mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-16 18:19:47 +05:30
Merge branch 'release/0.3'
This commit is contained in:
commit
0897e6226c
3
.gitignore
vendored
3
.gitignore
vendored
@ -2,4 +2,5 @@
|
||||
/composer.lock
|
||||
/docs/build/
|
||||
/build/logs/
|
||||
/build/coverage/
|
||||
/build/coverage/
|
||||
test
|
@ -1,14 +1,15 @@
|
||||
{
|
||||
"name": "lncd/Oauth2",
|
||||
"name": "lncd/oauth2",
|
||||
"description": "OAuth 2.0 Framework",
|
||||
"version": "0.2.3",
|
||||
"version": "0.3",
|
||||
"homepage": "https://github.com/lncd/OAuth2",
|
||||
"license": "MIT",
|
||||
"require": {
|
||||
"php": ">=5.3.0"
|
||||
"php": ">=5.3.0",
|
||||
"guzzle/guzzle": "*"
|
||||
},
|
||||
"require-dev": {
|
||||
"EHER/PHPUnit": "*"
|
||||
"phpunit/phpunit": "*"
|
||||
},
|
||||
"repositories": [
|
||||
{
|
||||
@ -27,7 +28,7 @@
|
||||
"authors": [
|
||||
{
|
||||
"name": "Alex Bilbie",
|
||||
"email": "oauth2@alexbilbie.com",
|
||||
"email": "hello@alexbilbie.com",
|
||||
"homepage": "http://www.httpster.org",
|
||||
"role": "Developer"
|
||||
}
|
||||
@ -36,5 +37,8 @@
|
||||
"psr-0": {
|
||||
"Oauth2": "src/"
|
||||
}
|
||||
},
|
||||
"suggest": {
|
||||
"lncd/oauth2-facebook": "Adds support for Facebook as an IDP"
|
||||
}
|
||||
}
|
@ -131,7 +131,9 @@ class Server
|
||||
|
||||
} else {
|
||||
|
||||
$params['client_id'] = (isset($authParams['client_id'])) ? $authParams['client_id'] : $_GET['client_id'];
|
||||
$params['client_id'] = (isset($authParams['client_id'])) ?
|
||||
$authParams['client_id'] :
|
||||
$_GET['client_id'];
|
||||
|
||||
}
|
||||
|
||||
@ -142,12 +144,19 @@ class Server
|
||||
|
||||
} else {
|
||||
|
||||
$params['redirect_uri'] = (isset($authParams['redirect_uri'])) ? $authParams['redirect_uri'] : $_GET['redirect_uri'];
|
||||
$params['redirect_uri'] = (isset($authParams['redirect_uri'])) ?
|
||||
$authParams['redirect_uri'] :
|
||||
$_GET['redirect_uri'];
|
||||
|
||||
}
|
||||
|
||||
// Validate client ID and redirect URI
|
||||
$clientDetails = $this->_dbCall('validateClient', $params['client_id'], null, $params['redirect_uri']);
|
||||
$clientDetails = $this->_dbCall(
|
||||
'validateClient',
|
||||
$params['client_id'],
|
||||
null,
|
||||
$params['redirect_uri']
|
||||
);
|
||||
|
||||
if ($clientDetails === false) {
|
||||
|
||||
@ -161,7 +170,9 @@ class Server
|
||||
|
||||
} else {
|
||||
|
||||
$params['response_type'] = (isset($authParams['response_type'])) ? $authParams['response_type'] : $_GET['response_type'];
|
||||
$params['response_type'] = (isset($authParams['response_type'])) ?
|
||||
$authParams['response_type'] :
|
||||
$_GET['response_type'];
|
||||
|
||||
// Ensure response type is one that is recognised
|
||||
if ( ! in_array($params['response_type'], $this->_responseTypes)) {
|
||||
@ -174,12 +185,15 @@ class Server
|
||||
// Get and validate scopes
|
||||
if (isset($authParams['scope']) || isset($_GET['scope'])) {
|
||||
|
||||
$scopes = (isset($_GET['scope'])) ? $_GET['scope'] : $authParams['scope'];
|
||||
$scopes = (isset($_GET['scope'])) ?
|
||||
$_GET['scope'] :
|
||||
$authParams['scope'];
|
||||
|
||||
$scopes = explode($this->_config['scope_delimeter'], $scopes);
|
||||
|
||||
// Remove any junk scopes
|
||||
for ($i = 0; $i < count($scopes); $i++) {
|
||||
|
||||
$scopes[$i] = trim($scopes[$i]);
|
||||
|
||||
if ($scopes[$i] === '') {
|
||||
@ -196,7 +210,10 @@ class Server
|
||||
|
||||
foreach ($scopes as $scope) {
|
||||
|
||||
$scopeDetails = $this->_dbCall('getScope', $scope);
|
||||
$scopeDetails = $this->_dbCall(
|
||||
'getScope',
|
||||
$scope
|
||||
);
|
||||
|
||||
if ($scopeDetails === false) {
|
||||
|
||||
@ -223,7 +240,8 @@ class Server
|
||||
public function newAuthoriseRequest($type, $typeId, $authoriseParams)
|
||||
{
|
||||
// Remove any old sessions the user might have
|
||||
$this->_dbCall('deleteSession',
|
||||
$this->_dbCall(
|
||||
'deleteSession',
|
||||
$authoriseParams['client_id'],
|
||||
$type,
|
||||
$typeId
|
||||
@ -272,7 +290,8 @@ class Server
|
||||
// new authorisation code otherwise create a new session
|
||||
if ($accessToken !== null) {
|
||||
|
||||
$this->_dbCall('updateSession',
|
||||
$this->_dbCall(
|
||||
'updateSession',
|
||||
$clientId,
|
||||
$type,
|
||||
$typeId,
|
||||
@ -287,7 +306,8 @@ class Server
|
||||
$this->_dbCall('deleteSession', $clientId, $type, $typeId);
|
||||
|
||||
// Create a new session
|
||||
$sessionId = $this->_dbCall('newSession',
|
||||
$sessionId = $this->_dbCall(
|
||||
'newSession',
|
||||
$clientId,
|
||||
$redirectUri,
|
||||
$type,
|
||||
@ -301,7 +321,11 @@ class Server
|
||||
// Add the scopes
|
||||
foreach ($scopes as $key => $scope) {
|
||||
|
||||
$this->_dbCall('addSessionScope', $sessionId, $scope['scope']);
|
||||
$this->_dbCall(
|
||||
'addSessionScope',
|
||||
$sessionId,
|
||||
$scope['scope']
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
@ -329,7 +353,9 @@ class Server
|
||||
|
||||
} else {
|
||||
|
||||
$params['grant_type'] = (isset($authParams['grant_type'])) ? $authParams['grant_type'] : $_POST['grant_type'];
|
||||
$params['grant_type'] = (isset($authParams['grant_type'])) ?
