From 38043b145fa37c7ad59121e59ec760c28ee50b67 Mon Sep 17 00:00:00 2001
From: Nathan Adams <adamsna@datanethost.net>
Date: Sat, 17 Oct 2015 18:12:46 -0500
Subject: [PATCH] Initial commit

---
 OAuth.php                          |  26 +++++
 OAuthDataProvider.php              | 113 ++++++++++++++++++++++
 ccurl.php                          | 149 +++++++++++++++++++++++++++++
 example.php                        |  24 +++++
 providers/FacebookAuthProvider.php |  70 ++++++++++++++
 providers/GoogleAuthProvider.php   |  57 +++++++++++
 6 files changed, 439 insertions(+)
 create mode 100644 OAuth.php
 create mode 100644 OAuthDataProvider.php
 create mode 100644 ccurl.php
 create mode 100644 example.php
 create mode 100644 providers/FacebookAuthProvider.php
 create mode 100644 providers/GoogleAuthProvider.php

diff --git a/OAuth.php b/OAuth.php
new file mode 100644
index 0000000..5771a5a
--- /dev/null
+++ b/OAuth.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace phpoauthlib2;
+
+class OAuth {
+    protected $oauthProvider = null;
+    protected $request = null;
+
+    public function __construct($provider, $request) {
+        $this->oauthProvider = $provider;
+        $this->request = $request;
+    }
+
+    public function check() {
+        if (isset($this->request["code"]) && !empty($this->request["code"])) {
+            $this->oauthProvider->getProfile();
+            return true;
+        } else {
+            return $this->oauthProvider->getLoginUrl();
+        }
+    }
+
+    public function getProfile() {
+        return $this->oauthProvider->getProfile();
+    }
+}
\ No newline at end of file
diff --git a/OAuthDataProvider.php b/OAuthDataProvider.php
new file mode 100644
index 0000000..42baba8
--- /dev/null
+++ b/OAuthDataProvider.php
@@ -0,0 +1,113 @@
+<?php
+
+namespace phpoauthlib2;
+
+require "ccurl.php";
+
+use phpoauthlib2\ccurl;
+
+class OAUTH_SCOPES {
+    const EMAIL = "EMAIL";
+}
+
+class OAuthDataProvider {
+    protected $version = "2.0";
+    protected $name = "undefined";
+    protected $responseType = "code";
+    protected $header = "Authorization: Bearer";
+    protected $profile = "";
+    protected $dialog = "";
+    protected $nonce = null;
+    protected $accessToken = null;
+
+    protected $state = "";
+    protected $redirectURL = "";
+    protected $scope = "";
+    protected $clientId = "";
+    protected $client_secret = "";
+
+    protected $request = null;
+    protected $profileData = [];
+
+    public function __construct($profile, $dialog, $accessToken, $request, $header="Authorization: Bearer") {
+        $this->profile = $profile;
+        $this->dialog = $dialog;
+        $this->accessToken = $accessToken;
+        $this->header = $header;
+        $this->request = $request;
+    }
+
+    public function getLoginUrl() {
+        $urlBuilder = [];
+        $urlBuilder[] = "client_id=" . $this->clientId;
+        $urlBuilder[] = "response_type=" . $this->responseType;
+        $urlBuilder[] = "scope=" . $this->scope;
+        $urlBuilder[] = "state=" . $this->state;
+        $urlBuilder[] = "redirect_uri=" . urlencode($this->redirectURL);
+        return $this->dialog . "?" . implode("&", $urlBuilder);
+    }
+
+    protected function getToken() {
+        $tokenBuilder = [];
+        $tokenBuilder["client_id"] = $this->clientId;
+        $tokenBuilder["client_secret"] = $this->client_secret;
+        $tokenBuilder["grant_type"] = "authorization_code";
+        $tokenBuilder["redirect_uri"] = htmlspecialchars($this->redirectURL);
+        $tokenBuilder["code"] = $this->request["code"];
