<?php
// ===============================
// CONFIGURATION
// ===============================
$CLIENT_ID     = "ENTER YOUR ID";       // From MQL5 app
$CLIENT_SECRET = "ENTER CLIENT SECRET GENERATED WHEN CREATING YOUR APP IN MQL5 web";   // From MQL5 app
$REDIRECT_URI  = "https://YOUR HOSTING domain/";

$TOKEN_URL = "https://www.mql5.com/api/oauth/access_token";

// ===============================
// STEP 1: GET AUTH CODE
// ===============================
if (!isset($_GET['code'])) {
    die("Authorization code not found.");
}

$code = $_GET['code'];

// ===============================
// STEP 2: EXCHANGE CODE FOR TOKEN
// ===============================
$postData = [
    'grant_type'    => 'authorization_code',
    'client_id'     => $CLIENT_ID,
    'client_secret' => $CLIENT_SECRET,
    'code'          => $code,
    'redirect_uri'  => $REDIRECT_URI
];

$ch = curl_init($TOKEN_URL);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));

$response = curl_exec($ch);
curl_close($ch);

$data = json_decode($response, true);

if (!isset($data['access_token'])) {
    die("Token exchange failed: " . htmlspecialchars($response));
}

$accessToken = $data['access_token'];

// ===============================
// STEP 3: REDIRECT BACK TO ANDROID
// ===============================
$androidRedirect = "mql5profile://oauth?token=" . urlencode($accessToken);

header("Location: $androidRedirect");
exit;
