OAuth2Interface
extends
OAuthInterface
in
Specifies the basic methods for an OAuth2 provider.
Table of Contents
Constants
- AUTH_METHOD = self::AUTH_METHOD_HEADER
- Specifies the authentication method:
- AUTH_METHOD_HEADER = 1
- AUTH_METHOD_QUERY = 2
- AUTH_PREFIX_HEADER = 'Bearer'
- The name of the authentication header in case of OAuth2Interface::AUTH_METHOD_HEADER
- AUTH_PREFIX_QUERY = 'access_token'
- The name of the authentication query parameter in case of OAuth2Interface::AUTH_METHOD_QUERY
- DEFAULT_SCOPES = []
- Default scopes to apply if none were provided via the $scopes parameter
- HEADERS_API = []
- additional headers to use during API access
- HEADERS_AUTH = []
- additional headers to use during authentication
- IDENTIFIER = ''
- An identifier for the provider, usually the class name in ALLCAPS (required)
- SCOPES_DELIMITER = ' '
- The delimiter string for scopes
- USER_AGENT = 'chillerlanPhpOAuth/1.0.0 +https://github.com/chillerlan/php-oauth'
- A common user agent string that can be used in requests
- USES_BASIC_AUTH_IN_ACCESS_TOKEN_REQUEST = false
- This indicates that the current provider requires an `Authorization: Basic <base64(key:secret)>` header in the access token request, rather than the key and secret in the request body.
Methods
- getAccessToken() : AccessToken
- Obtains an OAuth2 access token with the given $code, verifies the $state if the provider implements the CSRFToken interface, and returns an AccessToken object
- getAccessTokenFromStorage() : AccessToken
- Gets an access token from the current OAuthStorageInterface (shorthand/convenience)
- getApiDocURL() : string|null
- Returns the link to the provider's API docs, or null if the value is not set
- getApplicationURL() : string|null
- Returns the link to the provider's credential registration/application page, or null if the value is not set
- getAuthorizationURL() : UriInterface
- Prepares the URL with optional $params which redirects to the provider's authorization prompt and returns a PSR-7 UriInterface with all necessary parameters set.
- getName() : string
- Returns the name of the provider/class
- getRequestAuthorization() : RequestInterface
- Authorizes the $request with the credentials from the given $token and returns a PSR-7 RequestInterface with all necessary headers and/or parameters set
- getStorage() : OAuthStorageInterface
- Returns the current OAuthStorageInterface
- getUserRevokeURL() : string|null
- Returns the link to the page where a user can revoke access tokens, or null if the value is not set
- request() : ResponseInterface
- Prepares an API request to $path with the given parameters, gets authorization, fires the request and returns a PSR-7 ResponseInterface with the corresponding API response
- setLogger() : static
- Sets an optional PSR-3 LoggerInterface
- setRequestFactory() : static
- Sets an optional PSR-17 RequestFactoryInterface
- setStorage() : static
- Sets an optional OAuthStorageInterface
- setStreamFactory() : static
- Sets an optional PSR-17 StreamFactoryInterface
- setUriFactory() : static
- Sets an optional PSR-17 UriFactoryInterface
- storeAccessToken() : static
- Sets an access token in the current OAuthStorageInterface (shorthand/convenience)
Constants
AUTH_METHOD
Specifies the authentication method:
public
int
AUTH_METHOD
= self::AUTH_METHOD_HEADER
- OAuth2Interface::AUTH_METHOD_HEADER (Bearer, OAuth, ...)
- OAuth2Interface::AUTH_METHOD_QUERY (access_token, ...)
AUTH_METHOD_HEADER
public
final int
AUTH_METHOD_HEADER
= 1
AUTH_METHOD_QUERY
public
final int
AUTH_METHOD_QUERY
= 2
AUTH_PREFIX_HEADER
The name of the authentication header in case of OAuth2Interface::AUTH_METHOD_HEADER
public
string
AUTH_PREFIX_HEADER
= 'Bearer'
AUTH_PREFIX_QUERY
The name of the authentication query parameter in case of OAuth2Interface::AUTH_METHOD_QUERY
public
string
AUTH_PREFIX_QUERY
= 'access_token'
DEFAULT_SCOPES
Default scopes to apply if none were provided via the $scopes parameter
public
array<string|int, string>
DEFAULT_SCOPES
= []
HEADERS_API
additional headers to use during API access
public
array<string, string>
HEADERS_API
= []
Note: must not contain: Authorization
HEADERS_AUTH
additional headers to use during authentication
public
array<string, string>
HEADERS_AUTH
= []
Note: must not contain: Accept-Encoding, Authorization, Content-Length, Content-Type
IDENTIFIER
An identifier for the provider, usually the class name in ALLCAPS (required)
public
string
IDENTIFIER
= ''
SCOPES_DELIMITER
The delimiter string for scopes
public
string
SCOPES_DELIMITER
= ' '
USER_AGENT
A common user agent string that can be used in requests
public
string
USER_AGENT
= 'chillerlanPhpOAuth/1.0.0 +https://github.com/chillerlan/php-oauth'
USES_BASIC_AUTH_IN_ACCESS_TOKEN_REQUEST
This indicates that the current provider requires an `Authorization: Basic <base64(key:secret)>` header in the access token request, rather than the key and secret in the request body.