|
||||
$authParams['grant_type'] :
|
||||
$_POST['grant_type'];
|
||||
|
||||
// Ensure grant type is one that is recognised
|
||||
if ( ! in_array($params['grant_type'], $this->_grantTypes)) {
|
||||
@ -374,7 +400,9 @@ class Server
|
||||
|
||||
} else {
|
||||
|
||||
$params['client_id'] = (isset($authParams['client_id'])) ? $authParams['client_id'] : $_POST['client_id'];
|
||||
$params['client_id'] = (isset($authParams['client_id'])) ?
|
||||
$authParams['client_id'] :
|
||||
$_POST['client_id'];
|
||||
|
||||
}
|
||||
|
||||
@ -385,7 +413,9 @@ class Server
|
||||
|
||||
} else {
|
||||
|
||||
$params['client_secret'] = (isset($authParams['client_secret'])) ? $authParams['client_secret'] : $_POST['client_secret'];
|
||||
$params['client_secret'] = (isset($authParams['client_secret'])) ?
|
||||
$authParams['client_secret'] :
|
||||
$_POST['client_secret'];
|
||||
|
||||
}
|
||||
|
||||
@ -396,12 +426,15 @@ class Server
|
||||
|
||||
} else {
|
||||
|
||||
$params['redirect_uri'] = (isset($authParams['redirect_uri'])) ? $authParams['redirect_uri'] : $_POST['redirect_uri'];
|
||||
$params['redirect_uri'] = (isset($authParams['redirect_uri'])) ?
|
||||
$authParams['redirect_uri'] :
|
||||
$_POST['redirect_uri'];
|
||||
|
||||
}
|
||||
|
||||
// Validate client ID and redirect URI
|
||||
$clientDetails = $this->_dbCall('validateClient',
|
||||
$clientDetails = $this->_dbCall(
|
||||
'validateClient',
|
||||
$params['client_id'],
|
||||
$params['client_secret'],
|
||||
$params['redirect_uri']
|
||||
@ -419,13 +452,16 @@ class Server
|
||||
|
||||
} else {
|
||||
|
||||
$params['code'] = (isset($authParams['code'])) ? $authParams['code'] : $_POST['code'];
|
||||
$params['code'] = (isset($authParams['code'])) ?
|
||||
$authParams['code'] :
|
||||
$_POST['code'];
|
||||
|
||||
}
|
||||
|
||||
// Verify the authorization code matches the client_id and the
|
||||
// request_uri
|
||||
$session = $this->_dbCall('validateAuthCode',
|
||||
$session = $this->_dbCall(
|
||||
'validateAuthCode',
|
||||
$params['client_id'],
|
||||
$params['redirect_uri'],
|
||||
$params['code']
|
||||
@ -442,9 +478,12 @@ class Server
|
||||
|
||||
$accessToken = $this->generateCode();
|
||||
|
||||
$accessTokenExpires = ($this->_config['access_token_ttl'] === null) ? null : time() + $this->_config['access_token_ttl'];
|
||||
$accessTokenExpires = ($this->_config['access_token_ttl'] === null) ?
|
||||
null :
|
||||
time() + $this->_config['access_token_ttl'];
|
||||
|
||||
$this->_dbCall('updateSession',
|
||||
$this->_dbCall(
|
||||
'updateSession',
|
||||
$session['id'],
|
||||
null,
|
||||
$accessToken,
|
||||
@ -453,7 +492,8 @@ class Server
|
||||
);
|
||||
|
||||
// Update the session's scopes to reference the access token
|
||||
$this->_dbCall('updateSessionScopeAccessToken',
|
||||
$this->_dbCall(
|
||||
'updateSessionScopeAccessToken',
|
||||
$session['id'],
|
||||
$accessToken
|
||||
);
|
||||
|
230
src/Oauth2/Client/IDP.php
Normal file
230
src/Oauth2/Client/IDP.php
Normal file
@ -0,0 +1,230 @@
|
||||
<?php
|
||||
|
||||
namespace OAuth2\Client;
|
||||
|
||||
use Guzzle\Service\Client as GuzzleClient;
|
||||
|
||||
class IDPException extends \Exception
|
||||
{
|
||||
protected $result;
|
||||
|
||||
public function __construct($result)
|
||||
{
|
||||
$this->result = $result;
|
||||
|
||||
$code = isset($result['code']) ? $result['code'] : 0;
|
||||
|
||||
if (isset($result['error'])) {
|
||||
|
||||
// OAuth 2.0 Draft 10 style
|
||||
$message = $result['error'];
|
||||
|
||||
} elseif (isset($result['message'])) {
|
||||
|
||||
// cURL style
|
||||
$message = $result['message'];
|
||||
|
||||
} else {
|
||||
|
||||
$message = 'Unknown Error.';
|
||||
|
||||
}
|
||||
|
||||
parent::__construct($message['message'], $message['code']);
|
||||
}
|
||||
|
||||
public function getType()
|
||||
{
|
||||
if (isset($this->result['error'])) {
|
||||
|
||||
$message = $this->result['error'];
|
||||
|
||||
if (is_string($message)) {
|
||||
// OAuth 2.0 Draft 10 style
|
||||
return $message;
|
||||
}
|
||||
}
|
||||
|
||||
return 'Exception';
|
||||
}
|
||||
|
||||
/**
|
||||
* To make debugging easier.
|
||||
*
|
||||
* @returns
|
||||
* The string representation of the error.
