Skip to content
Shopify Provider for the OAuth 2.0 Client
Branch: master
Clone or download
Latest commit 246c224 Apr 14, 2017
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src store to shop rename Mar 29, 2017
tests/Provider store to shop rename Mar 29, 2017
.editorconfig First version Mar 28, 2017
.gitattributes First version Mar 28, 2017
.gitignore remove .DS_Store Mar 28, 2017
.scrutinizer.yml scrutinizer add code_rating Mar 28, 2017
.styleci.yml First version Mar 28, 2017
.travis.yml First version Mar 28, 2017
CHANGELOG.md First version Mar 28, 2017
CONDUCT.md First version Mar 28, 2017
CONTRIBUTING.md Revert "rename" Mar 29, 2017
ISSUE_TEMPLATE.md First version Mar 28, 2017
LICENSE.md First version Mar 28, 2017
PULL_REQUEST_TEMPLATE.md First version Mar 28, 2017
README.md Update README.md Apr 14, 2017
composer.json rename composer package Mar 29, 2017
phpunit.xml.dist First version Mar 28, 2017

README.md

Shopify OAuth 2.0 Client Provider

Latest Version on Packagist Software License Build Status Coverage Status Quality Score Total Downloads

Shopify OAuth 2.0 Client Provider.

Install

Via Composer

$ composer require pizdata/oauth2-shopify

Usage

$provider = new Pizdata\OAuth2\Client\Provider\Shopify([
    'clientId'                => '{shopify-client-id}',    // The client ID assigned to you by the Shopify
    'clientSecret'            => '{shopify-client-secret}',   // The client password assigned to you by the Shopify
    'redirectUri'             => 'http://localhost/callback', // The redirect URI assigned to you
    'shop'                    => 'pizdata.myshopify.com', // The Shop name
]);

// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {

    // Setting up scope
    $options = [
        'scope' => [
            'read_content', 'write_content',
            'read_themes', 'write_themes',
            'read_products', 'write_products',
            'read_customers', 'write_customers',
            'read_orders', 'write_orders',
            'read_draft_orders', 'write_draft_orders',
            'read_script_tags', 'write_script_tags',
            'read_fulfillments', 'write_fulfillments',
            'read_shipping', 'write_shipping',
            'read_analytics',
        ]
    ];
    // Fetch the authorization URL from the provider; this returns the
    // urlAuthorize option and generates and applies any necessary parameters
    // (e.g. state).
    $authorizationUrl = $provider->getAuthorizationUrl($options);

    // Get the state generated for you and store it to the session.
    $_SESSION['oauth2state'] = $provider->getState();

    // Redirect the user to the authorization URL.
    header('Location: ' . $authorizationUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])) {

    if (isset($_SESSION['oauth2state'])) {
        unset($_SESSION['oauth2state']);
    }
    
    exit('Invalid state');

} else {

    try {
        // Try to get an access token using the authorization code grant.
        $accessToken = $provider->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        ]);

        $store = $provider->getResourceOwner($accessToken);

        // Access to Store base information
        echo $store->getName();
        echo $store->getEmail();
        echo $store->getDomain();

        // Use this to interact with an API on the users behalf
        echo $token->getToken();

    } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {
        // Failed to get the access token or user details.
        exit($e->getMessage());

    }
}

Change log

Please see CHANGELOG for more information on what has changed recently.

Testing

$ composer test

Contributing

Please see CONTRIBUTING and CONDUCT for details.

Security

If you discover any security related issues, please email roman+gh@sevastyanov.io instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

You can’t perform that action at this time.