EvaOAuth provides a standard interface for OAuth1.0 / OAuth2.0 client authorization, it is easy to integrate with any PHP project by very few lines code.
- Standard interface, same code for both OAuth1.0 and OAuth2.0 different workflow, receiving token and user info as same format either.
- Fully tested
- Easy to debug, enable debug mode will record every request and response, help you find out problems quickly.
- Out-of-the-box, already supported most popular websites including Facebook. Twitter, etc.
- Scalable, integrate a new oauth website just need 3 lines code.
EvaOAuth can be found on Packagist. The recommended way to install this is through composer.
Edit your composer.json and add:
{
"require": {
"evaengine/eva-oauth": "~1.0"
}
}
And install dependencies:
curl -sS https://getcomposer.org/installer | php
php composer.phar install
Let's start a example of Facebook Login, if you have already have a Facebook developer account and created an app, prepare a request.php as below:
$service = new Eva\EvaOAuth\Service('Facebook', [
'key' => 'You Facebook App ID',
'secret' => 'You Facebook App Secret',
'callback' => 'http://localhost/EvaOAuth/example/access.php'
]);
$service->requestAuthorize();
Run request.php in browser, will be redirected to Facebook authorization page. After user confirm authorization, prepare the access.php for callback:
$token = $service->getAccessToken();
Once access token received, we could use access token to visit any protected resources.
$httpClient = new Eva\EvaOAuth\AuthorizedHttpClient($token);
$response = $httpClient->get('https://graph.facebook.com/me');
That's it, more usages please check examples and wiki.
EvaOAuth supports most popular OAuth services as below:
- OAuth2.0
- Douban
- Tencent
- OAuth1.0
Creating a custom provider require only few lines code, for OAuth2 sites:
namespace YourNamespace;
class Foursquare extends \Eva\EvaOAuth\OAuth2\Providers\AbstractProvider
{
protected $authorizeUrl = 'https://foursquare.com/oauth2/authorize';
protected $accessTokenUrl = 'https://foursquare.com/oauth2/access_token';
}
Then register to service and create instance:
use Eva\EvaOAuth\Service;
Service::registerProvider('foursquare', 'YourNamespace\Foursquare');
$service = new Service('foursquare', [
'key' => 'Foursquare App ID',
'secret' => 'Foursquare App Secret',
'callback' => 'http://somecallback/'
]);
In OAuth1.0 workflow, we need to store request token somewhere, and use request token exchange for access token.
EvaOAuth use Doctrine\Cache as storage layer. If no configuration, default storage layer use file system to save data, default path is EvaOAuth/tmp.
Feel free to change file storage path before Service
start:
Service::setStorage(new Doctrine\Common\Cache\FilesystemCache('/tmp'));
Or use other storage such as Memcache:
$storage = new \Doctrine\Common\Cache\MemcacheCache();
$storage->setMemcache(new \Memcache());
Service::setStorage($storage);
EvaOAuth defined some events for easier injection which are:
- BeforeGetRequestToken: Triggered before get request token.
- BeforeAuthorize: Triggered before redirect to authorize page.
- BeforeGetAccessToken: Triggered before get access token.
For example, if we want to send an additional header before get access token:
$service->getEmitter()->on('beforeGetAccessToken', function(\Eva\EvaOAuth\Events\BeforeGetAccessToken $event) {
$event->getRequest()->addHeader('foo', 'bar');
});
EvaOAuth based on amazing http client library Guzzle, use fully OOP to describe OAuth specification.
Refer wiki for details:
Enable debug mode will log all requests & responses.
$service->debug('/tmp/access.log');
Make sure PHP script have permission to write log path.
Run phpdoc
will generate API references under docs/
.