|
||||
*/
|
||||
public function __toString()
|
||||
{
|
||||
$str = $this->getType() . ': ';
|
||||
|
||||
if ($this->code != 0) {
|
||||
$str .= $this->code . ': ';
|
||||
}
|
||||
|
||||
return $str . $this->message;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
abstract class IDP {
|
||||
|
||||
public $clientId = '';
|
||||
|
||||
public $clientSecret = '';
|
||||
|
||||
public $redirectUri = '';
|
||||
|
||||
public $name;
|
||||
|
||||
public $uidKey = 'uid';
|
||||
|
||||
public $scopes = array();
|
||||
|
||||
public $method = 'post';
|
||||
|
||||
public $scopeSeperator = ',';
|
||||
|
||||
public $responseType = 'json';
|
||||
|
||||
public function __construct($options)
|
||||
{
|
||||
foreach ($options as $option => $value) {
|
||||
if (isset($this->{$option})) {
|
||||
$this->{$option} = $value;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
abstract public function urlAuthorize();
|
||||
|
||||
abstract public function urlAccessToken();
|
||||
|
||||
abstract public function urlUserDetails(\Oauth2\Client\Token\Access $token);
|
||||
|
||||
abstract public function userDetails($response, \Oauth2\Client\Token\Access $token);
|
||||
|
||||
public function authorize($options = array())
|
||||
{
|
||||
$state = md5(uniqid(rand(), TRUE));
|
||||
setcookie($this->name.'_authorize_state', $state);
|
||||
|
||||
$params = array(
|
||||
'client_id' => $this->clientId,
|
||||
'redirect_uri' => $this->redirectUri,
|
||||
'state' => $state,
|
||||
'scope' => is_array($this->scope) ? implode($this->scopeSeperator, $this->scope) : $this->scope,
|
||||
'response_type' => isset($options['response_type']) ? $options['response_type'] : 'code',
|
||||
'approval_prompt' => 'force' // - google force-recheck
|
||||
);
|
||||
|
||||
header('Location: ' . $this->urlAuthorize().'?'.http_build_query($params));
|
||||
exit;
|
||||
}
|
||||
|
||||
public function getAccessToken($code = NULL, $options = array())
|
||||
{
|
||||
if ($code === NULL) {
|
||||
throw new \BadMethodCallException('Missing authorization code');
|
||||
}
|
||||
|
||||
$params = array(
|
||||
'client_id' => $this->clientId,
|
||||
'client_secret' => $this->clientSecret,
|
||||
'grant_type' => isset($options['grantType']) ? $options['grantType'] : 'authorization_code',
|
||||
);
|
||||
|
||||
switch ($params['grant_type']) {
|
||||
|
||||
case 'authorization_code':
|
||||
$params['code'] = $code;
|
||||
$params['redirect_uri'] = isset($options['redirectUri']) ? $options['redirectUri'] : $this->redirectUri;
|
||||
break;
|
||||
|
||||
case 'refresh_token':
|
||||
$params['refresh_token'] = $code;
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
try {
|
||||
|
||||
switch ($this->method) {
|
||||
|
||||
case 'get':
|
||||
|
||||
$client = new GuzzleClient($this->urlAccessToken() . '?' . http_build_query($params));
|
||||
$request = $client->send();
|
||||
$response = $request->getBody();
|
||||
|
||||
break;
|
||||
|
||||
case 'post':
|
||||
|
||||
$client = new GuzzleClient($this->urlAccessToken());
|
||||
$request = $client->post(null, null, $params)->send();
|
||||
$response = $request->getBody();
|
||||
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
catch (\Guzzle\Http\Exception\BadResponseException $e)
|
||||
{
|
||||
$raw_response = explode("\n", $e->getResponse());
|
||||
$response = end($raw_response);
|
||||
}
|
||||
|
||||
switch ($this->responseType) {
|
||||
|
||||
case 'json':
|
||||
$result = json_decode($response, true);
|
||||
break;
|
||||
|
||||
case 'string':
|
||||
parse_str($response, $result);
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
if (isset($result['error']) && ! empty($result['error'])) {
|
||||
|
||||
throw new \Oauth2\Client\IDPException($result);
|
||||
|
||||
}
|
||||
|
||||
switch ($params['grant_type']) {
|
||||
|
||||
case 'authorization_code':
|
||||
return \Oauth2\Client\Token::factory('access', $result);
|
||||
break;
|
||||
|
||||
case 'refresh_token':
|
||||
return \Oauth2\Client\Token::factory('refresh', $result);
|
||||
break;
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
public function getUserDetails(\Oauth2\Client\Token\Access $token)
|
||||
{
|
||||
$url = $this->urlUserDetails($token);
|
||||
|
||||
try {
|
||||
$client = new GuzzleClient($url);
|
||||
$request = $client->get()->send();
|
||||
$response = $request->getBody();
|
||||
|
||||
return $this->userDetails(json_decode($response), $token);
|
||||
}
|
||||
|
||||
catch (\Guzzle\Http\Exception\BadResponseException $e)
|
||||
{
|
||||
$raw_response = explode("\n", $e->getResponse());
|
||||
throw new \Oauth2\Client\IDPException(end($raw_response));
|
||||
}
|
||||
}
|
||||
|
||||
}
|
42
src/Oauth2/Client/Provider/Blooie.php
Executable file
42
src/Oauth2/Client/Provider/Blooie.php
Executable file
@ -0,0 +1,42 @@
|
||||
<?php
|
||||
|
||||
class Blooie extends Oauth2\Client\IDP
|
||||
{
|
||||
public $scope = array('user.profile', 'user.picture');
|
||||
|
||||
public $method = 'POST';
|
||||
|
||||
public function urlAuthorize()
|
||||
{
|
||||
return 'https://bloo.ie/oauth';
|
||||
}
|
||||
|
||||
public function urlAccessToken()
|
||||
{
|
||||
return 'https://bloo.ie/oauth/access_token';
|
||||
}
|
||||
|
||||
public function getUserInfo(Oauth2\Token\Access $token)
|
||||
{
|
||||
$url = 'https://graph.facebook.com/me?'.http_build_query(array(
|
||||
'access_token' => $token->access_token,
|
||||
));
|
||||
|
||||
$user = json_decode(file_get_contents($url));
|
||||
|
||||
return array(
|
||||
'uid' => $user->id,
|
||||
'nickname' => $user->username,
|
||||
'name' => $user->name,
|
||||
'first_name' => $user->first_name,
|
||||
'last_name' => $user->last_name,
|
||||
'email' => isset($user->email) ? $user->email : null,
|
||||
'location' => isset($user->hometown->name) ? $user->hometown->name : null,
|
||||
'description' => isset($user->bio) ? $user->bio : null,
|
||||
'image' => 'https://graph.facebook.com/me/picture?type=normal&access_token='.$token->access_token,
|
||||
'urls' => array(
|
||||
'Facebook' => $user->link,
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
49
