From 507083a253f478f52bdd182b1b1e56f5ab9901e6 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Thu, 15 May 2014 20:02:55 +0200 Subject: [PATCH 01/28] moved ssl verif set and session set from construct to respective methods --- src/OAuth_io/OAuth.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/OAuth_io/OAuth.php b/src/OAuth_io/OAuth.php index 5f3735b..9184210 100644 --- a/src/OAuth_io/OAuth.php +++ b/src/OAuth_io/OAuth.php @@ -10,12 +10,18 @@ class OAuth { * * */ - public function __construct(&$session = null, $ssl_verification = true) { + public function __construct() { $this->injector = Injector::getInstance(); + } + + public function setSslVerification($ssl_verification) { + $this->injector->ssl_verification = $ssl_verification; + } + + public function setSession(&$session) { if (is_array($session)) { $this->injector->session = & $session; } - $this->injector->ssl_verification = $ssl_verification; } /** From 189364f9ef04b47456404ebb297cbcb04bf34ef4 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Thu, 15 May 2014 20:47:27 +0200 Subject: [PATCH 02/28] fixed response for me --- src/OAuth_io/Request.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/OAuth_io/Request.php b/src/OAuth_io/Request.php index de2798e..6bd4b6b 100644 --- a/src/OAuth_io/Request.php +++ b/src/OAuth_io/Request.php @@ -80,27 +80,27 @@ private function makeMeRequest($filters) { } public function get($url) { - return (array) $this->makeRequest('GET', $url)->body; + return (array) $this->makeRequest('GET', $url)->body->data; } public function post($url, $fields) { - return (array) $this->makeRequest('POST', $url, $fields)->body; + return (array) $this->makeRequest('POST', $url, $fields)->body->data; } public function put($url, $fields) { - return (array) $this->makeRequest('PUT', $url, $fields)->body; + return (array) $this->makeRequest('PUT', $url, $fields)->body->data; } public function del($url) { - return (array) $this->makeRequest('DELETE', $url)->body; + return (array) $this->makeRequest('DELETE', $url)->body->data; } public function patch($url, $fields) { - return (array) $this->makeRequest('PATCH', $url, $fields)->body; + return (array) $this->makeRequest('PATCH', $url, $fields)->body->data; } public function me($filters=null) { - $body = $this->makeMeRequest($filters)->body; + $body = $this->makeMeRequest($filters)->body->data; return (array) $body; } -} +} \ No newline at end of file From b86023efebfa5001976aded7a771a10bc4da17c0 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Thu, 15 May 2014 20:49:35 +0200 Subject: [PATCH 03/28] fixed response for requests --- src/OAuth_io/Request.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/OAuth_io/Request.php b/src/OAuth_io/Request.php index 6bd4b6b..ab68ea4 100644 --- a/src/OAuth_io/Request.php +++ b/src/OAuth_io/Request.php @@ -80,19 +80,19 @@ private function makeMeRequest($filters) { } public function get($url) { - return (array) $this->makeRequest('GET', $url)->body->data; + return (array) $this->makeRequest('GET', $url)->body; } public function post($url, $fields) { - return (array) $this->makeRequest('POST', $url, $fields)->body->data; + return (array) $this->makeRequest('POST', $url, $fields)->body; } public function put($url, $fields) { - return (array) $this->makeRequest('PUT', $url, $fields)->body->data; + return (array) $this->makeRequest('PUT', $url, $fields)->body; } public function del($url) { - return (array) $this->makeRequest('DELETE', $url)->body->data; + return (array) $this->makeRequest('DELETE', $url)->body; } public function patch($url, $fields) { From 4b29bb73d8858d5e7281c4b45676c848254f6f13 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Thu, 15 May 2014 21:37:54 +0200 Subject: [PATCH 04/28] fixed problem with %2C for me request --- src/OAuth_io/HttpWrapper.php | 2 ++ src/OAuth_io/Request.php | 7 +++++++ 2 files changed, 9 insertions(+) diff --git a/src/OAuth_io/HttpWrapper.php b/src/OAuth_io/HttpWrapper.php index ef088b1..4ee4f7d 100644 --- a/src/OAuth_io/HttpWrapper.php +++ b/src/OAuth_io/HttpWrapper.php @@ -28,6 +28,8 @@ public function make_request($options) { $qs = http_build_query($options['qs']); $url.= '?' . $qs; } + $url = str_replace('%2C', ',', $url); + \Unirest::verifyPeer($injector->ssl_verification); if ($options['method'] == 'GET') { $response = \Unirest::get($url, $headers); diff --git a/src/OAuth_io/Request.php b/src/OAuth_io/Request.php index ab68ea4..b9f13bd 100644 --- a/src/OAuth_io/Request.php +++ b/src/OAuth_io/Request.php @@ -69,6 +69,13 @@ private function makeMeRequest($filters) { $headers['oauthv1'] = '1'; } + + if (is_array($filters)) { + $filters = array( + 'filter' => join(',', $filters) + ); + } + $response = $requester->make_request(array( 'method' => 'GET', 'url' => $this->injector->config['oauthd_url'] . '/auth/' . $this->provider . '/me', From fffbc7464bd6474c592a0cd04d7457e55251c3d2 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Thu, 15 May 2014 23:06:29 +0200 Subject: [PATCH 05/28] added deep transformation of objects to array in request responses --- src/OAuth_io/Request.php | 57 ++++++++++++++++++++++++---------------- 1 file changed, 35 insertions(+), 22 deletions(-) diff --git a/src/OAuth_io/Request.php b/src/OAuth_io/Request.php index b9f13bd..199b6bb 100644 --- a/src/OAuth_io/Request.php +++ b/src/OAuth_io/Request.php @@ -14,6 +14,10 @@ public function initialize($provider) { $this->provider = $provider; } + private function object_to_array($obj) { + return json_decode(json_encode($obj), true); + } + private function makeRequest($method, $url, $body_fields = null) { $response = null; if (!isset($this->injector->session['oauthio']['auth'][$this->provider])) { @@ -21,13 +25,13 @@ private function makeRequest($method, $url, $body_fields = null) { } else { $prov_data = $this->injector->session['oauthio']['auth'][$this->provider]; $requester = $this->injector->getRequest(); - + $tokens = array(); $headers = array( 'k' => $this->injector->config['app_key'] ); - + if (isset($prov_data['access_token'])) { $headers['access_token'] = $prov_data['access_token']; } @@ -36,30 +40,32 @@ private function makeRequest($method, $url, $body_fields = null) { $headers['oauth_token_secret'] = $prov_data['oauth_token_secret']; $headers['oauthv1'] = '1'; } - + $response = $requester->make_request(array( 'method' => $method, - 'url' => $this->injector->config['oauthd_url'] . '/request/' . $this->provider . '/' . urlencode($url), - 'headers' => array('oauthio' => http_build_query($headers)), + 'url' => $this->injector->config['oauthd_url'] . '/request/' . $this->provider . '/' . urlencode($url) , + 'headers' => array( + 'oauthio' => http_build_query($headers) + ) , 'body' => is_array($body_fields) ? $body_fields : null )); } return $response; } - + private function makeMeRequest($filters) { if (!isset($this->injector->session['oauthio']['auth'][$this->provider])) { throw new \Exception('Error'); } else { $prov_data = $this->injector->session['oauthio']['auth'][$this->provider]; $requester = $this->injector->getRequest(); - + $tokens = array(); $headers = array( 'k' => $this->injector->config['app_key'] ); - + if (isset($prov_data['access_token'])) { $headers['access_token'] = $prov_data['access_token']; } @@ -68,18 +74,19 @@ private function makeMeRequest($filters) { $headers['oauth_token_secret'] = $prov_data['oauth_token_secret']; $headers['oauthv1'] = '1'; } - - + if (is_array($filters)) { $filters = array( 'filter' => join(',', $filters) ); } - + $response = $requester->make_request(array( 'method' => 'GET', 'url' => $this->injector->config['oauthd_url'] . '/auth/' . $this->provider . '/me', - 'headers' => array('oauthio' => http_build_query($headers)), + 'headers' => array( + 'oauthio' => http_build_query($headers) + ) , 'qs' => is_array($filters) ? $filters : null )); } @@ -87,27 +94,33 @@ private function makeMeRequest($filters) { } public function get($url) { - return (array) $this->makeRequest('GET', $url)->body; + $response = $this->makeRequest('GET', $url)->body; + $response = $this->object_to_array($response); + return $response; } public function post($url, $fields) { - return (array) $this->makeRequest('POST', $url, $fields)->body; + $response = $this->makeRequest('POST', $url, $fields)->body; + return $this->object_to_array($response); } public function put($url, $fields) { - return (array) $this->makeRequest('PUT', $url, $fields)->body; + $response = $this->makeRequest('PUT', $url, $fields)->body; + return $this->object_to_array($response); } public function del($url) { - return (array) $this->makeRequest('DELETE', $url)->body; + $response = $this->makeRequest('DELETE', $url)->body; + return $this->object_to_array($response); } public function patch($url, $fields) { - return (array) $this->makeRequest('PATCH', $url, $fields)->body->data; + $response = $this->makeRequest('PATCH', $url, $fields)->body->data; + return $this->object_to_array($response); } - - public function me($filters=null) { - $body = $this->makeMeRequest($filters)->body->data; - return (array) $body; + + public function me($filters = null) { + $response = $this->makeMeRequest($filters)->body->data; + return $this->object_to_array($response); } -} \ No newline at end of file +} From 21cdc13889aa69b09460c4e7e27aba8b975cfdff Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 10 Jun 2014 11:23:26 +0200 Subject: [PATCH 06/28] Added new auth method --- src/OAuth_io/OAuth.php | 58 +++++++++++++++++++++++++++------------- src/OAuth_io/Request.php | 23 ++++++++-------- 2 files changed, 51 insertions(+), 30 deletions(-) diff --git a/src/OAuth_io/OAuth.php b/src/OAuth_io/OAuth.php index 9184210..6a26ae9 100644 --- a/src/OAuth_io/OAuth.php +++ b/src/OAuth_io/OAuth.php @@ -14,10 +14,16 @@ public function __construct() { $this->injector = Injector::getInstance(); } + /** + * + */ public function setSslVerification($ssl_verification) { $this->injector->ssl_verification = $ssl_verification; } + /** + * + */ public function setSession(&$session) { if (is_array($session)) { $this->injector->session = & $session; @@ -85,30 +91,44 @@ public function generateStateToken() { } return $unique_token; } + + public function refreshCredentials($credentials) { + return $credentials; + } - public function auth($code) { + public function auth($provider, $options = array()) { + // $options can contain code, credentials, or nothing. If nothing --> session call + if (!