5f5f5;
padding: 15px;
border-radius: 5px;
overflow-x: auto;
}
</style>
</head>
<body>
<h1>Token Response</h1>
<pre><?php print_r($tokenData); ?></pre>
<h1>User Information</h1>
<pre><?php print_r($userData); ?></pre>
</body>
</html>