src/Oauth2/Client/Provider/Facebook.php
Executable file
49
src/Oauth2/Client/Provider/Facebook.php
Executable file
@ -0,0 +1,49 @@
|
||||
<?php
|
||||
/**
|
||||
* Facebook OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2012 HappyNinjas Ltd
|
||||
* @license http://philsturgeon.co.uk/code/dbad-license
|
||||
*/
|
||||
|
||||
class Facebook extends Oauth2\Client\IDP
|
||||
{
|
||||
protected $scope = array('offline_access', 'email', 'read_stream');
|
||||
|
||||
public function urlAuthorize()
|
||||
{
|
||||
return 'https://www.facebook.com/dialog/oauth';
|
||||
}
|
||||
|
||||
public function urlAccessToken()
|
||||
{
|
||||
return 'https://graph.facebook.com/oauth/access_token';
|
||||
}
|
||||
|
||||
public function getUserInfo(Oauth2\Token\Access $token)
|
||||
{
|
||||
$url = 'https://graph.facebook.com/me?'.http_build_query(array(
|
||||
'access_token' => $token->access_token,
|
||||
));
|
||||
|
||||
$user = json_decode(file_get_contents($url));
|
||||
|
||||
return array(
|
||||
'uid' => $user->id,
|
||||
'nickname' => isset($user->username) ? $user->username : null,
|
||||
'name' => $user->name,
|
||||
'first_name' => $user->first_name,
|
||||
'last_name' => $user->last_name,
|
||||
'email' => isset($user->email) ? $user->email : null,
|
||||
'location' => isset($user->hometown->name) ? $user->hometown->name : null,
|
||||
'description' => isset($user->bio) ? $user->bio : null,
|
||||
'image' => 'https://graph.facebook.com/me/picture?type=normal&access_token='.$token->access_token,
|
||||
'urls' => array(
|
||||
'Facebook' => $user->link,
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
45
src/Oauth2/Client/Provider/Foursquare.php
Executable file
45
src/Oauth2/Client/Provider/Foursquare.php
Executable file
@ -0,0 +1,45 @@
|
||||
<?php
|
||||
/**
|
||||
* Foursquare OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2012 HappyNinjas Ltd
|
||||
* @license http://philsturgeon.co.uk/code/dbad-license
|
||||
*/
|
||||
|
||||
class Foursquare extends Oauth2\Client\IDP
|
||||
{
|
||||
public $method = 'POST';
|
||||
|
||||
public function urlAuthorize()
|
||||
{
|
||||
return 'https://foursquare.com/oauth2/authenticate';
|
||||
}
|
||||
|
||||
public function urlAccessToken()
|
||||
{
|
||||
return 'https://foursquare.com/oauth2/access_token';
|
||||
}
|
||||
|
||||
public function getUserInfo(Oauth2\Token\Access $token)
|
||||
{
|
||||
$url = 'https://api.foursquare.com/v2/users/self?'.http_build_query(array(
|
||||
'oauth_token' => $token->access_token,
|
||||
));
|
||||
|
||||
$response = json_decode(file_get_contents($url));
|
||||
|
||||
$user = $response->response->user;
|
||||
|
||||
// Create a response from the request
|
||||
return array(
|
||||
'uid' => $user->id,
|
||||
'name' => sprintf('%s %s', $user->firstName, $user->lastName),
|
||||
'email' => $user->contact->email,
|
||||
'image' => $user->photo,
|
||||
'location' => $user->homeCity,
|
||||
);
|
||||
}
|
||||
}
|
43
src/Oauth2/Client/Provider/Github.php
Executable file
43
src/Oauth2/Client/Provider/Github.php
Executable file
@ -0,0 +1,43 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* GitHub OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2012 HappyNinjas Ltd
|
||||
* @license http://philsturgeon.co.uk/code/dbad-license
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Github extends Oauth2\Client\IDP
|
||||
{
|
||||
public function urlAuthorize()
|
||||
{
|
||||
return 'https://github.com/login/oauth/authorize';
|
||||
}
|
||||
|
||||
public function urlAccessToken()
|
||||
{
|
||||
return 'https://github.com/login/oauth/access_token';
|
||||
}
|
||||
|
||||
public function getUserInfo(Oauth\Token\Access $token)
|
||||
{
|
||||
$url = 'https://api.github.com/user?'.http_build_query(array(
|
||||
'access_token' => $token->access_token,
|
||||
));
|
||||
|
||||
$user = json_decode(file_get_contents($url));
|
||||
|
||||
return array(
|
||||
'uid' => $user->id,
|
||||
'nickname' => $user->login,
|
||||
'name' => $user->name,
|
||||
'email' => $user->email,
|
||||
'urls' => array(
|
||||
'GitHub' => 'http://github.com/'.$user->login,
|
||||
'Blog' => $user->blog,
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
84
src/Oauth2/Client/Provider/Google.php
Executable file
84
src/Oauth2/Client/Provider/Google.php
Executable file
@ -0,0 +1,84 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* Google OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2012 HappyNinjas Ltd
|
||||
* @license http://philsturgeon.co.uk/code/dbad-license
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Google extends OAuth2_Provider
|
||||
{
|
||||
/**
|
||||
* @var string the method to use when requesting tokens
|
||||
*/
|
||||
public $method = 'POST';
|
||||
|
||||
/**
|
||||
* @var string scope separator, most use "," but some like Google are spaces
|
||||
*/
|
||||
public $scope_seperator = ' ';
|
||||
|
||||
public function url_authorize()
|
||||
{
|
||||
return 'https://accounts.google.com/o/oauth2/auth';
|
||||
}
|
||||
|
||||
public function url_access_token()
|
||||
{
|
||||
return 'https://accounts.google.com/o/oauth2/token';
|
||||
}
|
||||
|
||||
public function __construct(array $options = array())
|
||||
{
|
||||
// Now make sure we have the default scope to get user data
|
||||
empty($options['scope']) and $options['scope'] = array(
|
||||
'https://www.googleapis.com/auth/userinfo.profile',
|
||||
'https://www.googleapis.com/auth/userinfo.email'
|
||||
);
|
||||
|
||||
// Array it if its string
|
||||
$options['scope'] = (array) $options['scope'];
|
||||
|
||||
parent::__construct($options);
|
||||
}
|
||||
|
||||
/*
|
||||
* Get access to the API
|
||||
*
|
||||
* @param string The access code
|
||||
* @return object Success or failure along with the response details
|
||||
*/
|
||||
public function access($code, $options = array())
|
||||
{
|
||||
if ($code === null)
|
||||
{
|
||||
throw new OAuth2_Exception(array('message' => 'Expected Authorization Code from '.ucfirst($this->name).' is missing'));
|
||||
}
|
||||
|
||||
return parent::access($code, $options);
|
||||
}
|
||||
|
||||