+        $curl = new ccurl($this->accessToken);
+        $curl->setPost($tokenBuilder);
+        $curl->createCurl();
+        return (string)$curl;
+    }
+
+    protected function parseToken() {
+        $token = $this->getToken();
+        $convertedToken = json_decode($token, true);
+        if (!$convertedToken) {
+            $realToken = $token;
+        } else {
+            $realToken = $convertedToken["access_token"];
+        }
+
+        return $realToken;
+    }
+
+    public function getProfile() {
+        $token = $this->parseToken();
+
+        $profileUrl = $this->profile . "=" . $token;
+        $curl = new ccurl($profileUrl);
+        $curl->addHeader($this->header . " " . $token);
+        $curl->createCurl();
+        $this->profileData = json_decode((string)$curl, true);
+        return (string)$curl;
+    }
+
+    public function getEmail() {
+        return null;
+    }
+
+    public function getFirstName() {
+        return null;
+    }
+
+    public function getLastName() {
+        return null;
+    }
+
+    public function getGender() {
+        return null;
+    }
+
+    public function getId() {
+        return null;
+    }
+
+    public function getRawProfile() {
+        return $this->profileData;
+    }
+
+    public function getSource() {
+        return null;
+    }
+}
\ No newline at end of file
diff --git a/ccurl.php b/ccurl.php
new file mode 100644
index 0000000..d66ec60
--- /dev/null
+++ b/ccurl.php
@@ -0,0 +1,149 @@
+<?php
+
+namespace phpoauthlib2;
+
+// Copied from PHP manual comment section:
+// http://php.net/manual/en/book.curl.php#90821
+// Modified to fit Inefero's/srchub needs
+// Now used for oauth lib
+class ccurl {
+    protected $_useragent = 'phpoauthlib2 (http://www.srchub.org); https://srchub.org/p/phpoauthlib2 PHPOAuthLib';
+    protected $_url;
+    protected $_followlocation;
+    protected $_timeout;
+    protected $_maxRedirects;
+    protected $_cookieFileLocation = './cookie.txt';
+    protected $_post;
+    protected $_postFields;
+    protected $_referer ="";
+
+    // Get around some broken webservers *cough*IIS*cough*?
+    // http://stackoverflow.com/questions/14459704/does-empty-expect-header-mean-anything
+    protected $_header = array('Expect:');
+
+    protected $_session;
+    protected $_webpage;
+    protected $_includeHeader;
+    protected $_noBody;
+    protected $_status;
+    protected $_binaryTransfer;
+    public    $authentication = 0;
+    public    $auth_name      = '';
+    public    $auth_pass      = '';
+
+    public function useAuth($use){
+        $this->authentication = 0;
+        if($use == true) $this->authentication = 1;
+    }
+
+    public function setName($name){
+        $this->auth_name = $name;
+    }
+    public function setPass($pass){
+        $this->auth_pass = $pass;
+    }
+
+    public function addHeader($head)
+    {
+        $this->_header[] = $head;
+    }
+
+    public function __construct($url,$followlocation = true,$timeOut = 30,$maxRedirecs = 4,$binaryTransfer = false,$includeHeader = false,$noBody = false)
+    {
+        $this->_url = $url;
+        $this->_followlocation = $followlocation;
+        $this->_timeout = $timeOut;
+        $this->_maxRedirects = $maxRedirecs;
+        $this->_noBody = $noBody;
+        $this->_includeHeader = $includeHeader;
+        $this->_binaryTransfer = $binaryTransfer;
+
+        $this->_cookieFileLocation = dirname(__FILE__).'/cookie.txt';
+
+    }
+
+    public function setReferer($referer){
+        $this->_referer = $referer;
+    }
+
+    public function setCookiFileLocation($path)
+    {
