-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Version 2.0 #35
Version 2.0 #35
Conversation
This PR replaces #34. |
Hi @bencorlett. Are you planning to merge this changes soon to develop or master? I am looking for the standard between both oauth1 and oauth2 client. Great work btw. |
@ajibarra soon(ish), still working through the rewrite for v2 in my spare time. No real ETA as yet unfortunately. v1 is stable, just has an API that doesn't match the OAuth 2 client (it used to, but OAuth 2 has since moved forward and I'm catching up here). |
@bencorlett you're making things happen! I'm happy to help out here and I don't want to impede your existing flow. If you can provide a deeper layer of detail about your current plan/thought process for the refactor, I can take care of some of the work. |
#40 encapsulates a bit of refactoring that I've been wanting to do. I've moved a handful of methods that are factories or static in nature to appropriate classes and created new classes where appropriate. My goal was to clean up the AbstractServer so it only had business critical logic. |
This will be possible with the // The server provides a way to get an authenticated API request for
// the service, using the access token; it returns an object conforming
// to Psr\Http\Message\RequestInterface.
$request = $server->getAuthenticatedRequest(
'GET',
'http://your.service/endpoint',
$tokenCredentials
);
$response = $this->getHttpClient()->send($request); |
@bencorlett I see you are circling this project again. What are your thoughts on moving along this refactor? What is left to accomplish? |
Good question! Let me pull the code down today and have a look, I really need to stop being such a slacker haha. I’ll do that today :)
|
Any ETA on v2 folks? |
Any movement here? |
Any idea when this will be finished? Guzzle 4 is also EOL now, and v1 is still requiring Guzzle 3. |
I'm back actively spending time on this project and I'm hoping to have the final refactoring done from the Following that, we just need to add implementations for more OAuth2 Servers and then we are good tor release. |
@bencorlett Not to put too much more pressure on you, but a patch for a security vulnerability was included in Guzzle 6.2.1. I'm assuming the vulnerability exists in all prior versions and that those versions won't receive patches. So, the sooner the switch to Guzzle 6 can happen, the better. 😄 |
Ooo, interesting. Could you please provide me with a link? I might see if I can also patch 1.x to run on a newer Guzzle as well without needing a major bump. Pretty sure we won't be modifying any public methods so it could be a patch version. Sent from my iPhone Please excuse my brevity
|
@bencorlett Here's the site for the vulnerability: https://httpoxy.org/. The Guzzle release notes I linked in my earlier comment include a related item. |
Oh, shit. Sorry I didn't see your link prior. Okay, cool. I have a project for this morning ;) Sent from my iPhone Please excuse my brevity
|
composer.json
Outdated
"@phpcs", | ||
"@phpcpd", | ||
"@phploc", | ||
"@phpspec", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This test fails on the HHVM environment in Travis. Do we want to ignore HHVM? Do we want to find a new test solution?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd recommend ignoring HHVM at this age, since PHP 7 is as fast. PHP ecosystem has changed a lot since HHVM's inception.
@bencorlett I am still interested in helping to get this project moved up and out to 2.0. It seems like the current test suite configuration is causing some issues with CI. I've added some comments and would like some input and/or direction from you on how we should proceed. I am happy to get some more work done here :) |
Yoo-hoo @bencorlett |
Do you need some help or is this project dead? |
Progress on the project has kind of screamed to a halt. I did speak with @philsturgeon about having @stevenmaguire or somebody else equally keen to take over the lead. I would be more than happy for this, just unsure what his movements are and whether he is interested :)
… On 5 Apr 2018, at 9:17 pm, Daniel Bannert ***@***.***> wrote:
Do you need some help or is this project dead?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub <#35 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AALGnyYUclxdV-plGuUXZqU_CXapsrF1ks5tlf08gaJpZM4FwWtN>.
|
We had this conversation over a year ago @bencorlett so yeah I'd say the swap should happen! 😅 I'm not involved in the League anymore, so pester @frankdejonge or somebody to get this a new home. |
I'm happy to take on more responsibility with this project. I'll need to get back up to speed a bit. I've been very involved in this last round of changes but it's been quite some time since my head has been in this space :) |
Any update here? :) We have Guzzle 7 now with PHP 7.2+ support. |
Another question of mine is: who uses OAUTH-1 nowadays?! Haven't whole world moved to OAUTH-2 already? |
Twitter still uses oauth 1 only. |
@GrahamCampbell , sorry my bad. That link is not OAuth-2-on-behalf-of-user. It's just JWT-Bearer authentication (client-credential flow), on behalf of App. |
Indeed, all the "real stuff" is still OAuth 1.0a => https://developer.twitter.com/en/docs/authentication/oauth-1-0a |
Yea. I know for sure almost noone will bother updating this package. Tech is too old to be of any value to anyone. Maybe for the sake of moving forward, at Socialite side there should be new major version release with Oauth-1 and Twitter left behind. Otherwise everything will be stuck in past. |
Can someone add me as a Member to this repo? CC: @bencorlett |
I need that to be able to stop Travis-CI runs which I know will fail. Waiting for them takes too long. |
After spending 7-8 hours to refactor this codebase, I can say the following:
Overall, even though there is Version-2 branch half-done, I'd strongly suggest actually redoing that work on top of my refactoring, also adding |
@shehi this codebase started life as codeigniter-oauth1, which was built to work with PHP 4 as well as PHP 5. As such, some functions which existed in PHP 5 had to be reimplimented for the same of PHP 4 support. It's possible you're noticing some of this legacy, as of course you might notice with the types. Please boyscout respectfully and help chip away at any type mismatches, as again this was not built when types existed. |
@shehi also maybe you could start your own PR, as this was started by somebody who is no longer active on the project. |
@philsturgeon really? CodeIgnitor and PHP4? Didn't know that. Older than I imagined! Already started & finished my PR. I was just giving input regarding this PR, because a lot of work was done here without addressing the points I mentioned above. IMHO these shortcomings and problems should be addressed before building new features, or at least in parallel. My observation was: they weren't. |
Version 2