public function get_user_info(OAuth2_Token_Access $token)
|
||||
{
|
||||
$url = 'https://www.googleapis.com/oauth2/v1/userinfo?alt=json&'.http_build_query(array(
|
||||
'access_token' => $token->access_token,
|
||||
));
|
||||
|
||||
$user = json_decode(file_get_contents($url), true);
|
||||
return array(
|
||||
'uid' => $user['id'],
|
||||
'nickname' => url_title($user['name'], '_', true),
|
||||
'name' => $user['name'],
|
||||
'first_name' => $user['given_name'],
|
||||
'last_name' => $user['family_name'],
|
||||
'email' => $user['email'],
|
||||
'location' => null,
|
||||
'image' => (isset($user['picture'])) ? $user['picture'] : null,
|
||||
'description' => null,
|
||||
'urls' => array(),
|
||||
);
|
||||
}
|
||||
}
|
48
src/Oauth2/Client/Provider/Instagram.php
Executable file
48
src/Oauth2/Client/Provider/Instagram.php
Executable file
@ -0,0 +1,48 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* Instagram OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2012 HappyNinjas Ltd
|
||||
* @license http://philsturgeon.co.uk/code/dbad-license
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Instagram extends OAuth2_Provider
|
||||
{
|
||||
/**
|
||||
* @var string scope separator, most use "," but some like Google are spaces
|
||||
*/
|
||||
public $scope_seperator = '+';
|
||||
|
||||
/**
|
||||
* @var string the method to use when requesting tokens
|
||||
*/
|
||||
public $method = 'POST';
|
||||
|
||||
public function url_authorize()
|
||||
{
|
||||
return 'https://api.instagram.com/oauth/authorize';
|
||||
}
|
||||
|
||||
public function url_access_token()
|
||||
{
|
||||
return 'https://api.instagram.com/oauth/access_token';
|
||||
}
|
||||
|
||||
public function get_user_info(OAuth2_Token_Access $token)
|
||||
{
|
||||
$user = $token->user;
|
||||
|
||||
return array(
|
||||
'uid' => $user->id,
|
||||
'nickname' => $user->username,
|
||||
'name' => $user->full_name,
|
||||
'image' => $user->profile_picture,
|
||||
'urls' => array(
|
||||
'website' => $user->website,
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
36
src/Oauth2/Client/Provider/Mailchimp.php
Executable file
36
src/Oauth2/Client/Provider/Mailchimp.php
Executable file
@ -0,0 +1,36 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* Mailchimp OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2012 HappyNinjas Ltd
|
||||
* @license http://philsturgeon.co.uk/code/dbad-license
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Mailchimp extends OAuth2_Provider
|
||||
{
|
||||
/**
|
||||
* @var string the method to use when requesting tokens
|
||||
*/
|
||||
protected $method = 'POST';
|
||||
|
||||
public function url_authorize()
|
||||
{
|
||||
return 'https://login.mailchimp.com/oauth2/authorize';
|
||||
}
|
||||
|
||||
public function url_access_token()
|
||||
{
|
||||
return 'https://login.mailchimp.com/oauth2/token';
|
||||
}
|
||||
|
||||
public function get_user_info(OAuth2_Token_Access $token)
|
||||
{
|
||||
// Create a response from the request
|
||||
return array(
|
||||
'uid' => $token->access_token,
|
||||
);
|
||||
}
|
||||
}
|
73
src/Oauth2/Client/Provider/Mailru.php
Executable file
73
src/Oauth2/Client/Provider/Mailru.php
Executable file
@ -0,0 +1,73 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* Mailru OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Lavr Lyndin
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Mailru extends OAuth2_Provider
|
||||
{
|
||||
public $method = 'POST';
|
||||
|
||||
public function url_authorize()
|
||||
{
|
||||
return 'https://connect.mail.ru/oauth/authorize';
|
||||
}
|
||||
|
||||
public function url_access_token()
|
||||
{
|
||||
return 'https://connect.mail.ru/oauth/token';
|
||||
}
|
||||
|
||||
protected function sign_server_server(array $request_params, $secret_key)
|
||||
{
|
||||
ksort($request_params);
|
||||
$params = '';
|
||||
foreach ($request_params as $key => $value) {
|
||||
$params .= "$key=$value";
|
||||
}
|
||||
return md5($params . $secret_key);
|
||||
}
|
||||
|
||||
public function get_user_info(OAuth2_Token_Access $token)
|
||||
{
|
||||
$request_params = array(
|
||||
'app_id' => $this->client_id,
|
||||
'method' => 'users.getInfo',
|
||||
'uids' => $token->uid,
|
||||
'access_token' => $token->access_token,
|
||||
'secure' => 1
|
||||
);
|
||||
|
||||
$sig = $this->sign_server_server($request_params,$this->client_secret);
|
||||
$url = 'http://www.appsmail.ru/platform/api?'.http_build_query($request_params).'&sig='.$sig;
|
||||
|
||||
$user = json_decode(file_get_contents($url));
|
||||
|
||||
return array(
|
||||
'uid' => $user[0]->uid,
|
||||
'nickname' => $user[0]->nick,
|
||||
'name' => $user[0]->first_name.' '.$user[0]->last_name,
|
||||
'first_name' => $user[0]->first_name,
|
||||
'last_name' => $user[0]->last_name,
|
||||
'email' => isset($user[0]->email) ? $user[0]->email : null,
|
||||
'image' => isset($user[0]->pic_big) ? $user[0]->pic_big : null,
|
||||
);
|
||||
}
|
||||
|
||||
public function authorize($options = array())
|
||||
{
|
||||
$state = md5(uniqid(rand(), TRUE));
|
||||
get_instance()->session->set_userdata('state', $state);
|
||||
|
||||
$params = array(
|
||||
'client_id' => $this->client_id,
|
||||
'redirect_uri' => isset($options['redirect_uri']) ? $options['redirect_uri'] : $this->redirect_uri,
|
||||
'response_type' => 'code',
|
||||
);
|
||||
|
||||
redirect($this->url_authorize().'?'.http_build_query($params));
|
||||
}
|
||||
}
|
59
src/Oauth2/Client/Provider/Paypal.php
Executable file
59
src/Oauth2/Client/Provider/Paypal.php
Executable file
@ -0,0 +1,59 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* PayPal OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2012 HappyNinjas Ltd
|
||||
* @license http://philsturgeon.co.uk/code/dbad-license
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Paypal extends OAuth2_Provider
|
||||
{
|
||||
/**
|
||||
* @var string default scope (useful if a scope is required for user info)
|
||||
*/
|
||||
protected $scope = array('https://identity.x.com/xidentity/resources/profile/me');
|
||||
|
||||
/**
|
||||
