| Methods |
public
|
__construct(array $options = [], array $collaborators = [])
Constructs an OAuth 2.0 service provider.
Constructs an OAuth 2.0 service provider.
Parameters
| $options |
An array of options to set on this provider.
Options include clientId, clientSecret, redirectUri, and state.
Individual providers may introduce more options, as needed.
|
| $collaborators |
An array of collaborators that may be used to
override this provider's default behavior. Collaborators include
grantFactory, requestFactory, and httpClient.
Individual providers may introduce more collaborators, as needed.
|
|
#
|
protected
|
getAllowedClientOptions(array $options): array
Returns the list of options that can be passed to the HttpClient
Returns the list of options that can be passed to the HttpClient
Parameters
| $options |
An array of options to set on this provider.
Options include clientId, clientSecret, redirectUri, and state.
Individual providers may introduce more options, as needed.
|
Returns
The options to pass to the HttpClient constructor
|
#
|
public
|
setGrantFactory(GrantFactory $factory): self
Sets the grant factory instance.
Sets the grant factory instance.
|
#
|
public
|
getGrantFactory(): GrantFactory
Returns the current grant factory instance.
Returns the current grant factory instance.
|
#
|
public
|
setRequestFactory(RequestFactory $factory): self
Sets the request factory instance.
Sets the request factory instance.
|
#
|
public
|
getRequestFactory(): RequestFactory
Returns the request factory instance.
Returns the request factory instance.
|
#
|
public
|
setHttpClient(ClientInterface $client): self
Sets the HTTP client instance.
Sets the HTTP client instance.
|
#
|
public
|
getHttpClient(): ClientInterface
Returns the HTTP client instance.
Returns the HTTP client instance.
|
#
|
public
|
setOptionProvider(OptionProviderInterface $provider): self
Sets the option provider instance.
Sets the option provider instance.
|
#
|
public
|
getOptionProvider(): OptionProviderInterface
Returns the option provider instance.
Returns the option provider instance.
|
#
|
public
|
getState(): string
Returns the current value of the state parameter.
Returns the current value of the state parameter.
This can be accessed by the redirect handler during authorization.
|
#
|
public
|
setPkceCode(string $pkceCode): self
Set the value of the pkceCode parameter.
Set the value of the pkceCode parameter.
When using PKCE this should be set before requesting an access token.
|
#
|
public
|
getPkceCode(): string|null
Returns the current value of the pkceCode parameter.
Returns the current value of the pkceCode parameter.
This can be accessed by the redirect handler during authorization.
|
#
|
abstract
public
|
getBaseAuthorizationUrl(): string
Returns the base URL for authorizing a client.
|
#
|
abstract
public
|
getBaseAccessTokenUrl(array $params): string
Returns the base URL for requesting an access token.
|
#
|
abstract
public
|
getResourceOwnerDetailsUrl(AccessToken $token): string
Returns the URL for requesting the resource owner's details.
Returns the URL for requesting the resource owner's details.
|
#
|
protected
|
getRandomState(int $length = 32): string
Returns a new random string to use as the state parameter in an
authorization flow.
Returns a new random string to use as the state parameter in an
authorization flow.
Parameters
| $length |
Length of the random string to be generated.
|
|
#
|
protected
|
getRandomPkceCode(int $length = 64): string
Returns a new random string to use as PKCE code_verifier and
hashed as code_challenge parameters in an authorization…
Returns a new random string to use as PKCE code_verifier and
hashed as code_challenge parameters in an authorization flow.
Must be between 43 and 128 characters long.
Parameters
| $length |
Length of the random string to be generated.
|
|
#
|
abstract
protected
|
getDefaultScopes(): array
Returns the default scopes used by this provider.
Returns the default scopes used by this provider.
This should only be the scopes that are required to request the details
of the resource owner, rather than all the available scopes.
|
#
|
protected
|
getScopeSeparator(): string
Returns the string that should be used to separate scopes when building
the URL for requesting an access token.
Returns the string that should be used to separate scopes when building
the URL for requesting an access token.
Returns
Scope separator, defaults to ','
|
#
|
protected
|
getPkceMethod(): string|null
|
#
|
protected
|
getAuthorizationParameters(array $options): array
Returns authorization parameters based on provided options.
Returns authorization parameters based on provided options.
Returns
|
#
|
protected
|
getAuthorizationQuery(array $params): string
Builds the authorization URL's query string.
Builds the authorization URL's query string.
Parameters
Returns
|
#
|
public
|
getAuthorizationUrl(array $options = []): string
Builds the authorization URL.
Builds the authorization URL.
Returns
|
#
|
public
|
authorize(array $options = [], callable|null $redirectHandler = null): mixed
Redirects the client for authorization.
Redirects the client for authorization.
|
#
|
protected
|
appendQuery(string $url, string $query): string
Appends a query string to a URL.
Appends a query string to a URL.
Parameters
| $url |
The URL to append the query to
|
| $query |
The HTTP query string
|
Returns
|
#
|
protected
|
getAccessTokenMethod(): string
Returns the method to use when requesting an access token.