$this->initialized) { throw new NotInitializedException('You must initialize the OAuth instance.'); } - $request = $this->injector->getRequest(); - $response = $request->make_request(array( - 'method' => 'POST', - 'url' => $this->injector->config['oauthd_url'] . '/auth/access_token', - 'body' => http_build_query(array( - 'code' => $code, - 'key' => $this->injector->config['app_key'], - 'secret' => $this->injector->config['app_secret'] - )) , - 'headers' => array( - 'Content-Type' => 'application/x-www-form-urlencoded' - ) - )); - $result = $response->body; - - if (isset($result->provider)) { - $this->injector->session['oauthio']['auth'][$result->provider] = json_decode(json_encode($result) , true); + if (isset($options['code'])) { + $request = $this->injector->getRequest(); + $response = $request->make_request(array( + 'method' => 'POST', + 'url' => $this->injector->config['oauthd_url'] . '/auth/access_token', + 'body' => http_build_query(array( + 'code' => $code, + 'key' => $this->injector->config['app_key'], + 'secret' => $this->injector->config['app_secret'] + )) , + 'headers' => array( + 'Content-Type' => 'application/x-www-form-urlencoded' + ) + )); + $credentials = $response->body; + if (isset($credentials->provider)) { + $this->injector->session['oauthio']['auth'][$credentials->provider] = json_decode(json_encode($credentials) , true); + } + } else if (isset($options['credentials'])) { + $credentials = $options['credentials']; + } else { + $credentials = $this->injector->session['oauthio']['auth']['provider']; } - return json_decode(json_encode($result) , true); + $credentials = $this->refreshCredentials($credentials); + $request = new Request($credentials); + + return $request; } public function create($provider) { diff --git a/src/OAuth_io/Request.php b/src/OAuth_io/Request.php index 199b6bb..fa70f40 100644 --- a/src/OAuth_io/Request.php +++ b/src/OAuth_io/Request.php @@ -4,14 +4,15 @@ class Request { private $injector; - private $provider; + private $credentials; - public function __construct() { + public function __construct($credentials = array()) { $this->injector = Injector::getInstance(); + $this->credentials = $credentials; } - - public function initialize($provider) { - $this->provider = $provider; + + public function getCredentials() { + return $this->credentials; } private function object_to_array($obj) { @@ -20,10 +21,10 @@ private function object_to_array($obj) { private function makeRequest($method, $url, $body_fields = null) { $response = null; - if (!isset($this->injector->session['oauthio']['auth'][$this->provider])) { + if (!isset($this->credentials)) { throw new NotAuthenticatedException('The user is not authenticated for that provider'); } else { - $prov_data = $this->injector->session['oauthio']['auth'][$this->provider]; + $prov_data = $this->credentials; $requester = $this->injector->getRequest(); $tokens = array(); @@ -43,7 +44,7 @@ private function makeRequest($method, $url, $body_fields = null) { $response = $requester->make_request(array( 'method' => $method, - 'url' => $this->injector->config['oauthd_url'] . '/request/' . $this->provider . '/' . urlencode($url) , + 'url' => $this->injector->config['oauthd_url'] . '/request/' . $this->credentials['provider'] . '/' . urlencode($url) , 'headers' => array( 'oauthio' => http_build_query($headers) ) , @@ -54,10 +55,10 @@ private function makeRequest($method, $url, $body_fields = null) { } private function makeMeRequest($filters) { - if (!isset($this->injector->session['oauthio']['auth'][$this->provider])) { + if (!isset($this->credentials)) { throw new \Exception('Error'); } else { - $prov_data = $this->injector->session['oauthio']['auth'][$this->provider]; + $prov_data = $this->credentials; $requester = $this->injector->getRequest(); $tokens = array(); @@ -83,7 +84,7 @@ private function makeMeRequest($filters) { $response = $requester->make_request(array( 'method' => 'GET', - 'url' => $this->injector->config['oauthd_url'] . '/auth/' . $this->provider . '/me', + 'url' => $this->injector->config['oauthd_url'] . '/auth/' . $this->credentials['provider'] . '/me', 'headers' => array( 'oauthio' => http_build_query($headers) ) , From 9badc3ca6d829220af860e637da9876818ecbecf Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 10 Jun 2014 12:03:29 +0200 Subject: [PATCH 07/28] fixed several bugs in the OAuth class --- src/OAuth_io/OAuth.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/OAuth_io/OAuth.php b/src/OAuth_io/OAuth.php index 6a26ae9..e6bdaf2 100644 --- a/src/OAuth_io/OAuth.php +++ b/src/OAuth_io/OAuth.php @@ -108,7 +108,7 @@ public function auth($provider, $options = array()) { 'method' => 'POST', 'url' => $this->injector->config['oauthd_url'] . '/auth/access_token', 'body' => http_build_query(array( - 'code' => $code, + 'code' => $options['code'], 'key' => $this->injector->config['app_key'], 'secret' => $this->injector->config['app_secret'] )) , @@ -116,14 +116,15 @@ public function auth($provider, $options = array()) { 'Content-Type' => 'application/x-www-form-urlencoded' ) )); - $credentials = $response->body; - if (isset($credentials->provider)) { - $this->injector->session['oauthio']['auth'][$credentials->provider] = json_decode(json_encode($credentials) , true); + $credentials = json_decode(json_encode($response->body), true); + + if (isset($credentials['provider'])) { + $this->injector->session['oauthio']['auth'][$credentials['provider']] = $credentials; } } else if (isset($options['credentials'])) { $credentials = $options['credentials']; } else { - $credentials = $this->injector->session['oauthio']['auth']['provider']; + $credentials = $this->injector->session['oauthio']['auth'][$provider]; } $credentials = $this->refreshCredentials($credentials); $request = new Request($credentials); From e1352806b13af4afd0569fcbbfaeb23b1ab0b38f Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 10 Jun 2014 12:48:13 +0200 Subject: [PATCH 08/28] Added auto token refresh --- src/OAuth_io/OAuth.php | 51 ++++++++++++++----- .../{Request.php => RequestObject.php} | 2 +- 2 files changed, 39 insertions(+), 14 deletions(-) rename src/OAuth_io/{Request.php => RequestObject.php} (99%) diff --git a/src/OAuth_io/OAuth.php b/src/OAuth_io/OAuth.php index e6bdaf2..af8a8d3 100644 --- a/src/OAuth_io/OAuth.php +++ b/src/OAuth_io/OAuth.php @@ -13,16 +13,16 @@ class OAuth { public function __construct() { $this->injector = Injector::getInstance(); } - + /** - * + * */ public function setSslVerification($ssl_verification) { $this->injector->ssl_verification = $ssl_verification; } - + /** - * + * */ public function setSession(&$session) { if (is_array($session)) { @@ -91,14 +91,35 @@ public function generateStateToken() { } return $unique_token; } - - public function refreshCredentials($credentials) { + + public function refreshCredentials($credentials, $force = false) { + $date = new DateTime(); + if (isset($credentials['refresh_token']) && ((isset($credentials['expires']) && $date->getTimestamp() > $credentials['expires']) || $force)) { + $request = $this->injector->getRequest(); + $response = $request->make_request(array( + 'method' => 'POST', + 'url' => $this->injector->config['oauthd_url'] . '/auth/refresh_token/' . $credentials['provider'], + 'body' => http_build_query(array( + 'token' => $options['refresh_token'], + 'key' => $this->injector->config['app_key'], + 'secret' => $this->injector->config['app_secret'] + )) , + 'headers' => array( + 'Content-Type' => 'application/x-www-form-urlencoded' + ) + )); + $refreshed = json_decode(json_encode($response->body) , true); + + foreach ($refreshed as $k => $v) { + $credentials[$k] = $v; + } + } return $credentials; } - + public function auth($provider, $options = array()) { + // $options can contain code, credentials, or nothing. If nothing --> session call - if (!$this->initialized) { throw new NotInitializedException('You must initialize the OAuth instance.'); } @@ -116,8 +137,12 @@ public function auth($provider, $options = array()) { 'Content-Type' => 'application/x-www-form-urlencoded' ) )); - $credentials = json_decode(json_encode($response->body), true); - + $credentials = json_decode(json_encode($response->body) , true); + if (isset($credentials['expires_in'])) { + $date = new \DateTime(); + $credentials['expires'] = $date->getTimestamp() + $credentials->expires_in; + } + if (isset($credentials['provider'])) { $this->injector->session['oauthio']['auth'][$credentials['provider']] = $credentials; } @@ -126,10 +151,10 @@ public function auth($provider, $options = array()) { } else { $credentials = $this->injector->session['oauthio']['auth'][$provider]; } - $credentials = $this->refreshCredentials($credentials); - $request = new Request($credentials); + $credentials = $this->refreshCredentials($credentials, $options['force_refresh']); + $request_object = new Request($credentials); - return $request; + return $request_object; } public function create($provider) { diff --git a/src/OAuth_io/Request.php b/src/OAuth_io/RequestObject.php similarity index 99% rename from src/OAuth_io/Request.php rename to src/OAuth_io/RequestObject.php index fa70f40..fbbf6ae 100644 --- a/src/OAuth_io/Request.php +++ b/src/OAuth_io/RequestObject.php @@ -1,7 +1,7 @@ Date: Tue, 10 Jun 2014 12:49:12 +0200 Subject: [PATCH 09/28] Set version to 0.2.0 for future release --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index fce0383..1293c15 100644 --- a/composer.json +++ b/composer.json @@ -2,7 +2,7 @@ "name": "oauth-io/oauth", "description": "OAuth that just works !", "license": "Apache2", - "version": "0.1.0", + "version": "0.2.0", "authors": [ { "name": "oauth-io", From f12f51715b0b61487c98ff6767b7cf6e33837a21 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 10 Jun 2014 13:01:05 +0200 Subject: [PATCH 10/28] Fixed bug in token refresh --- src/OAuth_io/OAuth.