* @var string the method to use when requesting tokens
|
||||
*/
|
||||
protected $method = 'POST';
|
||||
|
||||
public function url_authorize()
|
||||
{
|
||||
return 'https://identity.x.com/xidentity/resources/authorize';
|
||||
}
|
||||
|
||||
public function url_access_token()
|
||||
{
|
||||
return 'https://identity.x.com/xidentity/oauthtokenservice';
|
||||
}
|
||||
|
||||
public function get_user_info(OAuth2_Token_Access $token)
|
||||
{
|
||||
$url = 'https://identity.x.com/xidentity/resources/profile/me?' . http_build_query(array(
|
||||
'oauth_token' => $token->access_token
|
||||
));
|
||||
|
||||
$user = json_decode(file_get_contents($url));
|
||||
$user = $user->identity;
|
||||
|
||||
return array(
|
||||
'uid' => $user['userId'],
|
||||
'nickname' => url_title($user['fullName'], '_', true),
|
||||
'name' => $user['fullName'],
|
||||
'first_name' => $user['firstName'],
|
||||
'last_name' => $user['lastName'],
|
||||
'email' => $user['emails'][0],
|
||||
'location' => $user->addresses[0],
|
||||
'image' => null,
|
||||
'description' => null,
|
||||
'urls' => array(
|
||||
'PayPal' => null
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
}
|
51
src/Oauth2/Client/Provider/Soundcloud.php
Executable file
51
src/Oauth2/Client/Provider/Soundcloud.php
Executable file
@ -0,0 +1,51 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* Soundcloud OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2012 HappyNinjas Ltd
|
||||
* @license http://philsturgeon.co.uk/code/dbad-license
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Soundcloud extends OAuth2_Provider
|
||||
{
|
||||
/**
|
||||
* @var string the method to use when requesting tokens
|
||||
*/
|
||||
protected $method = 'POST';
|
||||
|
||||
public function url_authorize()
|
||||
{
|
||||
return 'https://soundcloud.com/connect';
|
||||
}
|
||||
|
||||
public function url_access_token()
|
||||
{
|
||||
return 'https://api.soundcloud.com/oauth2/token';
|
||||
}
|
||||
|
||||
public function get_user_info(OAuth2_Token_Access $token)
|
||||
{
|
||||
$url = 'https://api.soundcloud.com/me.json?'.http_build_query(array(
|
||||
'oauth_token' => $token->access_token,
|
||||
));
|
||||
|
||||
$user = json_decode(file_get_contents($url));
|
||||
|
||||
// Create a response from the request
|
||||
return array(
|
||||
'uid' => $user->id,
|
||||
'nickname' => $user->username,
|
||||
'name' => $user->full_name,
|
||||
'location' => $user->country.' ,'.$user->country,
|
||||
'description' => $user->description,
|
||||
'image' => $user->avatar_url,
|
||||
'urls' => array(
|
||||
'MySpace' => $user->myspace_name,
|
||||
'Website' => $user->website,
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
54
src/Oauth2/Client/Provider/Vkontakte.php
Executable file
54
src/Oauth2/Client/Provider/Vkontakte.php
Executable file
@ -0,0 +1,54 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* Vkontakte OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Lavr Lyndin
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Vkontakte extends OAuth2_Provider
|
||||
{
|
||||
protected $method = 'POST';
|
||||
public $uid_key = 'user_id';
|
||||
|
||||
public function url_authorize()
|
||||
{
|
||||
return 'http://oauth.vk.com/authorize';
|
||||
}
|
||||
|
||||
public function url_access_token()
|
||||
{
|
||||
return 'https://oauth.vk.com/access_token';
|
||||
}
|
||||
|
||||
public function get_user_info(OAuth2_Token_Access $token)
|
||||
{
|
||||
$scope = array('nickname', 'screen_name','photo_big');
|
||||
$url = 'https://api.vk.com/method/users.get?'.http_build_query(array(
|
||||
'uids' => $token->uid,
|
||||
'fields' => implode(",",$scope),
|
||||
'access_token' => $token->access_token,
|
||||
));
|
||||
|
||||
$user = json_decode(file_get_contents($url))->response;
|
||||
|
||||
if(sizeof($user)==0)
|
||||
return null;
|
||||
else
|
||||
$user = $user[0];
|
||||
|
||||
return array(
|
||||
'uid' => $user->uid,
|
||||
'nickname' => isset($user->nickname) ? $user->nickname : null,
|
||||
'name' => isset($user->name) ? $user->name : null,
|
||||
'first_name' => isset($user->first_name) ? $user->first_name : null,
|
||||
'last_name' => isset($user->last_name) ? $user->last_name : null,
|
||||
'email' => null,
|
||||
'location' => null,
|
||||
'description' => null,
|
||||
'image' => isset($user->photo_big) ? $user->photo_big : null,
|
||||
'urls' => array(),
|
||||
);
|
||||
}
|
||||
}
|
60
src/Oauth2/Client/Provider/Windowslive.php
Executable file
60
src/Oauth2/Client/Provider/Windowslive.php
Executable file
@ -0,0 +1,60 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* Windows Live OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2012 HappyNinjas Ltd
|
||||
* @license http://philsturgeon.co.uk/code/dbad-license
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Windowslive extends OAuth2_Provider
|
||||
{
|
||||
protected $scope = array('wl.basic', 'wl.emails');
|
||||
|
||||
/**
|
||||
* @var string the method to use when requesting tokens
|
||||
*/
|
||||
protected $method = 'POST';
|
||||
|
||||
// authorise url
|
||||
public function url_authorize()
|
||||
{
|
||||
return 'https://oauth.live.com/authorize';
|
||||
}
|
||||
|
||||
// access token url
|
||||
public function url_access_token()
|
||||
{
|
||||
return 'https://oauth.live.com/token';
|
||||
}
|
||||
|
||||
// get basic user information
|
||||
/********************************
|
||||
** this can be extended through the
|
||||
** use of scopes, check out the document at
|
||||
** http://msdn.microsoft.com/en-gb/library/hh243648.aspx#user
|
||||
*********************************/
|
||||
public function get_user_info(OAuth2_Token_Access $token)
|
||||
{
|
||||
// define the get user information token
|
||||
$url = 'https://apis.live.net/v5.0/me?'.http_build_query(array(
|
||||
'access_token' => $token->access_token,
|
||||
));
|
||||
|
||||
// perform network request
|
||||
$user = json_decode(file_get_contents($url));
|
||||
|
||||
// create a response from the request and return it
|
||||
return array(
|
||||
'uid' => $user->id,
|
||||
'name' => $user->name,
|
||||
