Authorization Code Flow

The authorization code grant type is used to obtain both access tokens and refresh tokens and is optimized for confidential clients. Since this is a redirection-based flow, the client must be capable of interacting with the resource owner's user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the authorization server.

More info https://tools.ietf.org/html/rfc6749#section-4.1

How to Use in PHP

1) Create App in Cidaas

To work with Authorization code flow we need to create regular web application in cidaas app section

2) Get the User's Authorization and authorization code

In this example I am going to use Cidaas/oauth2-cidaas-php . for more library please visit https://oauth.net/code/

$provider = new Cidaas([
    'baseUrl'                 => 'yourcidaasbaseurl',
    'clientId'                => 'xxxx',    // The client ID assigned to you by the provider
    'clientSecret'            => 'yyyy',   // The client password assigned to you by the provider
    'redirectUri'             => 'https://yourredirecturl'
]);

print_r($provider->getAuthorizationUrl(["response_type"=>'code']));
print_r("\n");

This code will give you the autherization url. redirect to the browser with this URL. Once the User logged in to the account , cidaas will redirect to the redirect_uri with the query string of code

Example:

3) Get Access Token

echo "Copy Paste the above URL in the browser and login and Enter the Code : ";
$handle = fopen ("php://stdin","r");
$line = fgets($handle);

$accessToken = $provider->getAccessToken('authorization_code', [
    'code' => trim($line)
]);

print_r($accessToken->getToken());
print_r("\n");
print_r($accessToken->getRefreshToken());
print_r("\n");

4) Get User info

Once you got the access_token pass the access_token to cidaas user info url.

$resourceOwner = $provider->getResourceOwner($accessToken);

print_r($resourceOwner);
print_r("\n");

User info format

{
  "id": "id",
  "provider": "Provider",
  "ssoId": "ssoid",
  "username": "vimalprakashts@gmail.com",
  "email": "vimalprakashts@gmail.com",
  "mobile": "+919738122401",
  "firstname": "vimal",
  "lastname": "prakash",
  "displayName": "vimal prakash",
  "createTime": 1476957466236,
  "active": true,
  "emailVerified": true,
  "mobileNoVerified": false,
  "smsNotificationEnabled": false,
  "googleAuthenticatorEnabled": false,
  "currentLocale": "en_US",
  "userStatus": "VERIFIED",
  "identityJRString": null,
  "customFields": {
    "groupid": "",
    "Title": "",
    "Gender": "",
    "DateofBirth": "",
    "Salutation": ""
  },
  "roles": [
    "USER"
  ],
  "twofactorenabled": false,
  "lastLoggedTime": 1500231552247,
  "lastUsedSocialIdentity": null,
  "photoURL": null,
  "usedProviders": null,
  "customFieldWithMetadata": {
    "groupid": {
      "dataType": "Text",
      "value": "",
      "internal": true,
      "readOnly": false
    },
    "Title": {
      "dataType": "Text",
      "value": "",
      "internal": true,
      "readOnly": false
    },
    "Gender": {
      "dataType": "Text",
      "value": "",
      "internal": true,
      "readOnly": false
    },
    "DateofBirth": {
      "dataType": "Text",
      "value": "",
      "internal": true,
      "readOnly": false
    },
    "Salutation": {
      "dataType": "Text",
      "value": "",
      "internal": true,
      "readOnly": false
    }
  },
  "groups": null
}