Returns the method to use when requesting an access token.
Returns
|
#
|
protected
|
getAccessTokenResourceOwnerId(): string|null
Returns the key used in the access token response to identify the resource owner.
Returns the key used in the access token response to identify the resource owner.
Returns
Resource owner identifier key
|
#
|
protected
|
getAccessTokenQuery(array $params): string
Builds the access token URL's query string.
Builds the access token URL's query string.
Parameters
Returns
|
#
|
protected
|
verifyGrant(AbstractGrant|string $grant): AbstractGrant
Checks that a provided grant is valid, or attempts to produce one if the
provided grant is a string.
Checks that a provided grant is valid, or attempts to produce one if the
provided grant is a string.
|
#
|
protected
|
getAccessTokenUrl(array $params): string
Returns the full URL to use when requesting an access token.
Returns the full URL to use when requesting an access token.
Parameters
|
#
|
protected
|
getAccessTokenRequest(array $params): RequestInterface
Returns a prepared request for requesting an access token.
Returns a prepared request for requesting an access token.
Parameters
| $params |
Query string parameters
|
|
#
|
public
|
getAccessToken(mixed $grant, array<string, mixed> $options = []): AccessTokenInterface
Requests an access token using a specified grant and option set.
Requests an access token using a specified grant and option set.
Throws
|
#
|
public
|
getRequest(string $method, string $url, array $options = []): RequestInterface
Returns a PSR-7 request instance that is not authenticated.
Returns a PSR-7 request instance that is not authenticated.
|
#
|
public
|
getAuthenticatedRequest(
string $method,
string $url,
AccessTokenInterface|string|null $token,
array $options = [],
): RequestInterface
Returns an authenticated PSR-7 request instance.
Returns an authenticated PSR-7 request instance.
Parameters
| $options |
Any of "headers", "body", and "protocolVersion".
|
|
#
|
protected
|
createRequest(string $method, string $url, AccessTokenInterface|string|null $token, array $options): RequestInterface
Creates a PSR-7 request instance.
Creates a PSR-7 request instance.
|
#
|
public
|
getResponse(RequestInterface $request): ResponseInterface
Sends a request instance and returns a response instance.
Sends a request instance and returns a response instance.
WARNING: This method does not attempt to catch exceptions caused by HTTP
errors! It is recommended to wrap this method in a try/catch block.
|
#
|
public
|
getParsedResponse(RequestInterface $request): mixed
Sends a request and returns the parsed response.
Sends a request and returns the parsed response.
Throws
|
#
|
protected
|
parseJson(string $content): array
Attempts to parse a JSON response.
Attempts to parse a JSON response.
Parameters
| $content |
JSON content from response body
|
Returns
Throws
|
#
|
protected
|
getContentType(ResponseInterface $response): string
Returns the content type header of a response.
Returns the content type header of a response.
Returns
Semi-colon separated join of content-type headers.
|
#
|
protected
|
parseResponse(ResponseInterface $response): array
Parses the response according to its content-type header.
Parses the response according to its content-type header.
Throws
|
#
|
abstract
protected
|
checkResponse(ResponseInterface $response, array|string $data): void
Checks a provider response for errors.
Checks a provider response for errors.
Parameters
| $data |
Parsed response data
|
Throws
|
#
|
protected
|
prepareAccessTokenResponse(mixed $result): array
Prepares an parsed access token response for a grant.
Prepares an parsed access token response for a grant.
Custom mapping of expiration, etc should be done here. Always call the
parent method when overloading this method.
|
#
|
protected
|
createAccessToken(array $response, AbstractGrant $grant): AccessTokenInterface
Creates an access token from a response.
Creates an access token from a response.
The grant that was used to fetch the response can be used to provide
additional context.
|
#
|
abstract
protected
|
createResourceOwner(array $response, AccessToken $token): ResourceOwnerInterface
Generates a resource owner object from a successful resource owner
details request.
Generates a resource owner object from a successful resource owner
details request.
|
#
|
public
|
getResourceOwner(AccessToken $token): ResourceOwnerInterface
Requests and returns the resource owner of given access token.
Requests and returns the resource owner of given access token.
|
#
|
protected
|
fetchResourceOwnerDetails(AccessToken $token): mixed
Requests resource owner details.
Requests resource owner details.
|
#
|
protected
|
getDefaultHeaders(): array
Returns the default headers used by this provider.
Returns the default headers used by this provider.
Typically this is used to set 'Accept' or 'Content-Type' headers.
|
#
|
protected
|
getAuthorizationHeaders(mixed|null $token = null): array
Returns the authorization headers used by this provider.
Returns the authorization headers used by this provider.
Typically this is "Bearer" or "MAC". For more information see:
http://tools.ietf.org/html/rfc6749#section-7.1
No default is provided, providers must overload this method to activate
authorization headers.
Parameters
| $token |
Either a string or an access token instance
|
|
#
|
public
|
getHeaders(mixed|null $token = null): array
Returns all headers used by this provider for a request.
Returns all headers used by this provider for a request.
The request will be authenticated if an access token is provided.
Parameters
|
#
|