'nickname' => url_title($user->name, '_', true),
|
||||
// 'location' => $user[''], # scope wl.postal_addresses is required
|
||||
# but won't be implemented by default
|
||||
'locale' => $user->locale,
|
||||
'urls' => array('Windows Live' => $user->link),
|
||||
);
|
||||
}
|
||||
}
|
115
src/Oauth2/Client/Provider/Yandex.php
Executable file
115
src/Oauth2/Client/Provider/Yandex.php
Executable file
@ -0,0 +1,115 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* Yandex OAuth2 Provider
|
||||
*
|
||||
* @package CodeIgniter/OAuth2
|
||||
* @category Provider
|
||||
* @author Lavr Lyndin
|
||||
*/
|
||||
|
||||
class OAuth2_Provider_Yandex extends OAuth2_Provider
|
||||
{
|
||||
public $method = 'POST';
|
||||
|
||||
public function url_authorize()
|
||||
{
|
||||
return 'https://oauth.yandex.ru/authorize';
|
||||
}
|
||||
|
||||
public function url_access_token()
|
||||
{
|
||||
return 'https://oauth.yandex.ru/token';
|
||||
}
|
||||
|
||||
public function get_user_info(OAuth2_Token_Access $token)
|
||||
{
|
||||
$opts = array(
|
||||
'http' => array(
|
||||
'method' => 'GET',
|
||||
'header' => 'Authorization: OAuth '.$token->access_token
|
||||
)
|
||||
);
|
||||
$_default_opts = stream_context_get_params(stream_context_get_default());
|
||||
|
||||
$opts = array_merge_recursive($_default_opts['options'], $opts);
|
||||
$context = stream_context_create($opts);
|
||||
$url = 'http://api-yaru.yandex.ru/me/?format=json';
|
||||
|
||||
$user = json_decode(file_get_contents($url,false,$context));
|
||||
|
||||
preg_match("/\d+$/",$user->id,$uid);
|
||||
|
||||
return array(
|
||||
'uid' => $uid[0],
|
||||
'nickname' => isset($user->name) ? $user->name : null,
|
||||
'name' => isset($user->name) ? $user->name : null,
|
||||
'first_name' => isset($user->first_name) ? $user->first_name : null,
|
||||
'last_name' => isset($user->last_name) ? $user->last_name : null,
|
||||
'email' => isset($user->email) ? $user->email : null,
|
||||
'location' => isset($user->hometown->name) ? $user->hometown->name : null,
|
||||
'description' => isset($user->bio) ? $user->bio : null,
|
||||
'image' => $user->links->userpic,
|
||||
);
|
||||
}
|
||||
|
||||
public function access($code, $options = array())
|
||||
{
|
||||
$params = array(
|
||||
'client_id' => $this->client_id,
|
||||
'client_secret' => $this->client_secret,
|
||||
'grant_type' => isset($options['grant_type']) ? $options['grant_type'] : 'authorization_code',
|
||||
);
|
||||
|
||||
switch ($params['grant_type'])
|
||||
{
|
||||
case 'authorization_code':
|
||||
$params['code'] = $code;
|
||||
$params['redirect_uri'] = isset($options['redirect_uri']) ? $options['redirect_uri'] : $this->redirect_uri;
|
||||
break;
|
||||
|
||||
case 'refresh_token':
|
||||
$params['refresh_token'] = $code;
|
||||
break;
|
||||
}
|
||||
|
||||
$response = null;
|
||||
$url = $this->url_access_token();
|
||||
|
||||
$curl = curl_init($url);
|
||||
|
||||
$headers[] = 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8;';
|
||||
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
|
||||
|
||||
// curl_setopt($curl, CURLOPT_USERAGENT, 'yamolib-php');
|
||||
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 30);
|
||||
curl_setopt($curl, CURLOPT_TIMEOUT, 80);
|
||||
curl_setopt($curl, CURLOPT_POST, true);
|
||||
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($params));
|
||||
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
|
||||
// curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);
|
||||
// curl_setopt($curl, CURLOPT_CAINFO, dirname(__FILE__) . '/../data/ca-certificate.crt');
|
||||
|
||||
$response = curl_exec($curl);
|
||||
curl_close($curl);
|
||||
|
||||
$return = json_decode($response, true);
|
||||
|
||||
if ( ! empty($return['error']))
|
||||
{
|
||||
throw new OAuth2_Exception($return);
|
||||
}
|
||||
|
||||
switch ($params['grant_type'])
|
||||
{
|
||||
case 'authorization_code':
|
||||
return OAuth2_Token::factory('access', $return);
|
||||
break;
|
||||
|
||||
case 'refresh_token':
|
||||
return OAuth2_Token::factory('refresh', $return);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
46
src/Oauth2/Client/Token.php
Executable file
46
src/Oauth2/Client/Token.php
Executable file
@ -0,0 +1,46 @@
|
||||
<?php
|
||||
|
||||
namespace Oauth2\Client;
|
||||
|
||||
abstract class Token
|
||||
{
|
||||
|
||||
/**
|
||||
* Create a new token object.
|
||||
*
|
||||
* @param string token type
|
||||
* @param array token options
|
||||
* @return Token
|
||||
*/
|
||||
public static function factory($name = 'access', array $options = null)
|
||||
{
|
||||
include_once 'Token/'.ucfirst(strtolower($name)).'.php';
|
||||
|
||||
$class = 'Oauth2\Client\Token\\'.ucfirst($name);
|
||||
|
||||
return new $class($options);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the value of any protected class variable.
|
||||
*
|
||||
* @param string variable name
|
||||
* @return mixed
|
||||
*/
|
||||
public function __get($key)
|
||||
{
|
||||
return $this->$key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a boolean if the property is set
|
||||
*
|
||||
* @param string variable name
|
||||
* @return bool
|
||||
*/
|
||||
public function __isset($key)
|
||||
{
|
||||
return isset($this->$key);
|
||||
}
|
||||
|
||||
} // End Token
|
79
src/Oauth2/Client/Token/Access.php
Executable file
79
src/Oauth2/Client/Token/Access.php
Executable file
@ -0,0 +1,79 @@
|
||||
<?php
|
||||
|
||||
namespace Oauth2\Client\Token;
|
||||
|
||||
/**
|
||||
* OAuth2 Token
|
||||
*
|
||||
* @package OAuth2
|
||||
* @category Token
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2011 HappyNinjas Ltd
|
||||
*/
|
||||
|
||||
class Access extends \Oauth2\Client\Token
|
||||
{
|
||||
/**
|
||||
* @var string accessToken
|
||||
*/
|
||||
protected $accessToken;
|
||||
|
||||
/**
|
||||
* @var int expires
|
||||
*/
|
||||
protected $expires;
|
||||
|
||||
/**
|
||||
* @var string refreshToken
|
||||
*/
|
||||
protected $refreshToken;
|
||||
|
||||
/**
|
||||
* @var string uid
|
||||
*/
|
||||
protected $uid;
|
||||
|
||||
/**
|
||||
* Sets the token, expiry, etc values.
