PHP Example

If you're a PHP ninja then you'll want to refactor but here's a start.


// Define credentials obtained from Wonde dashboard SSO settings
define('CLIENT_ID', <Your Client ID goes here>);
define('CLIENT_SECRET', '<Your Client Secret goes here>');
define('REDIRECT_URI', 'http://localhost:8123');

// Now define the Wonde SSO and API endpoints
define('AUTH_URI', 'https://edu.wonde.com/oauth/authorize');
define('TOKEN_URI', 'https://api.wonde.com/oauth/token');
define('GRAPHQL_URI', 'https://api.wonde.com/graphql/me');

// Ready to go, so now route this request accordingly
switch ($has_user_authorised_access = !empty($_GET)) {

    // A) User has NOT been redirected away and authorised access to this
    // application, so redirect them to the Wonde UI to complete this
    case false:
        authorise();
        break;

    // B) User has been redirected and has authorised, so use their
    // authorisation code to get a token and make an API request
    case true:
        $access_token = getAccessToken($_GET['code']);
        $data = makeApiRequest($access_token);
        echo '<pre>' . json_encode($data, JSON_PRETTY_PRINT) . '<pre>';
        break;
}

die('Finished!');

/**
 * Redirect the user to our UI to authorise access
 */
function authorise()
{
    $params = [
        'client_id' => CLIENT_ID,
        'redirect_uri' => REDIRECT_URI,
        'response_type' => 'code',
    ];

    header('Location: ' . AUTH_URI . '?' . http_build_query($params));
}

/**
 * Get an access token using the authorisation code obtained from an earlier redirect
 */
function getAccessToken($code)
{
    $params = [
        'grant_type' => 'authorization_code',
        'client_id' => CLIENT_ID,
        'client_secret' => CLIENT_SECRET,
        'redirect_uri' => REDIRECT_URI,
        'code' => $code,
    ];

    return httpRequest($uri = TOKEN_URI, $params, $access_token = null)->access_token;
}

/**
 * Access the API using the access token obtained earlier
 */
function makeApiRequest($access_token)
{
    $query = <<<'GRAPHQL'
{
    Me {
        id
        Person {
            __typename
            ... on Student {
                id
                type
                forename
                middle_names
                surname
            }
            ... on Contact {
                id
                type
                forename
                middle_names
                surname
            }
            ... on Employee {
                id
                type
                forename
                middle_names
                surname
            }
        }
    }
}
GRAPHQL;

    $params = [
        'query' => $query,
    ];

    return httpRequest(GRAPHQL_URI, $params, $access_token);
}

/**
 * Make a CURL request, optionally with POST data and an access token, if obtained
 */
function httpRequest($url, $params, $access_token)
{
    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    if ($params) {
        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params));
    }

    if ($access_token) {
        curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: Bearer ' . $access_token]);
    }

    $response = curl_exec($ch);

    return json_decode($response);
}
							

We speak your language, here are some
examples to get you started.