natalie
/
phpoauthlib2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial commit

master
Nathan Adams 2015-10-17 18:12:46 -05:00
commit 38043b145f
6 changed files with 439 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
OAuth.php 100644
View File

@ -0,0 +1,26 @@
<?php
namespace phpoauthlib2;
class OAuth {
protected $oauthProvider = null;
protected $request = null;
public function __construct($provider, $request) {
$this->oauthProvider = $provider;
$this->request = $request;
}
public function check() {
if (isset($this->request["code"]) && !empty($this->request["code"])) {
$this->oauthProvider->getProfile();
return true;
} else {
return $this->oauthProvider->getLoginUrl();
}
}
public function getProfile() {
return $this->oauthProvider->getProfile();
}
}

113
OAuthDataProvider.php 100644
View File

@ -0,0 +1,113 @@
<?php
namespace phpoauthlib2;
require "ccurl.php";
use phpoauthlib2\ccurl;
class OAUTH_SCOPES {
const EMAIL = "EMAIL";
}
class OAuthDataProvider {
protected $version = "2.0";
protected $name = "undefined";
protected $responseType = "code";
protected $header = "Authorization: Bearer";
protected $profile = "";
protected $dialog = "";
protected $nonce = null;
protected $accessToken = null;
protected $state = "";
protected $redirectURL = "";
protected $scope = "";
protected $clientId = "";
protected $client_secret = "";
protected $request = null;
protected $profileData = [];
public function __construct($profile, $dialog, $accessToken, $request, $header="Authorization: Bearer") {
$this->profile = $profile;
$this->dialog = $dialog;
$this->accessToken = $accessToken;
$this->header = $header;
$this->request = $request;
}
public function getLoginUrl() {
$urlBuilder = [];
$urlBuilder[] = "client_id=" . $this->clientId;
$urlBuilder[] = "response_type=" . $this->responseType;
$urlBuilder[] = "scope=" . $this->scope;
$urlBuilder[] = "state=" . $this->state;
$urlBuilder[] = "redirect_uri=" . urlencode($this->redirectURL);
return $this->dialog . "?" . implode("&", $urlBuilder);
}
protected function getToken() {
$tokenBuilder = [];
$tokenBuilder["client_id"] = $this->clientId;
$tokenBuilder["client_secret"] = $this->client_secret;
$tokenBuilder["grant_type"] = "authorization_code";
$tokenBuilder["redirect_uri"] = htmlspecialchars($this->redirectURL);
$tokenBuilder["code"] = $this->request["code"];
$curl = new ccurl($this->accessToken);
$curl->setPost($tokenBuilder);
$curl->createCurl();
return (string)$curl;
}
protected function parseToken() {
$token = $this->getToken();
$convertedToken = json_decode($token, true);
if (!$convertedToken) {
$realToken = $token;
} else {
$realToken = $convertedToken["access_token"];
}
return $realToken;
}
public function getProfile() {
$token = $this->parseToken();
$profileUrl = $this->profile . "=" . $token;
$curl = new ccurl($profileUrl);
$curl->addHeader($this->header . " " . $token);
$curl->createCurl();
$this->profileData = json_decode((string)$curl, true);
return (string)$curl;
}
public function getEmail() {
return null;
}
public function getFirstName() {
return null;
}
public function getLastName() {
return null;
}
public function getGender() {
return null;
}
public function getId() {
return null;
}
public function getRawProfile() {
return $this->profileData;
}
public function getSource() {
return null;
}
}