public
bool
USES_BASIC_AUTH_IN_ACCESS_TOKEN_REQUEST
= false
It saves provider inplementations from the hassle to override the respective methods:
-
OAuth2Provider::getAccessTokenRequestBodyParams()
-
OAuth2Provider::sendAccessTokenRequest()
I'm not sure where to put this: here or a feature interface (it's not exactly a feature). I'll leave it here for now, subject to change.
Methods
getAccessToken()
Obtains an OAuth2 access token with the given $code, verifies the $state if the provider implements the CSRFToken interface, and returns an AccessToken object
public
getAccessToken(string $code[, string|null $state = null ]) : AccessToken
Parameters
- $code : string
- $state : string|null = null
Tags
Return values
AccessTokengetAccessTokenFromStorage()
Gets an access token from the current OAuthStorageInterface (shorthand/convenience)
public
getAccessTokenFromStorage() : AccessToken
Return values
AccessTokengetApiDocURL()
Returns the link to the provider's API docs, or null if the value is not set
public
getApiDocURL() : string|null
Return values
string|nullgetApplicationURL()
Returns the link to the provider's credential registration/application page, or null if the value is not set
public
getApplicationURL() : string|null
Return values
string|nullgetAuthorizationURL()
Prepares the URL with optional $params which redirects to the provider's authorization prompt and returns a PSR-7 UriInterface with all necessary parameters set.
public
getAuthorizationURL([array<string, scalar>|null $params = null ][, array<string|int, string>|null $scopes = null ]) : UriInterface
If the provider supports RFC-9126 "Pushed Authorization Requests (PAR)", a request to the PAR endpoint shall be made within this method in order to send authorization data and obtain a temporary request URI.
Parameters
- $params : array<string, scalar>|null = null
- $scopes : array<string|int, string>|null = null
Tags
Return values
UriInterfacegetName()
Returns the name of the provider/class
public
getName() : string
Return values
stringgetRequestAuthorization()
Authorizes the $request with the credentials from the given $token and returns a PSR-7 RequestInterface with all necessary headers and/or parameters set
public
getRequestAuthorization(RequestInterface $request[, AccessToken|null $token = null ]) : RequestInterface
Parameters
- $request : RequestInterface
- $token : AccessToken|null = null
Tags
Return values
RequestInterfacegetStorage()
Returns the current OAuthStorageInterface
public
getStorage() : OAuthStorageInterface
Return values
OAuthStorageInterfacegetUserRevokeURL()
Returns the link to the page where a user can revoke access tokens, or null if the value is not set
public
getUserRevokeURL() : string|null
Return values
string|nullrequest()
Prepares an API request to $path with the given parameters, gets authorization, fires the request and returns a PSR-7 ResponseInterface with the corresponding API response
public
request(string $path[, array<string, scalar|bool|null>|null $params = null ][, string|null $method = null ][, StreamInterface|array<string, scalar|bool|null>|string|null $body = null ][, array<string, string>|null $headers = null ][, string|null $protocolVersion = null ]) : ResponseInterface
Parameters
- $path : string
- $params : array<string, scalar|bool|null>|null = null
- $method : string|null = null
- $body : StreamInterface|array<string, scalar|bool|null>|string|null = null
- $headers : array<string, string>|null = null
- $protocolVersion : string|null = null
Return values
ResponseInterfacesetLogger()
Sets an optional PSR-3 LoggerInterface
public
setLogger(LoggerInterface $logger) : static
Parameters
- $logger : LoggerInterface
Return values
staticsetRequestFactory()
Sets an optional PSR-17 RequestFactoryInterface
public
setRequestFactory(RequestFactoryInterface $requestFactory) : static
Parameters
- $requestFactory : RequestFactoryInterface
Return values
staticsetStorage()
Sets an optional OAuthStorageInterface
public
setStorage(OAuthStorageInterface $storage) : static
Parameters
- $storage : OAuthStorageInterface
Return values
staticsetStreamFactory()
Sets an optional PSR-17 StreamFactoryInterface
public
setStreamFactory(StreamFactoryInterface $streamFactory) : static
Parameters
- $streamFactory : StreamFactoryInterface
Return values
staticsetUriFactory()
Sets an optional PSR-17 UriFactoryInterface
public
setUriFactory(UriFactoryInterface $uriFactory) : static
Parameters
- $uriFactory : UriFactoryInterface
Return values
staticstoreAccessToken()
Sets an access token in the current OAuthStorageInterface (shorthand/convenience)
public
storeAccessToken(AccessToken $token) : static
Parameters
- $token : AccessToken