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/OAuth_io/OAuth.php b/src/OAuth_io/OAuth.php index af8a8d3..c16c86e 100644 --- a/src/OAuth_io/OAuth.php +++ b/src/OAuth_io/OAuth.php @@ -93,7 +93,7 @@ public function generateStateToken() { } public function refreshCredentials($credentials, $force = false) { - $date = new DateTime(); + $date = new \DateTime(); if (isset($credentials['refresh_token']) && ((isset($credentials['expires']) && $date->getTimestamp() > $credentials['expires']) || $force)) { $request = $this->injector->getRequest(); $response = $request->make_request(array( @@ -140,7 +140,7 @@ public function auth($provider, $options = array()) { $credentials = json_decode(json_encode($response->body) , true); if (isset($credentials['expires_in'])) { $date = new \DateTime(); - $credentials['expires'] = $date->getTimestamp() + $credentials->expires_in; + $credentials['expires'] = $date->getTimestamp() + $credentials['expires_in']; } if (isset($credentials['provider'])) { @@ -151,8 +151,8 @@ public function auth($provider, $options = array()) { } else { $credentials = $this->injector->session['oauthio']['auth'][$provider]; } - $credentials = $this->refreshCredentials($credentials, $options['force_refresh']); - $request_object = new Request($credentials); + $credentials = $this->refreshCredentials($credentials, isset($options['force_refresh']) ? $options['force_refresh'] : false); + $request_object = new RequestObject($credentials); return $request_object; } From e6f2b6b0b039fdaaf0be96d8c7076c5427bbe5dd Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 10 Jun 2014 16:30:54 +0200 Subject: [PATCH 11/28] Updated the tests for 0.2.0 --- src/OAuth_io/OAuth.php | 24 +- src/OAuth_io/RequestObject.php | 6 +- tests/AuthTest.php | 67 +++++- tests/InitialTest.php | 24 -- tests/RequestsTest.php | 410 +++++++++++++++------------------ 5 files changed, 266 insertions(+), 265 deletions(-) diff --git a/src/OAuth_io/OAuth.php b/src/OAuth_io/OAuth.php index c16c86e..45dd532 100644 --- a/src/OAuth_io/OAuth.php +++ b/src/OAuth_io/OAuth.php @@ -94,13 +94,14 @@ public function generateStateToken() { public function refreshCredentials($credentials, $force = false) { $date = new \DateTime(); + $credentials['refreshed'] = false; if (isset($credentials['refresh_token']) && ((isset($credentials['expires']) && $date->getTimestamp() > $credentials['expires']) || $force)) { $request = $this->injector->getRequest(); $response = $request->make_request(array( 'method' => 'POST', 'url' => $this->injector->config['oauthd_url'] . '/auth/refresh_token/' . $credentials['provider'], 'body' => http_build_query(array( - 'token' => $options['refresh_token'], + 'token' => $credentials['refresh_token'], 'key' => $this->injector->config['app_key'], 'secret' => $this->injector->config['app_secret'] )) , @@ -113,6 +114,8 @@ public function refreshCredentials($credentials, $force = false) { foreach ($refreshed as $k => $v) { $credentials[$k] = $v; } + $credentials['refreshed'] = true; + } return $credentials; } @@ -149,24 +152,15 @@ public function auth($provider, $options = array()) { } else if (isset($options['credentials'])) { $credentials = $options['credentials']; } else { - $credentials = $this->injector->session['oauthio']['auth'][$provider]; + if (isset($this->injector->session['oauthio']['auth'][$provider])) { + $credentials = $this->injector->session['oauthio']['auth'][$provider]; + } else { + throw new NotAuthenticatedException('The user is not authenticated for that provider'); + } } $credentials = $this->refreshCredentials($credentials, isset($options['force_refresh']) ? $options['force_refresh'] : false); $request_object = new RequestObject($credentials); return $request_object; } - - public function create($provider) { - if (!$this->initialized) { - throw new NotInitializedException('You must initialize the OAuth instance.'); - } - if (isset($this->injector->session['oauthio']['auth'][$provider])) { - $request = new Request(); - $request->initialize($provider); - return $request; - } else { - throw new NotAuthenticatedException('The user is not authenticated for that provider'); - } - } } diff --git a/src/OAuth_io/RequestObject.php b/src/OAuth_io/RequestObject.php index fbbf6ae..b06aaeb 100644 --- a/src/OAuth_io/RequestObject.php +++ b/src/OAuth_io/RequestObject.php @@ -14,6 +14,10 @@ public function __construct($credentials = array()) { public function getCredentials() { return $this->credentials; } + + public function wasRefreshed() { + return $this->credentials['refreshed'] == true; + } private function object_to_array($obj) { return json_decode(json_encode($obj), true); @@ -116,7 +120,7 @@ public function del($url) { } public function patch($url, $fields) { - $response = $this->makeRequest('PATCH', $url, $fields)->body->data; + $response = $this->makeRequest('PATCH', $url, $fields)->body; return $this->object_to_array($response); } diff --git a/tests/AuthTest.php b/tests/AuthTest.php index 8d48a75..8e42359 100644 --- a/tests/AuthTest.php +++ b/tests/AuthTest.php @@ -47,7 +47,10 @@ public function testAuthMethodCallsOauthioWithCredentialsAndCode() { $this->request_mock->expects($this->once())->method('make_request')->will($this->returnValue($response)); - $result = $this->oauth->auth('somecode'); + $request_object = $this->oauth->auth('some_provider', array( + 'code' => 'some_code' + )); + $result = $request_object->getCredentials(); $this->assertEquals($result['access_token'], 'someaccesstoken'); $this->assertEquals($result['state'], $this->token); } else { @@ -71,7 +74,10 @@ public function testAuthMethodSetsProviderFieldInSessions() { $this->request_mock->expects($this->once())->method('make_request')->will($this->returnValue($response)); - $result = $this->oauth->auth('somecode'); + $request_object = $this->oauth->auth('some_provider', array( + 'code' => 'somecode' + )); + $result = $request_object->getCredentials(); $this->assertTrue(isset($this->injector->session['oauthio']['auth']['blabla'])); $this->assertEquals('someaccesstoken', $this->injector->session['oauthio']['auth']['blabla']['access_token']); $this->assertEquals($this->token, $this->injector->session['oauthio']['auth']['blabla']['state']); @@ -80,4 +86,61 @@ public function testAuthMethodSetsProviderFieldInSessions() { $this->fail('OAuth::auth() does not exist'); } } + + public function testTokenIsRefreshedWhenCredentialsAreExpired() { + $res = new stdClass(); + $res->access_token = 'someaccesstoken'; + $res->state = $this->token; + $res->provider = 'some_provider'; + $res->refresh_token = 'some_refresh_token'; + $res->expires_in = -50; + $response = new StdClass(); + $response->body = $res; + + $this->request_mock->expects($this->exactly(3))->method('make_request')->will($this->returnValue($response)); + + $this->oauth->auth('some_provider', array( + 'code' => 'somecode' + )); + + $request_object = $this->oauth->auth('some_provider'); + + $credentials = $request_object->getCredentials(); + $this->assertTrue($request_object->wasRefreshed()); + $this->assertTrue($credentials['refreshed']); + } + + public function testTokenIsRefreshedWhenForced() { + $res = new stdClass(); + $res->access_token = 'someaccesstoken'; + $res->state = $this->token; + $res->provider = 'some_provider'; + $res->refresh_token = 'some_refresh_token'; + $res->expires_in = 10000; + $response = new StdClass(); + $response->body = $res; + + $this->request_mock->expects($this->exactly(2))->method('make_request')->will($this->returnValue($response)); + + $this->oauth->auth('some_provider', array( + 'code' => 'somecode' + )); + + $res = new stdClass(); + $res->access_token = 'someaccesstoken'; + $res->expires_in = 3600; + $res->refresh_token = 'some_refresh_token'; + $response = new StdClass(); + $response->body = $res; + + $this->request_mock->expects($this->exactly(1))->method('make_request')->will($this->returnValue($response)); + $request_object = $this->oauth->auth('some_provider', array( + 'force_refresh' => true + )); + + $credentials = $request_object->getCredentials(); + $this->assertTrue($request_object->wasRefreshed()); + $this->assertTrue($credentials['refreshed']); + } + } diff --git a/tests/InitialTest.php b/tests/InitialTest.php index 5daade0..79e19c2 100644 --- a/tests/InitialTest.php +++ b/tests/InitialTest.php @@ -54,28 +54,4 @@ public function testSetOauthdUrlSetsUrlInObject() { $this->fail('methods are missing'); } } - - public function testCallingAuthOrCreateWhenNotInitializedThrowsAnException() { - if (method_exists($this->oauth, 'initialize') ) { - $passed_auth = false; - $passed_create = false; - try { - $this->oauth->auth('somecode'); - } catch (\OAuth_io\NotInitializedException $e) { - $passed_auth = true; - } - - try { - $this->oauth->create('somecode'); - } catch (\OAuth_io\NotInitializedException $e) { - $passed_create = true; - } - - - $this->assertTrue($passed_auth); - $this->assertTrue($passed_create); - } else { - $this->fail('methods are missing'); - } - } } \ No newline at end of file diff --git a/tests/RequestsTest.php b/tests/RequestsTest.php index bd82d7e..ce5098f 100644 --- a/tests/RequestsTest.php +++ b/tests/RequestsTest.php @@ -9,6 +9,7 @@ class RequestsTest extends PHPUnit_Framework_TestCase { protected $adapter_mock; protected $session; protected $injector; + protected $request_object; protected function setUp() { $this->injector = $this->getMockBuilder('OAuth_io\Injector')->getMock(); @@ -31,268 +32,231 @@ protected function setUp() { ); $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnValue($response)); - $result = $this->oauth->auth('somecode'); + $this->request_object = $this->oauth->auth('someprovider', array( + 'code' => 'somecode' + )); } public function testRequestObjectContainsGetPostPutDeleteAndPatchMethods() { - if (method_exists($this->oauth, 'create')) { - - $request_object = $this->oauth->create('someprovider'); - $this->assertTrue(!is_null($request_object)); - $this->assertTrue(method_exists($request_object, 'get')); - $this->assertTrue(method_exists($request_object, 'post')); - $this->assertTrue(method_exists($request_object, 'put')); - $this->assertTrue(method_exists($request_object, 'del')); - $this->assertTrue(method_exists($request_object, 