149
ccurl.php 100644
View File

@ -0,0 +1,149 @@
<?php
namespace phpoauthlib2;
// Copied from PHP manual comment section:
// http://php.net/manual/en/book.curl.php#90821
// Modified to fit Inefero's/srchub needs
// Now used for oauth lib
class ccurl {
protected $_useragent = 'phpoauthlib2 (http://www.srchub.org); https://srchub.org/p/phpoauthlib2 PHPOAuthLib';
protected $_url;
protected $_followlocation;
protected $_timeout;
protected $_maxRedirects;
protected $_cookieFileLocation = './cookie.txt';
protected $_post;
protected $_postFields;
protected $_referer ="";
// Get around some broken webservers *cough*IIS*cough*?
// http://stackoverflow.com/questions/14459704/does-empty-expect-header-mean-anything
protected $_header = array('Expect:');
protected $_session;
protected $_webpage;
protected $_includeHeader;
protected $_noBody;
protected $_status;
protected $_binaryTransfer;
public $authentication = 0;
public $auth_name = '';
public $auth_pass = '';
public function useAuth($use){
$this->authentication = 0;
if($use == true) $this->authentication = 1;
}
public function setName($name){
$this->auth_name = $name;
}
public function setPass($pass){
$this->auth_pass = $pass;
}
public function addHeader($head)
{
$this->_header[] = $head;
}
public function __construct($url,$followlocation = true,$timeOut = 30,$maxRedirecs = 4,$binaryTransfer = false,$includeHeader = false,$noBody = false)
{
$this->_url = $url;
$this->_followlocation = $followlocation;
$this->_timeout = $timeOut;
$this->_maxRedirects = $maxRedirecs;
$this->_noBody = $noBody;
$this->_includeHeader = $includeHeader;
$this->_binaryTransfer = $binaryTransfer;
$this->_cookieFileLocation = dirname(__FILE__).'/cookie.txt';
}
public function setReferer($referer){
$this->_referer = $referer;
}
public function setCookiFileLocation($path)
{
$this->_cookieFileLocation = $path;
}
public function setPost ($postFields)
{
$this->_post = true;
$this->_postFields = $postFields;
}
public function setUserAgent($userAgent)
{
$this->_useragent = $userAgent;
}
public function createCurl($url = 'nul')
{
if($url != 'nul'){
$this->_url = $url;
}
$s = curl_init();
curl_setopt($s,CURLOPT_URL,$this->_url);
// I understand the implications here - but this isn't a client application
// if my ISP is performing MITM sniffing I have bigger fish to fry
// also the security of a CA signed certificate is questionable at best
// https://www.schneier.com/blog/archives/2012/02/verisign_hacked.html
// Email me if you want to discus this adamsna@datanethost.net
// NA - 12/10/2014
curl_setopt($s, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($s,CURLOPT_HTTPHEADER,$this->_header);
curl_setopt($s,CURLOPT_TIMEOUT,$this->_timeout);
curl_setopt($s,CURLOPT_MAXREDIRS,$this->_maxRedirects);
curl_setopt($s,CURLOPT_RETURNTRANSFER,true);
curl_setopt($s,CURLOPT_FOLLOWLOCATION,$this->_followlocation);
curl_setopt($s,CURLOPT_COOKIEJAR,$this->_cookieFileLocation);
curl_setopt($s,CURLOPT_COOKIEFILE,$this->_cookieFileLocation);
if($this->authentication == 1){
curl_setopt($s, CURLOPT_USERPWD, $this->auth_name.':'.$this->auth_pass);
}
if($this->_post)
{
//curl_setopt($s,CURLOPT_POST,true);
curl_setopt($s, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($s,CURLOPT_POSTFIELDS,$this->_postFields);
}
if($this->_includeHeader)
{
curl_setopt($s,CURLOPT_HEADER,true);
}
if($this->_noBody)
{
curl_setopt($s,CURLOPT_NOBODY,true);
}
curl_setopt($s,CURLOPT_USERAGENT,$this->_useragent);
curl_setopt($s,CURLOPT_REFERER,$this->_referer);
$this->_webpage = curl_exec($s);
$this->_status = curl_getinfo($s,CURLINFO_HTTP_CODE);
curl_close($s);
}
public function getHttpStatus()
{
return $this->_status;
}
public function __tostring(){
return $this->_webpage;
}
}

