Sauvegarde vers le serveur

public/callback.php

@@ -0,0 +1,54 @@
+<?php
+session_start();
+$clientId = "soundboard_a5l";
+$clientSecret = "qLHJxCLnkVGfW39BD62IE9pLrOXqy3eL";
+$redirectUri = "https://soundboard.a5l.fr/callback.php";
+$tokenEndpoint = "https://idp.a5l.fr/realms/A5L/protocol/openid-connect/token";
+
+$code = $_GET['code'] ?? null;
+if (!$code) { header("Location: profile.php?error=no_code"); exit(); }
+
+$ch = curl_init($tokenEndpoint);
+$postData = [
+    'grant_type'   => 'authorization_code',
+    'code'         => $code,
+    'redirect_uri' => $redirectUri,
+    'client_id'    => $clientId,
+    'client_secret'=> $clientSecret
+];
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));
+$response = curl_exec($ch);
+
+if (!$response) {
+    die("Erreur CURL : " . curl_error($ch));
+}
+
+$data = json_decode($response, true);
+if (isset($data['error'])) {
+    die("Erreur IDP : " . $data['error_description']);
+}
+
+curl_close($ch);
+
+if (isset($data['access_token'])) {
+    $token = $data['access_token'];
+    // On décode pour récupérer le login pour le JS
+    $parts = explode('.', $token);
+    $payload = json_decode(base64_decode(str_replace(['-', '_'], ['+', '/'], $parts[1])), true);
+    $login = $payload['preferred_username'] ?? 'User';
+
+    // COOKIE POUR PHP
+    setcookie("auth_token", $token, time() + 3600, "/", "", true, false);
+
+    // REDIRECTION ET STORAGE POUR JS
+    echo "<!DOCTYPE html><html><body><script>
+        localStorage.setItem('auth_token', " . json_encode($token) . ");
+        localStorage.setItem('user_login', " . json_encode($login) . ");
+        window.location.href = 'profile.php';
+    </script></body></html>";
+    exit();
+} else {
+    header("Location: profile.php?error=failed");
+    exit();
+}