'patch')); - $this->assertTrue(method_exists($request_object, 'me')); - } else { - $this->fail('$oauth->create() does not exist'); - } + + $this->assertTrue(!is_null($this->request_object)); + $this->assertTrue(method_exists($this->request_object, 'get')); + $this->assertTrue(method_exists($this->request_object, 'post')); + $this->assertTrue(method_exists($this->request_object, 'put')); + $this->assertTrue(method_exists($this->request_object, 'del')); + $this->assertTrue(method_exists($this->request_object, 'patch')); + $this->assertTrue(method_exists($this->request_object, 'me')); } public function testRequestObjectGetSendsAGetHttpRequest() { - if (method_exists($this->oauth, 'create')) { + + $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - $request_object = $this->oauth->create('someprovider'); + $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); - $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - - $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); - - $this->assertEquals('GET', $params['method']); - - $this->assertTrue(isset($params['headers'])); - $this->assertTrue(isset($params['headers']['oauthio'])); - - $oauthio = array(); - parse_str($params['headers']['oauthio'], $oauthio); - - $this->assertEquals('somekey', $oauthio['k']); - $this->assertEquals('someaccesstoken', $oauthio['access_token']); - - return (object)array( - 'body' => (object)array( - 'username' => 'Jean-Bernard' - ) - ); - })); - $response = $request_object->get('/some_address'); - - $this->assertTrue(is_array($response)); - $this->assertEquals('Jean-Bernard', $response['username']); - } else { - $this->fail('$oauth->create() does not exist'); - } + $this->assertEquals('GET', $params['method']); + + $this->assertTrue(isset($params['headers'])); + $this->assertTrue(isset($params['headers']['oauthio'])); + + $oauthio = array(); + parse_str($params['headers']['oauthio'], $oauthio); + + $this->assertEquals('somekey', $oauthio['k']); + $this->assertEquals('someaccesstoken', $oauthio['access_token']); + + return (object)array( + 'body' => (object)array( + 'username' => 'Jean-Bernard' + ) + ); + })); + $response = $this->request_object->get('/some_address'); + + $this->assertTrue(is_array($response)); + $this->assertEquals('Jean-Bernard', $response['username']); } public function testRequestObjectPostSendsAPostHttpRequest() { - if (method_exists($this->oauth, 'create')) { - $request_object = $this->oauth->create('someprovider'); + + $fields = array( + 'message' => 'Hello World' + ); + + $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - $fields = array( - 'message' => 'Hello World' - ); + $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); - $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - - $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); - - $this->assertEquals('POST', $params['method']); - - $body = $params['body']; - $this->assertEquals('Hello World', $body['message']); - - $this->assertTrue(isset($params['headers'])); - $this->assertTrue(isset($params['headers']['oauthio'])); - - $oauthio = array(); - parse_str($params['headers']['oauthio'], $oauthio); - - $this->assertEquals('somekey', $oauthio['k']); - $this->assertEquals('someaccesstoken', $oauthio['access_token']); - - return (object)array( - 'body' => (object)array( - 'result' => 'true' - ) - ); - })); + $this->assertEquals('POST', $params['method']); - $response = $request_object->post('/some_address', $fields); + $body = $params['body']; + $this->assertEquals('Hello World', $body['message']); - $this->assertTrue(is_array($response)); - $this->assertEquals('true', $response['result']); - } else { - $this->fail('$oauth->create() does not exist'); - } + $this->assertTrue(isset($params['headers'])); + $this->assertTrue(isset($params['headers']['oauthio'])); + + $oauthio = array(); + parse_str($params['headers']['oauthio'], $oauthio); + + $this->assertEquals('somekey', $oauthio['k']); + $this->assertEquals('someaccesstoken', $oauthio['access_token']); + + return (object)array( + 'body' => (object)array( + 'result' => 'true' + ) + ); + })); + + $response = $this->request_object->post('/some_address', $fields); + + $this->assertTrue(is_array($response)); + $this->assertEquals('true', $response['result']); } public function testRequestObjectPutSendsAPutHttpRequest() { - if (method_exists($this->oauth, 'create')) { - $request_object = $this->oauth->create('someprovider'); + + $fields = array( + 'message' => 'Hello World' + ); + + $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - $fields = array( - 'message' => 'Hello World' - ); + $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); - $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - - $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); - - $this->assertEquals('PUT', $params['method']); - - $body = $params['body']; - $this->assertEquals('Hello World', $body['message']); - - $this->assertTrue(isset($params['headers'])); - $this->assertTrue(isset($params['headers']['oauthio'])); - - $oauthio = array(); - parse_str($params['headers']['oauthio'], $oauthio); - - $this->assertEquals('somekey', $oauthio['k']); - $this->assertEquals('someaccesstoken', $oauthio['access_token']); - - return (object)array( - 'body' => (object)array( - 'result' => 'true' - ) - ); - })); + $this->assertEquals('PUT', $params['method']); - $response = $request_object->put('/some_address', $fields); + $body = $params['body']; + $this->assertEquals('Hello World', $body['message']); - $this->assertTrue(is_array($response)); - $this->assertEquals('true', $response['result']); - } else { - $this->fail('$oauth->create() does not exist'); - } + $this->assertTrue(isset($params['headers'])); + $this->assertTrue(isset($params['headers']['oauthio'])); + + $oauthio = array(); + parse_str($params['headers']['oauthio'], $oauthio); + + $this->assertEquals('somekey', $oauthio['k']); + $this->assertEquals('someaccesstoken', $oauthio['access_token']); + + return (object)array( + 'body' => (object)array( + 'result' => 'true' + ) + ); + })); + + $response = $this->request_object->put('/some_address', $fields); + + $this->assertTrue(is_array($response)); + $this->assertEquals('true', $response['result']); } public function testRequestObjectPatchSendsAPatchHttpRequest() { - if (method_exists($this->oauth, 'create')) { + + $fields = array( + 'message' => 'Hello World' + ); + + $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - $request_object = $this->oauth->create('someprovider'); + $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); - $fields = array( - 'message' => 'Hello World' - ); + $this->assertEquals('PATCH', $params['method']); - $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - - $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); - - $this->assertEquals('PATCH', $params['method']); - - $body = $params['body']; - $this->assertEquals('Hello World', $body['message']); - - $this->assertTrue(isset($params['headers'])); - $this->assertTrue(isset($params['headers']['oauthio'])); - - $oauthio = array(); - parse_str($params['headers']['oauthio'], $oauthio); - - $this->assertEquals('somekey', $oauthio['k']); - $this->assertEquals('someaccesstoken', $oauthio['access_token']); - - return (object)array( - 'body' => (object)array( - 'result' => 'true' - ) - ); - })); - $response = $request_object->patch('/some_address', $fields); - - $this->assertTrue(is_array($response)); - $this->assertEquals('true', $response['result']); - } else { - $this->fail('$oauth->create() does not exist'); - } + $body = $params['body']; + $this->assertEquals('Hello World', $body['message']); + + $this->assertTrue(isset($params['headers'])); + $this->assertTrue(isset($params['headers']['oauthio'])); + + $oauthio = array(); + parse_str($params['headers']['oauthio'], $oauthio); + + $this->assertEquals('somekey', $oauthio['k']); + $this->assertEquals('someaccesstoken', $oauthio['access_token']); + + return (object)array( + 'body' => (object)array( + 'result' => 'true' + ) + ); + })); + $response = $this->request_object->patch('/some_address', $fields); + + $this->assertTrue(is_array($response)); + $this->assertEquals('true', $response['result']); } public function testRequestObjectDelSendsADeleteHttpRequest() { - if (method_exists($this->oauth, 'create')) { - $request_object = $this->oauth->create('someprovider'); + $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - - $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); - - $this->assertEquals('DELETE', $params['method']); - - $this->assertTrue(isset($params['headers'])); - $this->assertTrue(isset($params['headers']['oauthio'])); - - $oauthio = array(); - parse_str($params['headers']['oauthio'], $oauthio); - - $this->assertEquals('somekey', $oauthio['k']); - $this->assertEquals('someaccesstoken', $oauthio['access_token']); - - return (object)array( - 'body' => (object)array( - 'result' => 'true' - ) - ); - })); - $response = $request_object->del('/some_address'); - - $this->assertTrue(is_array($response)); - $this->assertEquals('true', $response['result']); - } else { - $this->fail('$oauth->create() does not exist'); - } + $this->assertEquals('https://oauth.io/request/someprovider/%2Fsome_address', $params['url']); + + $this->assertEquals('DELETE', $params['method']); + + $this->assertTrue(isset($params['headers'])); + $this->assertTrue(isset($params['headers']['oauthio'])); + + $oauthio = array(); + parse_str($params['headers']['oauthio'], $oauthio); + + $this->assertEquals('somekey', $oauthio['k']); + $this->assertEquals('someaccesstoken', $oauthio['access_token']); + + return (object)array( + 'body' => (object)array( + 'result' => 'true' + ) + ); + })); + $response = $this->request_object->del('/some_address'); + + $this->assertTrue(is_array($response)); + $this->assertEquals('true', $response['result']); } - + public function testRequestObjectMeSendsAGetHttpRequestToTheMeEndpoint() { - if (method_exists($this->oauth, 'create')) { - $request_object = $this->oauth->create('someprovider'); + $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - $this->request_mock->expects($this->at(0))->method('make_request')->will($this->returnCallback(function ($params) { - - $this->assertEquals('https://oauth.io/auth/someprovider/me', $params['url']); - - $this->assertEquals('GET', $params['method']); - - $this->assertEquals('name', $params['qs'][0]); - - $this->assertTrue(isset($params['headers'])); - $this->assertTrue(isset($params['headers']['oauthio'])); - - $oauthio = array(); - parse_str($params['headers']['oauthio'], $oauthio); - - $this->assertEquals('somekey', $oauthio['k']); - $this->assertEquals('someaccesstoken', $oauthio['access_token']); - - return (object)array( - 'body' => (object)array( + $this->assertEquals('https://oauth.io/auth/someprovider/me', $params['url']); + + $this->assertEquals('GET', $params['method']); + $this->assertEquals('name', $params['qs']['filter']); + + $this->assertTrue(isset($params['headers'])); + $this->assertTrue(isset($params['headers']['oauthio'])); + + $oauthio = array(); + parse_str($params['headers']['oauthio'], $oauthio); + + $this->assertEquals('somekey', $oauthio['k']); + $this->assertEquals('someaccesstoken', $oauthio['access_token']); + + return (object)array( + 'body' => (object)array( + 'data' => (object)array( 'name' => 'Jean-René Dupont' ) - ); - })); - $response = $request_object->me(array('name')); - - $this->assertTrue(is_array($response)); - $this->assertEquals('Jean-René Dupont', $response['name']); - } else { - $this->fail('$oauth->create() does not exist'); - } + ) + ); + })); + $response = $this->request_object->me(array( + 'name' + )); + + $this->assertTrue(is_array($response)); + $this->assertEquals('Jean-René Dupont', $response['name']); } - + public function testCreateThrowsAnExceptionWhenTheUserIsNotAuthenticatedOnTheAskedProvider() { - if (method_exists($this->oauth, 'create')) { - $passed = false; - try { - $request_object = $this->oauth->create('someprovider2'); - } catch (OAuth_io\NotAuthenticatedException $e) { - $passed = true; - } - - $this->assertTrue($passed); - } else { - $this->fail('$oauth->create() does not exist'); + $passed = false; + try { + $this->request_object = $this->oauth->auth('someprovider2'); } + catch(OAuth_io\NotAuthenticatedException $e) { + $passed = true; + } + + $this->assertTrue($passed); } } From 20b96da47d7b441dcf0e20ea350678831184a6e5 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 10 Jun 2014 18:13:21 +0200 Subject: [PATCH 12/28] Updated the readme for 0.2.0 --- README.md | 97 ++++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 78 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index d9faf3f..3618dbf 100644 --- a/README.md +++ b/README.md @@ -7,9 +7,9 @@ This SDK allows you to use OAuth.io's server-side flow from a PHP backend, to ha You can use it with one of our front-end SDKs ([JavaScript][1], [PhoneGap][2], [iOs][3], [Android][4]), which will handle the user input for the OAuth flow. -This SDK is still under heavy development and some of the features described below may not work yet. You can get nightlies from the [develop branch](https://github.com/oauth-io/sdk-php/tree/develop) on the SDK's github page. +The current version of the SDK is `0.2.0`. Older versions are deprecated. -A release will be posted soon. +You can also get nightlies by checking out our `develop` branch. Common use-Case --------------- @@ -30,15 +30,17 @@ To authenticate a user, the flow follows these steps : - oauth.io responds with the access_token, that you can then store on your backend as long as it's valid - You can then make requests to the API using that access token, directly from your backend +As of `0.2.0` it is possible to get an automatically refreshed access token when a refresh token is available. + Installation ------------ -You will soon be able to install it through Composer by adding the following dependency to your composer.json : +You can install it through Composer by adding the following dependency to your composer.json : ```json "require": { ... - "oauth-io/oauth": "0.1.0" + "oauth-io/oauth": "0.2.0" ... }, ``` @@ -126,17 +128,27 @@ You have to give this token to your front-end, where you can show the user a pop **Auth the user** -To be able to make requests to a provider's API using its access token, you have to call the `auth(code)` method. The code is retrieved from OAuth.io through the from the front-end SDK (see further down). You need to create an endpoint to allow the front-end to send it to the backend. +To be able to make requests to a provider's API using its access token, you have to call the `auth(provider, options)` method first. This method creates a request object from either a code you got from the front-end SDK (for the first time authentication), the session (if the user was authenticated during the same session), or a credentials array that you saved earlier. + +To get a request object from a code (which automatically fills up the session for further use in other endpoints), you can do like this : + +```php +$request_object = $oauth->auth('the_provider', array( + 'code': $code +)); +``` + +`$request_object` is an object that allows you to perform requests (see further down to learn how to), and that contains the user's credentials. -Once you have that code, you can call the method like this : +You can get the credentials array if you need to save them for later use (or for a cron) like this : ```php -$result = $oauth->auth($code); +$credentials = $request_object->getCredentials(); ``` -`$result` is an array containing the access token, which you can use your own way if you want, or thanks to the SDK's request system (see further down). +The `$credentials` array contains the access token, refresh token and other information returned by the provider. -**Retrieving the code from the front-end** +**Retrieving a code from the front-end** ```JavaScript //In the front end, using the JavaScript SDK : @@ -162,15 +174,7 @@ OAuth.popup('a_provider', { **Making requests to the API** -Once the user is authenticated, you can create a request object from the SDK `create('provider')` method : - -```php -create('some_provider'); -//?> -``` - -Then, you can make get, post, put, delete and patch requests to the API like this : +Once you have a request object, you can make requests to the API. ```php me(array('firstname', 'lastname', 'email')); You can refer to the OAuth.io me() feature to get more information about the fields that are returned by this method. +**Using the session** + +Usually, you'll want to make calls to the API several times while the user is connected to your app. Once you've authenticated the user once with a code, the session is automatically configured to work with the SDK. + +Thus, you just need to do this to get a request object: + +```php +$request_object = $oauth->auth('the_provider'); +``` + +**Saving credentials** + +You can also save the user's credentials to make requests in a cron. You can get the credentials array from a request object like this : + +```php +$credentials = $request_object->getCredentials(); +// Here save the $credentials array for later use +``` + + +Then, when you want to reuse these credentials, you can rebuild a $request_object from them: + +```php +$request_object = $oauth->auth('the_provider', array( + 'credentials' => $credentials +)); +``` + +**Refreshing the token** + +If a refresh token is available and the access token is expired, the `auth` method will automatically use that refresh token to get a new access token. + +You can force the renewal by passing the `force_refresh` field in the options array: + +```php +$request_object = $oauth->auth('the_provider', array( + 'credentials' => $credentials, + 'force_refresh' => true +)); +``` + +You can also directly refresh a credentials array like this: + +```php +$refreshed_credentials = $oauth->refreshCredentials($old_credentials); +``` Contributing to this SDK ------------------------ @@ -206,7 +256,16 @@ Please discuss issues and features on Github Issues. We'll be happy to answer to **Pull requests** -You are welcome to fork this SDK and to make pull requests on Github. We'll review each of them, and integrate in a future release if they are relevant. +You are welcome to fork and make pull requests. We appreciate the time you spend working on this project and we will be happy to review your code and merge it if it brings nice improvements :) + +If you want to do a pull request, please mind these simple rules : + +- *One feature per pull request* +- *Write lear commit messages* +- *Unit test your feature* : if it's a bug fix for example, write a test that proves the bug exists and that your fix resolves it. +- *Write a clear description of the pull request* + +If you do so, we'll be able to merge your pull request more quickly :) The SDK is written as a Composer module. You can install its dependencies like this : From 3a6409d0184898a96338a964eafda980c94b71ea Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Wed, 11 Jun 2014 00:49:36 +0200 Subject: [PATCH 13/28] Added features list to README --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index 3618dbf..78547e2 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,14 @@ The current version of the SDK is `0.2.0`. Older versions are deprecated. You can also get nightlies by checking out our `develop` branch. +Features +-------- + +- Server-side OAuth authentication flow +- Requests to API from the backend +- Unified user information (`.me()` method) requests when available +- Access token renewal with the refresh_token when available + Common use-Case --------------- From 426aad993467ec54aef129141499592aa7bdb8cd Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Wed, 11 Jun 2014 00:57:28 +0200 Subject: [PATCH 14/28] Small fixes to README --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 78547e2..15e53ce 100644 --- a/README.md +++ b/README.md @@ -163,7 +163,9 @@ The `$credentials` array contains the access token, refresh token and other info OAuth.initialize('your_key'); OAuth.popup('a_provider', { - state: 'the_token_retrieved_from_your_backend' + // The state token you got from the backend + // through $oauth->generateStateToken(): + state: 'state_token' }) .done(function (r) { //You need to give r.code to your backend @@ -269,7 +271,7 @@ You are welcome to fork and make pull requests. We appreciate the time you spend If you want to do a pull request, please mind these simple rules : - *One feature per pull request* -- *Write lear commit messages* +- *Write clear commit messages* - *Unit test your feature* : if it's a bug fix for example, write a test that proves the bug exists and that your fix resolves it. - *Write a clear description of the pull request* From 4fcd7bd646aac25d15b6866b2a7f63a5403fcf67 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Fri, 1 Aug 2014 17:33:26 +0200 Subject: [PATCH 15/28] Added management of base field of oauthd --- src/OAuth_io/Injector.php | 1 + src/OAuth_io/OAuth.php | 7 ++++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/src/OAuth_io/Injector.php b/src/OAuth_io/Injector.php index 912c010..48486da 100644 --- a/src/OAuth_io/Injector.php +++ b/src/OAuth_io/Injector.php @@ -8,6 +8,7 @@ class Injector { public $session; public $config = array( 'oauthd_url' => 'https://oauth.io', + 'oauthd_base' => '/auth', 'app_key' => '', 'app_secret' => '' ); diff --git a/src/OAuth_io/OAuth.php b/src/OAuth_io/OAuth.php index 45dd532..f86b0db 100644 --- a/src/OAuth_io/OAuth.php +++ b/src/OAuth_io/OAuth.php @@ -51,8 +51,9 @@ public function getOAuthdUrl() { * * */ - public function setOAuthdUrl($url) { + public function setOAuthdUrl($url, $base = '/auth') { $this->injector->config['oauthd_url'] = $url; + $this->injector->config['oauthd_base'] = $base; } /** @@ -99,7 +100,7 @@ public function refreshCredentials($credentials, $force = false) { $request = $this->injector->getRequest(); $response = $request->make_request(array( 'method' => 'POST', - 'url' => $this->injector->config['oauthd_url'] . '/auth/refresh_token/' . $credentials['provider'], + 'url' => $this->injector->config['oauthd_url'] . $this->injector->config['oauthd_base'] . '/refresh_token/' . $credentials['provider'], 'body' => http_build_query(array( 'token' => $credentials['refresh_token'], 'key' => $this->injector->config['app_key'], @@ -130,7 +131,7 @@ public function auth($provider, $options = array()) { $request = $this->injector->getRequest(); $response = $request->make_request(array( 'method' => 'POST', - 'url' => $this->injector->config['oauthd_url'] . '/auth/access_token', + 'url' => $this->injector->config['oauthd_url'] . $this->injector->config['oauthd_base'] . '/access_token', 'body' => http_build_query(array( 'code' => $options['code'], 'key' => $this->injector->config['app_key'], From b55e39483df629d2e54b5e80a5646dda79b75a49 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Fri, 1 Aug 2014 19:16:38 +0200 Subject: [PATCH 16/28] Added management of base field of oauthd --- src/OAuth_io/OAuth.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/OAuth_io/OAuth.php b/src/OAuth_io/OAuth.php index f86b0db..52fcb1f 100644 --- a/src/OAuth_io/OAuth.php +++ b/src/OAuth_io/OAuth.php @@ -53,6 +53,10 @@ public function getOAuthdUrl() { */ public function setOAuthdUrl($url, $base = '/auth') { $this->injector->config['oauthd_url'] = $url; + if (strlen($base) > 1 && $base[0] != '/') + $base = '/' . $base; + if ($base == '/') + $base = ''; $this->injector->config['oauthd_base'] = $base; } From 8c7f4206b29f286d55f8ec1a2bdec5562bbba292 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 23 Sep 2014 16:45:47 +0200 Subject: [PATCH 17/28] Added way to authenticate without the front-end SDK --- src/OAuth_io/OAuth.php | 86 +++++++++++++++++++++++++++--------------- 1 file changed, 55 insertions(+), 31 deletions(-) diff --git a/src/OAuth_io/OAuth.php b/src/OAuth_io/OAuth.php index 52fcb1f..c32dad0 100644 --- a/src/OAuth_io/OAuth.php +++ b/src/OAuth_io/OAuth.php @@ -125,47 +125,71 @@ public function refreshCredentials($credentials, $force = false) { return $credentials; } + public function redirect($provider, $url) { + $urlToRedirect = 'http' . (isset($_SERVER['HTTPS']) ? 's' : '') . '://' . $_SERVER['HTTP_HOST'] . $url; + $csrf = $this->generateStateToken(); + $location = $this->injector->config['oauthd_url'] . $this->injector->config['oauthd_base'] . '/' . $provider . + '?k=' . $this->injector->config['app_key'] . '&opts=' . + urlencode(json_encode(array('state' => $csrf))) . + '&redirect_type=server&redirect_uri=' . urlencode($urlToRedirect); + header("Location: " . $location); + die(); + } + public function auth($provider, $options = array()) { - // $options can contain code, credentials, or nothing. If nothing --> session call if (!$this->initialized) { throw new NotInitializedException('You must initialize the OAuth instance.'); } - if (isset($options['code'])) { - $request = $this->injector->getRequest(); - $response = $request->make_request(array( - 'method' => 'POST', - 'url' => $this->injector->config['oauthd_url'] . $this->injector->config['oauthd_base'] . '/access_token', - 'body' => http_build_query(array( - 'code' => $options['code'], - 'key' => $this->injector->config['app_key'], - 'secret' => $this->injector->config['app_secret'] - )) , - 'headers' => array( - 'Content-Type' => 'application/x-www-form-urlencoded' - ) - )); - $credentials = json_decode(json_encode($response->body) , true); - if (isset($credentials['expires_in'])) { - $date = new \DateTime(); - $credentials['expires'] = $date->getTimestamp() + $credentials['expires_in']; + else { + + if (isset($options['redirect']) && $options['redirect']) { + $data = json_decode($_GET['oauthio'], true); + $code = $data['data']['code']; } - - if (isset($credentials['provider'])) { - $this->injector->session['oauthio']['auth'][$credentials['provider']] = $credentials; + else if (isset($options['code'])) { + $code = $options['code']; } - } else if (isset($options['credentials'])) { - $credentials = $options['credentials']; - } else { - if (isset($this->injector->session['oauthio']['auth'][$provider])) { - $credentials = $this->injector->session['oauthio']['auth'][$provider]; + + + if (isset($code)) { + $request = $this->injector->getRequest(); + $response = $request->make_request(array( + 'method' => 'POST', + 'url' => $this->injector->config['oauthd_url'] . $this->injector->config['oauthd_base'] . '/access_token', + 'body' => http_build_query(array( + 'code' => $code, + 'key' => $this->injector->config['app_key'], + 'secret' => $this->injector->config['app_secret'] + )) , + 'headers' => array( + 'Content-Type' => 'application/x-www-form-urlencoded' + ) + )); + $credentials = json_decode(json_encode($response->body) , true); + if (isset($credentials['expires_in'])) { + $date = new \DateTime(); + $credentials['expires'] = $date->getTimestamp() + $credentials['expires_in']; + } + + if (isset($credentials['provider'])) { + $this->injector->session['oauthio']['auth'][$credentials['provider']] = $credentials; + } + } else if (isset($options['credentials'])) { + $credentials = $options['credentials']; } else { - throw new NotAuthenticatedException('The user is not authenticated for that provider'); + if (isset($this->injector->session['oauthio']['auth'][$provider])) { + $credentials = $this->injector->session['oauthio']['auth'][$provider]; + } else { + throw new NotAuthenticatedException('The user is not authenticated for that provider'); + } } + $credentials = $this->refreshCredentials($credentials, isset($options['force_refresh']) ? $options['force_refresh'] : false); + $request_object = new RequestObject($credentials); + + return $request_object; } - $credentials = $this->refreshCredentials($credentials, isset($options['force_refresh']) ? $options['force_refresh'] : false); - $request_object = new RequestObject($credentials); + - return $request_object; } } From f2285b8a7a3f20ceda85ac1b8d799aa94847c132 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 23 Sep 2014 17:14:48 +0200 Subject: [PATCH 18/28] Updated readme (explained how to use redirection) --- README.md | 103 +++++++++++++++++------------------------------------- 1 file changed, 33 insertions(+), 70 deletions(-) diff --git a/README.md b/README.md index 15e53ce..38a809b 100644 --- a/README.md +++ b/README.md @@ -120,66 +120,54 @@ $oauth = new OAuth(null, false); //?> ``` -**Generating a token** +**Authenticating the user** -You need to provide your front-end with a state token, that will be used to exchange information with OAuth.io. To generate it in the back-end : +The first thing you need to do is to create an endpoint that will redirect your user to the provider's authentication page, so that the user can accept the permissions your app needs. + +In this endpoint, call the `redirect` method like this: ```php -generateStateToken(); -//?