From 9dd13bc8027b9c578b15d19bf67e2e3bc002a5ca Mon Sep 17 00:00:00 2001
From: Hickmeister <35031453+Hickmeister@users.noreply.github.com>
Date: Sat, 4 Jan 2025 14:27:31 +0000
Subject: [PATCH] Added Etsy Auth

---
 assets/php/etsyData/authorizeEtsy.php    | 25 ++++++++++++++++++
 assets/php/etsyData/callbackEtsy.php     | 33 ++++++++++++++++++++++++
 assets/php/etsyData/refreshTokenEtsy.php | 27 +++++++++++++++++++
 3 files changed, 85 insertions(+)
 create mode 100644 assets/php/etsyData/authorizeEtsy.php
 create mode 100644 assets/php/etsyData/callbackEtsy.php
 create mode 100644 assets/php/etsyData/refreshTokenEtsy.php

diff --git a/assets/php/etsyData/authorizeEtsy.php b/assets/php/etsyData/authorizeEtsy.php
new file mode 100644
index 0000000..950e98e
--- /dev/null
+++ b/assets/php/etsyData/authorizeEtsy.php
@@ -0,0 +1,25 @@
+<?php
+include '/mnt/www-live/TechOdyssey_Designs_Dashboard/assets/php/session_check.php';
+require '/mnt/www-live/TechOdyssey_Designs_Dashboard/assets/php/envLoader.php';  // Load envLoader from php/
+loadEnv(__DIR__ . '/../../../.env');  // Go up three levels to root for .env
+
+$clientId = $_ENV['ETSY_KEYSTRING'];
+$redirectUri = $_ENV['ETSY_REDIRECT_URI'];
+$scope = 'transactions_r';
+$state = bin2hex(random_bytes(16));
+
+session_start();
+$_SESSION['oauth_state'] = $state;
+
+// Authorization URL
+$url = "https://www.etsy.com/oauth/connect?" . http_build_query([
+    'response_type' => 'code',
+    'client_id' => $clientId,
+    'redirect_uri' => $redirectUri,
+    'scope' => $scope,
+    'state' => $state
+]);
+
+header("Location: $url");
+exit;
+?>
diff --git a/assets/php/etsyData/callbackEtsy.php b/assets/php/etsyData/callbackEtsy.php
new file mode 100644
index 0000000..ac52c12
--- /dev/null
+++ b/assets/php/etsyData/callbackEtsy.php
@@ -0,0 +1,33 @@
+<?php
+include '/mnt/www-live/TechOdyssey_Designs_Dashboard/assets/php/session_check.php';
+require '/mnt/www-live/TechOdyssey_Designs_Dashboard/assets/php/envLoader.php';  // Load envLoader from php/
+loadEnv(__DIR__ . '/../../../.env');  // Go up three levels to find .env
+
+session_start();
+
+if ($_GET['state'] !== $_SESSION['oauth_state']) {
+    die('Invalid state. Possible CSRF attack.');
+}
+
+$code = $_GET['code'];
+
+$clientId = $_ENV['ETSY_KEYSTRING'];
+$clientSecret = $_ENV['ETSY_SECRET'];
+$redirectUri = $_ENV['ETSY_REDIRECT_URI'];
+
+$data = [
+    'grant_type' => 'authorization_code',
+    'client_id' => $clientId,
+    'client_secret' => $clientSecret,
+    'code' => $code,
+    'redirect_uri' => $redirectUri
+];
+
+$ch = curl_init("https://api.etsy.com/v3/public/oauth/token");
+curl_setopt($ch, CURLOPT_POST, true);
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
+$response = curl_exec($ch);
+$tokens = json_decode($response, true);
+
+file_put
diff --git a/assets/php/etsyData/refreshTokenEtsy.php b/assets/php/etsyData/refreshTokenEtsy.php
new file mode 100644
index 0000000..95e2695
--- /dev/null
+++ b/assets/php/etsyData/refreshTokenEtsy.php
@@ -0,0 +1,27 @@
+<?php
+include '/mnt/www-live/TechOdyssey_Designs_Dashboard/assets/php/session_check.php';
+require '/mnt/www-live/TechOdyssey_Designs_Dashboard/assets/php/envLoader.php';  // Load envLoader from php/
+loadEnv(__DIR__ . '/../../../.env');  // Go up three levels to find .env
+
+function refreshAccessToken() {
+    $tokens = json_decode(file_get_contents('etsyTokens.json'), true);
+    $refreshToken = $tokens['refresh_token'];
+
+    $data = [
+        'grant_type' => 'refresh_token',
+        'client_id' => $_ENV['ETSY_KEYSTRING'],
+        'client_secret' => $_ENV['ETSY_SECRET'],
+        'refresh_token' => $refreshToken
+    ];
+
+    $ch = curl_init("https://api.etsy.com/v3/public/oauth/token");
+    curl_setopt($ch, CURLOPT_POST, true);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
+    $response = curl_exec($ch);
+    $newTokens = json_decode($response, true);
+
+    file_put_contents('etsyTokens.json', json_encode($newTokens));
+    echo "Token refreshed successfully.";
+}
+?>