Skip to content

Latest commit

 

History

History
executable file
·
125 lines (86 loc) · 4.04 KB

README.md

File metadata and controls

executable file
·
125 lines (86 loc) · 4.04 KB
Raw

ZOHO Provider for OAuth 2.0 Client

Latest Version on Packagist Build Status Quality Score Total Downloads License

This package provides ZOHO OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

To use this package, it will be necessary to have a ZOHO client ID and client secret. These are referred to as {zoho-client-id} and {zoho-client-secret} in the documentation.

Please follow the ZOHO instructions to create the required credentials.

Installation

You can install the package via composer:

composer require asad/oauth2-zoho

Usage

Authorization Code Flow

use Asad\OAuth2\Client\Provider\Zoho;

$provider = new Zoho([
    'clientId' => '{zoho-client-id}',
    'clientSecret' => '{zoho-client-secret}',
    'redirectUri' => 'http://localhost:8000/zoho/oauth2',
    'dc' => 'AU' //It will be optional if your ZOHO are in US location
]);

if (!isset($_GET['code'])) {
    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl([
        'scope' => [
            'ZohoCRM.modules.ALL', //Important: Define your data accessability scope here
            'ZohoCRM.settings.ALL',
        ],
        'access_type' => 'offline', //Important: If you want to generate the refresh token, set this value as offline
        'prompt' => 'consent'       //Important: Will not return a refresh token if this is not also set
    ]);

    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: ' . $authUrl);
    exit;

    // Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    unset($_SESSION['oauth2state']);
    exit('Invalid state');
} else {

    // Try to get an access token (using the authorization code grant)
    try {
        $token = $provider->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        ]);

        //$user = $provider->getResourceOwner($token);


        echo $access_token = $token->getToken();

        echo $refresh_token = $token->getRefreshToken(); //Save this refresh token to somewehre

        echo $token->getExpires();

    } catch (\Exception $e) {
        //handle you exception
    }
}

Refreshing a Token

Refresh tokens are only provided to applications which request offline access. You can specify offline access by passing the access_type option in your getAuthorizationUrl() request.

use Asad\OAuth2\Client\Provider\Zoho;
use League\OAuth2\Client\Grant\RefreshToken;

$provider = new Zoho([
    'clientId' => '{zoho-client-id}',
    'clientSecret' => '{zoho-client-secret}',
    'dc' => 'AU' //It will be optional if your ZOHO are in US location
]);

$refreshToken = 'FromYourStoredData';
$grant = new RefreshToken();
$token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);

Testing

composer test

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email asadku34@gamil.com instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.