> +$oauth->redirect('the_provider', '/callback/url'); ``` -The `generateStateToken()` method returns a unique token. This token is stored in the session, and used to communicate with oauth.io. - -You have to give this token to your front-end, where you can show the user a popup for him to log in to the provider and accept your app's permissions (see further down to see how to do that). +This will automatically redirect your user to the provider's website. Once he has accepted the permissions, he will be redirected to the '/callback/url' on your app, where you'll be able to retrieve a request object. -**Auth the user** - -To be able to make requests to a provider's API using its access token, you have to call the `auth(provider, options)` method first. This method creates a request object from either a code you got from the front-end SDK (for the first time authentication), the session (if the user was authenticated during the same session), or a credentials array that you saved earlier. - -To get a request object from a code (which automatically fills up the session for further use in other endpoints), you can do like this : +In an endpoint associated to the '/callback/url', call the `auth` method with the `redirect` option set to true to get a request object, like this: ```php $request_object = $oauth->auth('the_provider', array( - 'code': $code + 'redirect' => true )); ``` `$request_object` is an object that allows you to perform requests (see further down to learn how to), and that contains the user's credentials. -You can get the credentials array if you need to save them for later use (or for a cron) like this : +*Using the session to get a request object* + +Usually, you'll want to make calls to the API several times while the user is connected to your app. Once you've authenticated the user once with a code, the session is automatically configured to work with the SDK. + +Thus, you just need to do this to get a request object: + +```php +$request_object = $oauth->auth('the_provider'); +``` + +*Saving credentials to re-generate a request object* + +You can also save the user's credentials to make requests in a cron. You can get the credentials array from a request object like this : ```php $credentials = $request_object->getCredentials(); +// Here save the $credentials array for later use ``` -The `$credentials` array contains the access token, refresh token and other information returned by the provider. - -**Retrieving a code from the front-end** - -```JavaScript -//In the front end, using the JavaScript SDK : - -OAuth.initialize('your_key'); -OAuth.popup('a_provider', { - // The state token you got from the backend - // through $oauth->generateStateToken(): - state: 'state_token' - }) -.done(function (r) { - //You need to give r.code to your backend - $.ajax({ - url: '/auth_endpoint/signin', - data: { - code: r.code - } - }) - .done(function (data, status) { - //your user is authenticated server side - //you can now call endpoints that use the OAuth.io SDK - }); -}); + +Then, when you want to reuse these credentials, you can rebuild a $request_object from them: + +```php +$request_object = $oauth->auth('the_provider', array( + 'credentials' => $credentials +)); ``` **Making requests to the API** @@ -201,7 +189,10 @@ You can also call the `me(array $filters)` method from that request object. This ```php create('facebook'); +$facebook_requester = $oauth->auth('facebook', array( + 'redirect' => true +)); + $result = $facebook_requester->me(array('firstname', 'lastname', 'email')); // you'll have $result["firstname"], $result["lastname"] and $result["email"] set with the user's facebook information. @@ -210,34 +201,6 @@ $result = $facebook_requester->me(array('firstname', 'lastname', 'email')); You can refer to the OAuth.io me() feature to get more information about the fields that are returned by this method. -**Using the session** - -Usually, you'll want to make calls to the API several times while the user is connected to your app. Once you've authenticated the user once with a code, the session is automatically configured to work with the SDK. - -Thus, you just need to do this to get a request object: - -```php -$request_object = $oauth->auth('the_provider'); -``` - -**Saving credentials** - -You can also save the user's credentials to make requests in a cron. You can get the credentials array from a request object like this : - -```php -$credentials = $request_object->getCredentials(); -// Here save the $credentials array for later use -``` - - -Then, when you want to reuse these credentials, you can rebuild a $request_object from them: - -```php -$request_object = $oauth->auth('the_provider', array( - 'credentials' => $credentials -)); -``` - **Refreshing the token** If a refresh token is available and the access token is expired, the `auth` method will automatically use that refresh token to get a new access token. From 65ee33a5d0cca148fb0d2787e6b91fb5b0e9c6da Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 23 Sep 2014 17:40:30 +0200 Subject: [PATCH 19/28] Removed the server-side flow paragraph (simplified it) --- README.md | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 38a809b..e926454 100644 --- a/README.md +++ b/README.md @@ -24,21 +24,12 @@ Common use-Case You don't want to use APIs directly from the front-end, but rather through web-services inside your PHP backend. -The server-side flow --------------------- +Server-side flow +---------------- -In the server-side OAuth authentication flow, the oauth token never leaves your backend. +To authenticate the user, you'll need to set your app's backend to **PHP** in your OAuth.io [dashboard](https://oauth.io/dashboard). -To authenticate a user, the flow follows these steps : - -- Ask the backend for a unique state token. This token will be used for communicating with oauth.io -- Show a popup or redirect your user to request his permission to use his/her account on the requested provider -- The latter gives you a code, that you give to your backend -- The backend sends the code to oauth.io with other information like the oauth.io app's public key and secret. -- oauth.io responds with the access_token, that you can then store on your backend as long as it's valid -- You can then make requests to the API using that access token, directly from your backend - -As of `0.2.0` it is possible to get an automatically refreshed access token when a refresh token is available. +This allows you to get a refresh token from the provider if available. Installation ------------ From 39f6f8b87f9ce9b233936ffec3096d10418fff5e Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 23 Sep 2014 18:39:48 +0200 Subject: [PATCH 20/28] minor changes to the SDK --- README.md | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index e926454..5013f8b 100644 --- a/README.md +++ b/README.md @@ -3,14 +3,14 @@ OAuth.io PHP SDK OAuth that just works ! -This SDK allows you to use OAuth.io's server-side flow from a PHP backend, to handle access tokens from your server instead of directly from your front-end. +This SDK allows you to use OAuth.io from a PHP backend, to handle access tokens from your server instead of directly from your front-end. -You can use it with one of our front-end SDKs ([JavaScript][1], [PhoneGap][2], [iOs][3], [Android][4]), which will handle the user input for the OAuth flow. - -The current version of the SDK is `0.2.0`. Older versions are deprecated. +The current version of the SDK is `0.3.0`. Older versions are deprecated. You can also get nightlies by checking out our `develop` branch. +To get more information about this SDK and its method, please refer to its [reference documentation](https://oauth.io/docs/api-reference/server/php) on OAuth.io. + Features -------- @@ -24,16 +24,13 @@ Common use-Case You don't want to use APIs directly from the front-end, but rather through web-services inside your PHP backend. -Server-side flow ----------------- +Installation +------------ -To authenticate the user, you'll need to set your app's backend to **PHP** in your OAuth.io [dashboard](https://oauth.io/dashboard). +First of all, you'll need to set your app's backend to **PHP** in your OAuth.io [dashboard](https://oauth.io/dashboard). This allows you to get a refresh token from the provider if available. -Installation ------------- - You can install it through Composer by adding the following dependency to your composer.json : ```json @@ -50,10 +47,10 @@ Then run in the console : $ composer install ``` -How to use it ? ---------------- +Using the SDK +------------- -The `OAuth` class is stored in the `OAuth_io` namespace. You need to include it in your file like this (make sure you have required the Composer autoloader file) : +The `OAuth` class is stored in the `OAuth_io` namespace. You need to include it in your file like this (make sure you have required the Composer autoloader file): ```php auth('the_provider', array( `$request_object` is an object that allows you to perform requests (see further down to learn how to), and that contains the user's credentials. -*Using the session to get a request object* +**Using the session to get a request object** Usually, you'll want to make calls to the API several times while the user is connected to your app. Once you've authenticated the user once with a code, the session is automatically configured to work with the SDK. @@ -143,7 +140,7 @@ Thus, you just need to do this to get a request object: $request_object = $oauth->auth('the_provider'); ``` -*Saving credentials to re-generate a request object* +**Saving credentials to re-generate a request object** You can also save the user's credentials to make requests in a cron. You can get the credentials array from a request object like this : @@ -152,7 +149,6 @@ $credentials = $request_object->getCredentials(); // Here save the $credentials array for later use ``` - Then, when you want to reuse these credentials, you can rebuild a $request_object from them: ```php From ac01bb0d1d94949ad3e067d5af0f335b0112f5ab Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Tue, 23 Sep 2014 18:51:49 +0200 Subject: [PATCH 21/28] Minor changes in the readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5013f8b..d1b17a2 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ OAuth.io PHP SDK OAuth that just works ! -This SDK allows you to use OAuth.io from a PHP backend, to handle access tokens from your server instead of directly from your front-end. +This SDK allows you to use OAuth.io from a PHP backend, to handle the authentication and API calls from your server instead of from your front-end, for 100+ API providers. The current version of the SDK is `0.3.0`. Older versions are deprecated. From 2fb041e7521154d3fd5bbffbb4e8955271a59854 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Thu, 25 Sep 2014 14:12:26 +0200 Subject: [PATCH 22/28] changed version to 0.3.0 --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 1293c15..50e50ca 100644 --- a/composer.json +++ b/composer.json @@ -2,7 +2,7 @@ "name": "oauth-io/oauth", "description": "OAuth that just works !", "license": "Apache2", - "version": "0.2.0", + "version": "0.3.0", "authors": [ { "name": "oauth-io", From 8d9094cb2a959ca706de8400c4bedf5e601ad32e Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Thu, 25 Sep 2014 14:14:42 +0200 Subject: [PATCH 23/28] udpated readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d1b17a2..fdc5bdc 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ You can install it through Composer by adding the following dependency to your c ```json "require": { ... - "oauth-io/oauth": "0.2.0" + "oauth-io/oauth": "0.3.0" ... }, ``` From 4ff74934ed6700ded6253bd67ca41bd972e02022 Mon Sep 17 00:00:00 2001 From: Ahmad Nassri Date: Thu, 5 Feb 2015 14:50:04 -0500 Subject: [PATCH 24/28] Unirest updated to 2.2.1 - set fixed package dependency at 2.2.1 - update unirest to use new namespaced signature - utilize new `Request::send()` method to simplify code --- composer.json | 2 +- src/OAuth_io/HttpWrapper.php | 32 +++++++++----------------------- 2 files changed, 10 insertions(+), 24 deletions(-) diff --git a/composer.json b/composer.json index 50e50ca..8378727 100644 --- a/composer.json +++ b/composer.json @@ -12,7 +12,7 @@ "minimum-stability": "dev", "require": { "php": ">=5.3.0", - "mashape/unirest-php" : "dev-master" + "mashape/unirest-php" : "2.2.