|
||||
*
|
||||
* @param array token options
|
||||
* @return void
|
||||
*/
|
||||
public function __construct(array $options = null)
|
||||
{
|
||||
if ( ! isset($options['access_token'])) {
|
||||
throw new \BadMethodCallException('Required option not passed: access_token'.PHP_EOL.print_r($options, true));
|
||||
}
|
||||
|
||||
$this->accessToken = $options['access_token'];
|
||||
|
||||
// Some providers (not many) give the uid here, so lets take it
|
||||
isset($options['uid']) and $this->uid = $options['uid'];
|
||||
|
||||
//Vkontakte uses user_id instead of uid
|
||||
isset($options['user_id']) and $this->uid = $options['user_id'];
|
||||
|
||||
//Mailru uses x_mailru_vid instead of uid
|
||||
isset($options['x_mailru_vid']) and $this->uid = $options['x_mailru_vid'];
|
||||
|
||||
// We need to know when the token expires, add num. seconds to current time
|
||||
isset($options['expires_in']) and $this->expires = time() + ((int) $options['expires_in']);
|
||||
|
||||
// Facebook is just being a spec ignoring jerk
|
||||
isset($options['expires']) and $this->expires = time() + ((int) $options['expires']);
|
||||
|
||||
// Grab a refresh token so we can update access tokens when they expires
|
||||
isset($options['refresh_token']) and $this->refreshToken = $options['refresh_token'];
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the token key.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function __toString()
|
||||
{
|
||||
return (string) $this->accessToken;
|
||||
}
|
||||
|
||||
}
|
55
src/Oauth2/Client/Token/Authorize.php
Executable file
55
src/Oauth2/Client/Token/Authorize.php
Executable file
@ -0,0 +1,55 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth2 Token
|
||||
*
|
||||
* @package OAuth2
|
||||
* @category Token
|
||||
* @author Phil Sturgeon
|
||||
* @copyright (c) 2011 HappyNinjas Ltd
|
||||
*/
|
||||
|
||||
class Authorize extends \Oauth2\Client\Token
|
||||
{
|
||||
/**
|
||||
* @var string code
|
||||
*/
|
||||
protected $code;
|
||||
|
||||
/**
|
||||
* @var string redirect_uri
|
||||
*/
|
||||
protected $redirectUri;
|
||||
|
||||
/**
|
||||
* Sets the token, expiry, etc values.
|
||||
*
|
||||
* @param array token options
|
||||
* @return void
|
||||
*/
|
||||
public function __construct(array $options)
|
||||
{
|
||||
if ( ! isset($options['code'])) {
|
||||
|
||||
throw new Exception('Required option not passed: code');
|
||||
|
||||
} elseif ( ! isset($options['redirect_uri'])) {
|
||||
|
||||
throw new Exception('Required option not passed: redirect_uri');
|
||||
|
||||
}
|
||||
|
||||
$this->code = $options['code'];
|
||||
$this->redirectUri = $options['redirect_uri'];
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the token key.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function __toString()
|
||||
{
|
||||
return (string) $this->code;
|
||||
}
|
||||
|
||||
}
|
@ -54,9 +54,9 @@ class Server
|
||||
|
||||
/**
|
||||
* Error codes.
|
||||
*
|
||||
*
|
||||
* To provide i8ln errors just overwrite the keys
|
||||
*
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $errors = array(
|
||||
@ -68,7 +68,7 @@ class Server
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
*
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
@ -92,7 +92,7 @@ class Server
|
||||
if ($this->_type === strtolower(substr($method, 2))) {
|
||||
return $this->_typeId;
|
||||
}
|
||||
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@ class Server
|
||||
|
||||
/**
|
||||
* Register a database abstrator class
|
||||
*
|
||||
*
|
||||
* @access public
|
||||
* @param object $db A class that implements OAuth2ServerDatabase
|
||||
* @return void
|
||||
@ -110,10 +110,10 @@ class Server
|
||||
{
|
||||
$this->_db = $db;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Init function
|
||||
*
|
||||
*
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
@ -121,18 +121,23 @@ class Server
|
||||
{
|
||||
$accessToken = null;
|
||||
|
||||
|
||||
$_SERVER['REQUEST_METHOD'] = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : null;
|
||||
$_SERVER['REQUEST_METHOD'] = isset($_SERVER['REQUEST_METHOD']) ?
|
||||
$_SERVER['REQUEST_METHOD'] :
|
||||
null;
|
||||
|
||||
// Try and get the access token via an access_token or oauth_token parameter
|
||||
switch ($_SERVER['REQUEST_METHOD'])
|
||||
{
|
||||
{
|
||||
case 'POST':
|
||||
$accessToken = isset($_POST[$this->_config['token_key']]) ? $_POST[$this->_config['token_key']] : null;
|
||||
$accessToken = isset($_POST[$this->_config['token_key']]) ?
|
||||
$_POST[$this->_config['token_key']] :
|
||||
null;
|
||||
break;
|
||||
|
||||
default:
|
||||
$accessToken = isset($_GET[$this->_config['token_key']]) ? $_GET[$this->_config['token_key']] : null;
|
||||
$accessToken = isset($_GET[$this->_config['token_key']]) ?
|
||||
$_GET[$this->_config['token_key']] :
|
||||
null;
|
||||
break;
|
||||
}
|
||||
|
||||
@ -140,17 +145,17 @@ class Server
|
||||
if (function_exists('getallheaders')) {
|
||||
|
||||
$headers = getallheaders();
|
||||
|
||||
|
||||
if (isset($headers['Authorization'])) {
|
||||
|
||||
$rawToken = trim(str_replace('Bearer', '', $headers['Authorization']));
|
||||
|
||||
if ( ! empty($rawToken)) {
|
||||
$accessToken = base64_decode($rawToken);
|
||||
$accessToken = $rawToken;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if ($accessToken) {
|
||||
|
||||
$result = $this->_dbCall('validateAccessToken', $accessToken);
|
||||
@ -161,7 +166,8 @@ class Server
|
||||
|
||||
} else {
|
||||
|
||||
if ( ! array_key_exists('id', $result) || ! array_key_exists('owner_id', $result) ||
|
||||
if ( ! array_key_exists('id', $result) ||
|
||||
! array_key_exists('owner_id', $result) ||
|
||||
! array_key_exists('owner_type', $result)) {
|
||||
throw new ServerException($this->errors['missing_access_token_details']);
|
||||
}
|
||||
@ -187,12 +193,12 @@ class Server
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Test if the access token has a specific scope
|
||||
*
|
||||
*
|
||||
* @param mixed $scopes Scope(s) to check
|
||||
*
|
||||
*
|
||||
* @access public
|
||||
* @return string|bool
|
||||
*/
|
||||
@ -203,7 +209,7 @@ class Server
|
||||
if (in_array($scopes, $this->_scopes)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
return false;
|
||||
|
||||
} elseif (is_array($scopes)) {
|
||||
@ -215,16 +221,16 @@ class Server
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Call database methods from the abstractor
|
||||
*
|
||||
*
|
||||
* @return mixed The query result
|
||||
*/
|
||||
private function _dbCall()
|
||||
|
Loading…
Reference in New Issue
Block a user