24
example.php 100644
View File

@ -0,0 +1,24 @@
<?php
use \phpoauthlib2\providers\GoogleAuthProvider;
use \phpoauthlib2\OAuth;
require 'OAuth.php';
require 'providers/GoogleAuthProvider.php';
$authProvider = new GoogleAuthProvider($_GET, [
"client_id" => "apps.googleusercontent.com",
"client_secret" => "<KEY>",
"redirect_uri" => "http://example.com/phpoauthlib2/example.php"
]);
$oauth = new OAuth($authProvider, $_GET);
$check = $oauth->check();
if ($check === true) {
echo "Hello - " . $authProvider->getFirstName();
echo "<br>Your email is - " . $authProvider->getEmail();
} else {
header("Location: " . $check);
}

70
providers/FacebookAuthProvider.php 100644
View File

@ -0,0 +1,70 @@
<?php
namespace phpoauthlib2\providers;
require "OAuthDataProvider.php";
use phpoauthlib2\ccurl;
use phpoauthlib2\OAUTH_SCOPES;
use phpoauthlib2\OAuthDataProvider;
class FacebookAuthProvider extends OAuthDataProvider {
public function __construct($request, $conf, $scopes=[OAUTH_SCOPES::EMAIL]) {
parent::__construct(
"https://graph.facebook.com/me",
"https://www.facebook.com/dialog/oauth",
"https://graph.facebook.com/oauth/access_token",
$request
);
$this->client_secret = $conf["client_secret"];
$this->redirectURL = $conf["redirect_uri"];
$this->clientId = $conf["client_id"];
$tempScopes = [];
foreach($scopes as $scope) {
switch ($scope) {
case OAUTH_SCOPES::EMAIL:
$tempScopes[] = "email";
}
}
$tempScopes[] = "public_profile";
$this->scope = implode(" ", $tempScopes);
}
public function getEmail() {
return $this->profileData["email"];
}
public function getFirstName() {
return $this->profileData["first_name"];
}
public function getLastName() {
return $this->profileData["last_name"];
}
public function getId() {
return $this->profileData["id"];
}
public function getSource() {
return "FACEBOOK";
}
public function parseToken() {
$token = $this->getToken();
return explode("=", $token)[1];
}
public function getProfile() {
$token = $this->parseToken();
$profileUrl = $this->profile . "?fields=first_name,last_name,name,email,age_range&access_token=" . $token;
$curl = new ccurl($profileUrl);
$curl->createCurl();
$ret = (string)$curl;
$this->profileData = json_decode($ret, true);
return $ret;
}
}

57
providers/GoogleAuthProvider.php 100644
View File

@ -0,0 +1,57 @@
<?php
namespace phpoauthlib2\providers;
require "OAuthDataProvider.php";
use phpoauthlib2\ccurl;
use phpoauthlib2\OAUTH_SCOPES;
use phpoauthlib2\OAuthDataProvider;
class GoogleAuthProvider extends OAuthDataProvider {
public function __construct($request, $conf, $scopes=[OAUTH_SCOPES::EMAIL]) {
parent::__construct(
"https://www.googleapis.com/oauth2/v1/userinfo?access_token",
"https://accounts.google.com/o/oauth2/auth",
"https://accounts.google.com/o/oauth2/token", $request);
$this->client_secret = $conf["client_secret"];
$this->redirectURL = $conf["redirect_uri"];
$this->clientId = $conf["client_id"];
$tmpScopes = [];
foreach($scopes as $scope) {
switch ($scope) {
case OAUTH_SCOPES::EMAIL:
$tmpScopes[] = "https://www.googleapis.com/auth/userinfo.email";
}
}
$this->scope = implode(" ", $tmpScopes);
}
public function getEmail() {
return $this->profileData["email"];
}
public function getFirstName() {
return $this->profileData["given_name"];
}
public function getLastName() {
return $this->profileData["family_name"];
}
public function getGender() {
return $this->profileData["gender"];
}
public function getId() {
return $this->profileData["id"];
}
public function getSource() {
return "GOOGLE";
}
}