- Thu Jul 04, 2019 7:49 am
#825275
hello,
I use processmaker 3.2.1 and I use its REST API, I created an app using this API, and my problem is that I can't get my data via a login form other than processmaker.
Yet I get to have my Access-token and my Refresh-token.
I think my problem is that I don't have a problem with
'grant-type' - 'authorization-code',
'code' -$-GET['code'],
I leave you my code so you can tell me if I'm missing a part of code and thank you in advance for your help
I use processmaker 3.2.1 and I use its REST API, I created an app using this API, and my problem is that I can't get my data via a login form other than processmaker.
Yet I get to have my Access-token and my Refresh-token.
I think my problem is that I don't have a problem with
'grant-type' - 'authorization-code',
'code' -$-GET['code'],
I leave you my code so you can tell me if I'm missing a part of code and thank you in advance for your help
Code: Select all
<?php
//URL d'utilisation de processmaker
$pmServer = 'http://welk:82';
$pmWorkspace = 'workflow';
function pmRestLogin($clientId, $clientSecret, $username, $password) {
global $pmServer, $pmWorkspace;
$nom_session = session_name($username);
session_start();
$credentials = json_decode(file_get_contents("oauthCredentials.json"));
$postParams = array(
'grant_type' => 'password',
'scope' => '*',
'client_id' => $credentials->client_id,
'client_secret' => $credentials->client_secret,
'username' => $username,
'password' => $password
);
$ch = curl_init($pmServer . "/" . $pmWorkspace . "/oauth2/token");
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postParams);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$oToken = json_decode(curl_exec($ch));
$httpStatus = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpStatus != 200) {
print "Error in HTTP status code: $httpStatus\n";
return null;
}
elseif (isset($oToken->error)) {
print "Error logging into $pmServer:\n" .
"Error: {$oToken->error}\n" .
"Description: {$oToken->error_description}\n";
}
else {
//sauvegarder les cookies:
/*setcookie("access_token", $oToken->access_token, time() + 86400);
setcookie("refresh_token", $oToken->refresh_token); //refresh token pour eviter quil expire
setcookie("client_id", $clientId);
setcookie("client_secret", $clientSecret);*/
$_SESSION['time'] = time() + 86400;
$_SESSION['access_token'] = $oToken->access_token;
$_SESSION['refresh_token'] = $oToken->refresh_token;
$_SESSION['client_id'] = $clientId;
$_SESSION['client_secret'] = $clientSecret;
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
//sauvegarder les informations :
$datasave = array(
'access_token' => $oToken->access_token,
'refresh_token' => $oToken->refresh_token,
'client_id' => $credentials->client_id,
'client_secret' => $credentials->client_secret,
);
file_put_contents("oauthCredentials.json", json_encode($datasave));
}
return $oToken;
}
function pmRestRequest($method, $endpoint, $aVars = null, $accessToken = null) {
global $pmServer;
if (empty($accessToken) and isset($_SESSION['access_token']))
$accessToken = $_SESSION['access_token'];
if (empty($accessToken)) { //si le token d'accès expire rediriger sur le formulaire de connexion
header("Location: Index.php");
die();
}
if (!empty($endpoint) and $endpoint[0] != "/")
$endpoint = "/" . $endpoint;
$ch = curl_init($pmServer . $endpoint);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: Bearer " . $accessToken));
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$method = strtoupper($method);
switch ($method) {
case "GET":
break;
case "DELETE":
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
break;
case "PUT":
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
case "POST":
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($aVars));
break;
default:
throw new Exception("Error: Invalid HTTP method '$method' $endpoint");
return null;
}
$oRet = new StdClass;
$oRet->response = json_decode(curl_exec($ch));
$oRet->status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($oRet->status == 401) { //La session expire pour mauvais login:
header("Location: Index.php"); //retourner sur le formulaire
die();
}
elseif ($oRet->status != 200 and $oRet->status != 201) {
if ($oRet->response and isset($oRet->response->error)) {
print "Error in $pmServer:\nCode: {$oRet->response->error->code}\n" .
"Message: {$oRet->response->error->message}\n";
}
else {
print "Error: HTTP status code: $oRet->status\n";
}
}
return $oRet;
}
//include the path in the filename if not located in the same directory:
$json = file_get_contents("oauthCredentials.json") or
die("Error: Unable to open file oauthCredentials.json.");
$oCred = json_decode($json);
if (empty($oCred) or !isset($oCred->client_id)){
die("Error: oauthCredentials.json file lacks credentials or JSON string can't be decoded.");
}
$oToken = pmRestLogin($oCred->client_id, $oCred->client_secret, $_POST['username'], $_POST['password']);
if (isset($oToken) and isset($oToken->access_token)) {
//can now call REST endpoints using $oToken->access_token:
$oRet = pmRestRequest("GET", "/api/1.0/workflow/users", null, $oToken->access_token);
}
header("location: todo-list.html");
?>