+        $this->_cookieFileLocation = $path;
+    }
+
+    public function setPost ($postFields)
+    {
+        $this->_post = true;
+        $this->_postFields = $postFields;
+    }
+
+    public function setUserAgent($userAgent)
+    {
+        $this->_useragent = $userAgent;
+    }
+
+    public function createCurl($url = 'nul')
+    {
+        if($url != 'nul'){
+            $this->_url = $url;
+        }
+
+        $s = curl_init();
+
+        curl_setopt($s,CURLOPT_URL,$this->_url);
+
+        // I understand the implications here - but this isn't a client application
+        // if my ISP is performing MITM sniffing I have bigger fish to fry
+        // also the security of a CA signed certificate is questionable at best
+        // https://www.schneier.com/blog/archives/2012/02/verisign_hacked.html
+        // Email me if you want to discus this adamsna@datanethost.net
+        // NA - 12/10/2014
+        curl_setopt($s, CURLOPT_SSL_VERIFYPEER, false);
+
+        curl_setopt($s,CURLOPT_HTTPHEADER,$this->_header);
+        curl_setopt($s,CURLOPT_TIMEOUT,$this->_timeout);
+        curl_setopt($s,CURLOPT_MAXREDIRS,$this->_maxRedirects);
+        curl_setopt($s,CURLOPT_RETURNTRANSFER,true);
+        curl_setopt($s,CURLOPT_FOLLOWLOCATION,$this->_followlocation);
+        curl_setopt($s,CURLOPT_COOKIEJAR,$this->_cookieFileLocation);
+        curl_setopt($s,CURLOPT_COOKIEFILE,$this->_cookieFileLocation);
+
+        if($this->authentication == 1){
+            curl_setopt($s, CURLOPT_USERPWD, $this->auth_name.':'.$this->auth_pass);
+        }
+        if($this->_post)
+        {
+            //curl_setopt($s,CURLOPT_POST,true);
+            curl_setopt($s, CURLOPT_CUSTOMREQUEST, "POST");
+            curl_setopt($s,CURLOPT_POSTFIELDS,$this->_postFields);
+
+        }
+
+        if($this->_includeHeader)
+        {
+            curl_setopt($s,CURLOPT_HEADER,true);
+        }
+
+        if($this->_noBody)
+        {
+            curl_setopt($s,CURLOPT_NOBODY,true);
+        }
+
+        curl_setopt($s,CURLOPT_USERAGENT,$this->_useragent);
+        curl_setopt($s,CURLOPT_REFERER,$this->_referer);
+
+        $this->_webpage = curl_exec($s);
+        $this->_status = curl_getinfo($s,CURLINFO_HTTP_CODE);
+        curl_close($s);
+
+    }
+
+    public function getHttpStatus()
+    {
+        return $this->_status;
+    }
+
+    public function __tostring(){
+        return $this->_webpage;
+    }
+}
\ No newline at end of file
diff --git a/example.php b/example.php
new file mode 100644
index 0000000..5a4813f
--- /dev/null
+++ b/example.php
@@ -0,0 +1,24 @@
+<?php
+
+use \phpoauthlib2\providers\GoogleAuthProvider;
+use \phpoauthlib2\OAuth;
+
+require 'OAuth.php';
+require 'providers/GoogleAuthProvider.php';
+
+$authProvider = new GoogleAuthProvider($_GET, [
+    "client_id" => "apps.googleusercontent.com",
+    "client_secret" => "<KEY>",
+    "redirect_uri" => "http://example.com/phpoauthlib2/example.php"
+]);
+
+$oauth = new OAuth($authProvider, $_GET);
+
+$check = $oauth->check();
+
+if ($check === true) {
+    echo "Hello - " . $authProvider->getFirstName();
+    echo "<br>Your email is - " . $authProvider->getEmail();
+} else {
+    header("Location: " . $check);
+}
\ No newline at end of file
diff --git a/providers/FacebookAuthProvider.php b/providers/FacebookAuthProvider.php
new file mode 100644
index 0000000..9e62045
--- /dev/null
+++ b/providers/FacebookAuthProvider.php
@@ -0,0 +1,70 @@
+<?php
+
+namespace phpoauthlib2\providers;
+
+require "OAuthDataProvider.php";
+
+use phpoauthlib2\ccurl;
+use phpoauthlib2\OAUTH_SCOPES;
