Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
208 lines (176 sloc) 7.04 KB

OAuth2Client

The OAuth2Client allows you to connect to any OAuth2 server. Just follow the procedure described in the example below.

Installation

composer require webiik/oauth2client

Example

// Facebook Example

// Prepare dependencies
$chc = new \Webiik\CurlHttpClient\CurlHttpClient();

// Instantiate OAuth2 client
$oAuth2Client = new \Webiik\OAuth2Client\OAuth2Client($chc);

// Your callback URL after authorization
// OAuth2 server redirects users to this URL, after user verification
$oAuth2Client->setRedirectUri('https://127.0.0.1/webiik/');

// API endpoints
$oAuth2Client->setAuthorizeUrl('https://www.facebook.com/v3.2/dialog/oauth');
$oAuth2Client->setAccessTokenUrl('https://graph.facebook.com/v3.2/oauth/access_token');

// API credentials (create yours at https://developers.facebook.com/apps/)
$oAuth2Client->setClientId('your-client-id');
$oAuth2Client->setClientSecret('your-client-sectret');

// Make API calls...

// Define scope
$scope = [
    'email',
];

if (!isset($_GET['code'])) {
    // 1. Prepare Facebook user login link with specified scope and grand type
    echo '<a href="' . $oAuth2Client->getAuthorizeUrl($scope) . '" target="_blank">Authorize with Facebook</a><br/>';
}

if (isset($_GET['code'])) {
    // 2. Verify code to obtain user access_token
    $user = $oAuth2Client->getAccessTokenByCode();

    // 3. Verify clientId and clientSecret to obtain app access_token
    $app = $oAuth2Client->getAccessTokenByCredentials();
}

if (isset($user['access_token']) && isset($app['access_token'])) {
    // 4. User and app access_tokens are valid, user and app are authorized by Facebook
    // Access protected resources...
}

Configuration

Before you can connect to any OAuth2 server, you have to properly configure access credentials and endpoints.

setClientId

setClientId(string $id): void

setClientId() sets client id.

$oAuth2Client->setClientId('your-client-id');

setClientSecret

setClientSecret(string $secret): void

setClientSecret() sets client secret.

$oAuth2Client->setClientSecret('your-client-sectret');

setRedirectUri

setRedirectUri(string $url): void

setRedirectUri() sets redirect URI to redirect a user after authorization by OAuth2 server.

$oAuth2Client->setRedirectUri('https://127.0.0.1/webiik/');

setAuthorizeUrl

setAuthorizeUrl(string $url): void

setAuthorizeUrl() sets URL to authorize a user by OAuth2 server.

$oAuth2Client->setAuthorizeUrl('https://www.facebook.com/v3.2/dialog/oauth');

setAccessTokenUrl

setAccessTokenUrl(string $url): void

setAccessTokenUrl() sets URL to obtain a access token.

$oAuth2Client->setAccessTokenUrl('https://graph.facebook.com/v3.2/oauth/access_token');

setValidateTokenUrl

setValidateTokenUrl(string $url): void

setValidateTokenUrl() sets URL to validate a access token. This endpoint is not official part of OAuth2 specifications, however Google, Facebook etc. provide it.

$oAuth2Client->setValidateTokenUrl('https://graph.facebook.com/debug_token');

Login

getAuthorizeUrl

getAuthorizeUrl(array $scope = [], string $responseType = 'code', string $state = ''): string

getAuthorizeUrl() prepares a correct link to a URL set by setAuthorizeUrl().

Parameters

  • scope defines access scope of your app. Learn access scopes of individual OAuth2 servers.
  • responseType possible response types are code, token, id_token...
  • state read about state parameter.
$link = $oAuth2Client->getAuthorizeUrl(['email'])

Authorization

OAuth2Client allows you to get access token by all grant types provided by OAuth2 protocol. Read more about grant types.

getAccessTokenByCode

getAccessTokenByCode()

getAccessTokenByCode() makes HTTP POST request to a URL set by setAccessTokenUrl(). Returns an array with token(s) on success and a string with cURL error message on error. This grant type is usually used by apps for authenticating users.

$user = $oAuth2Client->getAccessTokenByCode();

getAccessTokenByPassword

getAccessTokenByPassword(string $username, string $password, array $scope = [])

getAccessTokenByPassword() makes HTTP POST request to a URL set by setAccessTokenUrl(). Returns an array with token(s) on success and a string with cURL error message on error. This grant type is usually used by trusted apps for authenticating users.

$user = $oAuth2Client->getAccessTokenByCode();

getAccessTokenByCredentials

getAccessTokenByCredentials()

getAccessTokenByCredentials() makes HTTP POST request to a URL set by setAccessTokenUrl(). Returns an array with token(s) on success and a string with cURL error message on error. This grant type is usually used for server-to-server communication.

$app = $oAuth2Client->getAccessTokenByCredentials();

getAccessTokenByRefreshToken

getAccessTokenByRefreshToken(string $refreshToken)

getAccessTokenByRefreshToken() makes HTTP POST request to a URL set by setAccessTokenUrl(). Returns an array with token(s) on success and a string with cURL error message on error. Usually you can get $refreshToken by setting scope offline_access when calling getAuthorizeUrl(). Read more about refresh_token. It's used to obtain a renewed access token.

$token = $oAuth2Client->getAccessTokenByRefreshToken($refreshToken);

getAccessTokenBy

getAccessTokenBy(array $params)

getAccessTokenBy() makes HTTP POST request to a URL set by setAccessTokenUrl(). Returns an array with token(s) on success and a string with cURL error message on error. This method allows you to get access token by custom parameters.

// Get access token by code
$user = $oAuth2Client->getAccessTokenBy([
    'redirect_uri' => 'https://127.0.0.1/webiik/',
    'grant_type' => 'authorization_code',
    'code' => $_GET['code'],
]);

getTokenInfo

getTokenInfo(string $inputToken, string $accessToken, bool $useGet = false)

getTokenInfo() makes HTTP POST request to a URL set by setValidateTokenUrl(). Returns an array with token(s) on success and a string with cURL error message on error. This is not official part of OAuth2 specifications, however Google, Facebook etc. provide it.

$token = $oAuth2Client->getTokenInfo($inputToken, $accessToken);

Resources

You can’t perform that action at this time.