'authorization_code', 'code' => $code, 'redirect_uri' => $redirectUri, 'client_id' => $clientId, 'client_secret'=> $clientSecret ]; curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData)); $response = curl_exec($ch); if (!$response) { die("Erreur CURL : " . curl_error($ch)); } $data = json_decode($response, true); if (isset($data['error'])) { die("Erreur IDP : " . $data['error_description']); } curl_close($ch); if (isset($data['access_token'])) { $token = $data['access_token']; // On décode pour récupérer le login pour le JS $parts = explode('.', $token); $payload = json_decode(base64_decode(str_replace(['-', '_'], ['+', '/'], $parts[1])), true); $login = $payload['preferred_username'] ?? 'User'; // COOKIE POUR PHP setcookie("auth_token", $token, time() + 3600, "/", "", true, false); // REDIRECTION ET STORAGE POUR JS echo ""; exit(); } else { header("Location: profile.php?error=failed"); exit(); }