+use phpoauthlib2\OAuthDataProvider;
+
+class FacebookAuthProvider extends OAuthDataProvider {
+
+    public function __construct($request, $conf, $scopes=[OAUTH_SCOPES::EMAIL]) {
+        parent::__construct(
+            "https://graph.facebook.com/me",
+            "https://www.facebook.com/dialog/oauth",
+            "https://graph.facebook.com/oauth/access_token",
+            $request
+        );
+
+        $this->client_secret = $conf["client_secret"];
+        $this->redirectURL = $conf["redirect_uri"];
+        $this->clientId = $conf["client_id"];
+        $tempScopes = [];
+        foreach($scopes as $scope) {
+            switch ($scope) {
+                case OAUTH_SCOPES::EMAIL:
+                    $tempScopes[] = "email";
+            }
+        }
+        $tempScopes[] = "public_profile";
+        $this->scope = implode(" ", $tempScopes);
+    }
+
+    public function getEmail() {
+        return $this->profileData["email"];
+    }
+
+    public function getFirstName() {
+        return $this->profileData["first_name"];
+    }
+
+    public function getLastName() {
+        return $this->profileData["last_name"];
+    }
+
+    public function getId() {
+        return $this->profileData["id"];
+    }
+
+    public function getSource() {
+        return "FACEBOOK";
+    }
+
+    public function parseToken() {
+        $token = $this->getToken();
+        return explode("=", $token)[1];
+    }
+
+    public function getProfile() {
+        $token = $this->parseToken();
+        $profileUrl = $this->profile . "?fields=first_name,last_name,name,email,age_range&access_token=" . $token;
+        $curl = new ccurl($profileUrl);
+        $curl->createCurl();
+        $ret = (string)$curl;
+        $this->profileData = json_decode($ret, true);
+        return $ret;
+    }
+
+}
\ No newline at end of file
diff --git a/providers/GoogleAuthProvider.php b/providers/GoogleAuthProvider.php
new file mode 100644
index 0000000..6eaeaa4
--- /dev/null
+++ b/providers/GoogleAuthProvider.php
@@ -0,0 +1,57 @@
+<?php
+
+namespace phpoauthlib2\providers;
+
+require "OAuthDataProvider.php";
+
+use phpoauthlib2\ccurl;
+use phpoauthlib2\OAUTH_SCOPES;
+use phpoauthlib2\OAuthDataProvider;
+
+class GoogleAuthProvider extends OAuthDataProvider {
+
+    public function __construct($request, $conf, $scopes=[OAUTH_SCOPES::EMAIL]) {
+        parent::__construct(
+            "https://www.googleapis.com/oauth2/v1/userinfo?access_token",
+            "https://accounts.google.com/o/oauth2/auth",
+            "https://accounts.google.com/o/oauth2/token", $request);
+
+        $this->client_secret = $conf["client_secret"];
+        $this->redirectURL = $conf["redirect_uri"];
+        $this->clientId = $conf["client_id"];
+
+        $tmpScopes = [];
+        foreach($scopes as $scope) {
+            switch ($scope) {
+                case OAUTH_SCOPES::EMAIL:
+                    $tmpScopes[] = "https://www.googleapis.com/auth/userinfo.email";
+            }
+        }
+
+        $this->scope = implode(" ", $tmpScopes);
+    }
+
+    public function getEmail() {
+        return $this->profileData["email"];
+    }
+
+    public function getFirstName() {
+        return $this->profileData["given_name"];
+    }
+
+    public function getLastName() {
+        return $this->profileData["family_name"];
+    }
+
+    public function getGender() {
+        return $this->profileData["gender"];
+    }
+
+    public function getId() {
+        return $this->profileData["id"];
+    }
+
+    public function getSource() {
+        return "GOOGLE";
+    }
+}
\ No newline at end of file