*" }, "autoload": { "psr-0": { diff --git a/src/OAuth_io/HttpWrapper.php b/src/OAuth_io/HttpWrapper.php index 4ee4f7d..f32a1ad 100644 --- a/src/OAuth_io/HttpWrapper.php +++ b/src/OAuth_io/HttpWrapper.php @@ -1,10 +1,13 @@ $value) { if (is_object($array[$key])) { @@ -15,10 +18,10 @@ private function array_map_recursive($callback, $array) { } return $array; } - + public function make_request($options) { $injector = Injector::getInstance(); - + $url = $options['url']; $method = $options['method']; $headers = $options['headers']; @@ -30,26 +33,9 @@ public function make_request($options) { } $url = str_replace('%2C', ',', $url); - \Unirest::verifyPeer($injector->ssl_verification); - if ($options['method'] == 'GET') { - $response = \Unirest::get($url, $headers); - } - - if ($options['method'] == 'POST') { - $response = \Unirest::post($url, $headers, $body); - } - - if ($options['method'] == 'PUT') { - $response = \Unirest::put($url, $headers, $body); - } - - if ($options['method'] == 'DELETE') { - $response = \Unirest::delete($url, $headers); - } - - if ($options['method'] == 'PATCH') { - $response = \Unirest::patch($url, $headers, $body); - } + Request::verifyPeer($injector->ssl_verification); + + $response = Request::send($options['method'], $url, $headers); return $response; } From e9c04e3267059bf539b1470f3276b2e2675e2ee6 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Mon, 23 Feb 2015 14:05:16 +0100 Subject: [PATCH 25/28] Fixed HttpWrapper and bumped to 0.3.1 --- composer.json | 2 +- src/OAuth_io/HttpWrapper.php | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/composer.json b/composer.json index 8378727..3cc1382 100644 --- a/composer.json +++ b/composer.json @@ -2,7 +2,7 @@ "name": "oauth-io/oauth", "description": "OAuth that just works !", "license": "Apache2", - "version": "0.3.0", + "version": "0.3.1", "authors": [ { "name": "oauth-io", diff --git a/src/OAuth_io/HttpWrapper.php b/src/OAuth_io/HttpWrapper.php index f32a1ad..57ddfc6 100644 --- a/src/OAuth_io/HttpWrapper.php +++ b/src/OAuth_io/HttpWrapper.php @@ -1,9 +1,9 @@ ssl_verification); - $response = Request::send($options['method'], $url, $headers); + Request::verifyPeer($injector->ssl_verification); + $response = Request::send($options['method'], $url, $body, $headers); return $response; } From e9ce838e2cc37a55b0ad1958fa96be86f0242b5d Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Mon, 23 Feb 2015 14:27:58 +0100 Subject: [PATCH 26/28] Updated readme to 0.3.1 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index fdc5bdc..9158534 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ OAuth that just works ! This SDK allows you to use OAuth.io from a PHP backend, to handle the authentication and API calls from your server instead of from your front-end, for 100+ API providers. -The current version of the SDK is `0.3.0`. Older versions are deprecated. +The current version of the SDK is `0.3.1`. Older versions are deprecated. You can also get nightlies by checking out our `develop` branch. From 2fc273777744b3ed0e2bb6da068b96ae4acfa28b Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Fri, 27 Feb 2015 18:02:07 +0100 Subject: [PATCH 27/28] Added way to set headers and auto format json body --- src/OAuth_io/HttpWrapper.php | 4 ++ src/OAuth_io/RequestObject.php | 75 ++++++++++++++++++---------------- 2 files changed, 44 insertions(+), 35 deletions(-) diff --git a/src/OAuth_io/HttpWrapper.php b/src/OAuth_io/HttpWrapper.php index 57ddfc6..ac0c37e 100644 --- a/src/OAuth_io/HttpWrapper.php +++ b/src/OAuth_io/HttpWrapper.php @@ -33,6 +33,10 @@ public function make_request($options) { } $url = str_replace('%2C', ',', $url); + if (isset($headers['Content-Type']) && $headers['Content-Type'] == 'application/json' && is_array($body)) { + $body = json_encode($body); + } + Request::verifyPeer($injector->ssl_verification); $response = Request::send($options['method'], $url, $body, $headers); diff --git a/src/OAuth_io/RequestObject.php b/src/OAuth_io/RequestObject.php index b06aaeb..4e427c4 100644 --- a/src/OAuth_io/RequestObject.php +++ b/src/OAuth_io/RequestObject.php @@ -2,10 +2,10 @@ namespace OAuth_io; class RequestObject { - + private $injector; private $credentials; - + public function __construct($credentials = array()) { $this->injector = Injector::getInstance(); $this->credentials = $credentials; @@ -18,59 +18,64 @@ public function getCredentials() { public function wasRefreshed() { return $this->credentials['refreshed'] == true; } - + private function object_to_array($obj) { return json_decode(json_encode($obj), true); } - - private function makeRequest($method, $url, $body_fields = null) { + + private function makeRequest($method, $url, $body_fields = null, $headers_field = null) { $response = null; if (!isset($this->credentials)) { throw new NotAuthenticatedException('The user is not authenticated for that provider'); } else { $prov_data = $this->credentials; $requester = $this->injector->getRequest(); - + $tokens = array(); - - $headers = array( + + $oauthio_headers = array( 'k' => $this->injector->config['app_key'] ); - + if (isset($prov_data['access_token'])) { - $headers['access_token'] = $prov_data['access_token']; + $oauthio_headers['access_token'] = $prov_data['access_token']; } if (isset($prov_data['oauth_token']) && isset($prov_data['oauth_token_secret'])) { - $headers['oauth_token'] = $prov_data['oauth_token']; - $headers['oauth_token_secret'] = $prov_data['oauth_token_secret']; - $headers['oauthv1'] = '1'; + $oauthio_headers['oauth_token'] = $prov_data['oauth_token']; + $oauthio_headers['oauth_token_secret'] = $prov_data['oauth_token_secret']; + $oauthio_headers['oauthv1'] = '1'; + } + $headers = array( + 'oauthio' => http_build_query($oauthio_headers) + ); + if (is_array($headers_field)) { + foreach ($headers_field as $key => $value) { + $headers[$key] = $value; + } } - $response = $requester->make_request(array( 'method' => $method, 'url' => $this->injector->config['oauthd_url'] . '/request/' . $this->credentials['provider'] . '/' . urlencode($url) , - 'headers' => array( - 'oauthio' => http_build_query($headers) - ) , + 'headers' => $headers, 'body' => is_array($body_fields) ? $body_fields : null )); } return $response; } - + private function makeMeRequest($filters) { if (!isset($this->credentials)) { throw new \Exception('Error'); } else { $prov_data = $this->credentials; $requester = $this->injector->getRequest(); - + $tokens = array(); - + $headers = array( 'k' => $this->injector->config['app_key'] ); - + if (isset($prov_data['access_token'])) { $headers['access_token'] = $prov_data['access_token']; } @@ -79,13 +84,13 @@ private function makeMeRequest($filters) { $headers['oauth_token_secret'] = $prov_data['oauth_token_secret']; $headers['oauthv1'] = '1'; } - + if (is_array($filters)) { $filters = array( 'filter' => join(',', $filters) ); } - + $response = $requester->make_request(array( 'method' => 'GET', 'url' => $this->injector->config['oauthd_url'] . '/auth/' . $this->credentials['provider'] . '/me', @@ -97,33 +102,33 @@ private function makeMeRequest($filters) { } return $response; } - + public function get($url) { $response = $this->makeRequest('GET', $url)->body; $response = $this->object_to_array($response); return $response; } - - public function post($url, $fields) { - $response = $this->makeRequest('POST', $url, $fields)->body; + + public function post($url, $fields, $headers = null) { + $response = $this->makeRequest('POST', $url, $fields, $headers)->body; return $this->object_to_array($response); } - - public function put($url, $fields) { - $response = $this->makeRequest('PUT', $url, $fields)->body; + + public function put($url, $fields, $headers = null) { + $response = $this->makeRequest('PUT', $url, $fields, $headers)->body; return $this->object_to_array($response); } - + public function del($url) { $response = $this->makeRequest('DELETE', $url)->body; return $this->object_to_array($response); } - - public function patch($url, $fields) { - $response = $this->makeRequest('PATCH', $url, $fields)->body; + + public function patch($url, $fields, $headers = null) { + $response = $this->makeRequest('PATCH', $url, $fields, $headers)->body; return $this->object_to_array($response); } - + public function me($filters = null) { $response = $this->makeMeRequest($filters)->body->data; return $this->object_to_array($response); From 7e3ac50f61edfb944ab61c17a9ce90a09bb95fe1 Mon Sep 17 00:00:00 2001 From: Antoine Jackson Date: Fri, 27 Feb 2015 18:29:22 +0100 Subject: [PATCH 28/28] Bumped version to 0.3.2 --- README.md | 2 +- composer.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9158534..cc4625b 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ OAuth that just works ! This SDK allows you to use OAuth.io from a PHP backend, to handle the authentication and API calls from your server instead of from your front-end, for 100+ API providers. -The current version of the SDK is `0.3.1`. Older versions are deprecated. +The current version of the SDK is `0.3.2`. Older versions are deprecated. You can also get nightlies by checking out our `develop` branch. diff --git a/composer.json b/composer.json index 3cc1382..66c861b 100644 --- a/composer.json +++ b/composer.json @@ -2,7 +2,7 @@ "name": "oauth-io/oauth", "description": "OAuth that just works !", "license": "Apache2", - "version": "0.3.1", + "version": "0.3.2", "authors": [ { "name": "oauth-io",