Upgraded from recent fuel-oauth2 improvements.

Author: Phil Sturgeon

libraries/OAuth2.php

@@ -1,7 +1,7 @@
 <?php
 
 include('OAuth2_Exception.php');
-include('OAuth2_Client.php');
+include('OAuth2_Token.php');
 include('OAuth2_Provider.php');
 
 /**

libraries/OAuth2_Client.php

@@ -11,6 +11,22 @@
 
 abstract class OAuth2_Provider {
 
+	/**
+	 * Create a new provider.
+	 *
+	 *     // Load the Twitter provider
+	 *     $provider = OAuth2_Provider::forge('twitter');
+	 *
+	 * @param   string   provider name
+	 * @param   array    provider options
+	 * @return  OAuth_Provider
+	 */
+	public static function factory($name, array $options = null)
+	{	
+		$class = 'OAuth2_Provider_'.ucfirst($name);
+		return new $class($options);
+	}
+
 	/**
 	 * @var  string  provider name
 	 */
@@ -21,11 +37,26 @@ abstract class OAuth2_Provider {
 	 */
 	public $uid_key = 'uid';
 
+	/**
+	 * @var  string  scope separator, most use "," but some like Google are spaces
+	 */
+	public $scope_seperator = ',';
+
+	/**
+	 * @var  string  additional request parameters to be used for remote requests
+	 */
+	public $callback = null;
+
 	/**
 	 * @var  array  additional request parameters to be used for remote requests
 	 */
 	protected $params = array();
 
+	/**
+	 * @var  string  the method to use when requesting tokens
+	 */
+	protected $method = 'GET';
+
 	/**
 	 * Overloads default class properties from the options.
 	 *
@@ -34,21 +65,26 @@ abstract class OAuth2_Provider {
 	 * @param   array   provider options
 	 * @return  void
 	 */
-	public function __construct(array $options = NULL)
+	public function __construct(array $options = array())
 	{
 		if ( ! $this->name)
 		{
 			// Attempt to guess the name from the class name
 			$this->name = strtolower(substr(get_class($this), strlen('OAuth2_Provider_')));
 		}
-		
-		foreach ($options as $key => $val)
+
+		if (empty($options['id']))
 		{
-			$this->{$key} = $val;
+			throw new Exception('Required option not provided: id');
 		}
+
+		$this->client_id = $options['id'];
 
-		// Set a default, which will be used if none are provided pre-request
-		$this->redirect_uri = get_instance()->config->site_url(get_instance()->uri->uri_string());
+		isset($options['callback']) and $this->callback = $options['callback'];
+		isset($options['secret']) and $this->client_secret = $options['secret'];
+		isset($options['scope']) and $this->scope = $options['scope'];
+
+		$this->redirect_uri = site_url(get_instance()->uri->uri_string());
 	}
 
 	/**
@@ -90,17 +126,15 @@ public function authorize($options = array())
 	{
 		$state = md5(uniqid(rand(), TRUE));
 		get_instance()->session->set_userdata('state', $state);
-			
-		$params = array(
-			'client_id' => $this->client_id,
-			'redirect_uri' => isset($options['redirect_uri']) ? $options['redirect_uri'] : $this->redirect_uri,
-			'state' => $state,
-			'scope' => $this->scope,
-			'response_type' => 'code', # required for Windows Live
-		);
-		
-		$url = $this->url_authorize().'?'.http_build_query($params);
-		
+
+		$url = $this->url_authorize().'?'.http_build_query(array(
+			'client_id' 		=> $this->client_id,
+			'redirect_uri' 		=> isset($options['redirect_uri']) ? $options['redirect_uri'] : $this->redirect_uri,
+			'state' 			=> $state,
+			'scope'     		=> is_array($this->scope) ? implode($this->scope_seperator, $this->scope) : $this->scope,
+			'response_type' 	=> 'code',
+		));
+
 		redirect($url);
 	}
 
@@ -110,39 +144,78 @@ public function authorize($options = array())
 	* @param	string	The access code
 	* @return	object	Success or failure along with the response details
 	*/	
-	public function access($code)
+	public function access($code, $options = array())
 	{
 		$params = array(
-			'client_id' => $this->client_id,
-			'redirect_uri' => isset($options['redirect_uri']) ? $options['redirect_uri'] : $this->redirect_uri,
+			'client_id' 	=> $this->client_id,
 			'client_secret' => $this->client_secret,
-			'code' => $code,	
-			'grant_type' => 'authorization_code', # required for Windows Live
+			'grant_type' 	=> isset($options['grant_type']) ? $options['grant_type'] : 'authorization_code',
 		);
-		
-		$url = $this->url_access_token().'?'.http_build_query($params);
-		
-		$response = file_get_contents($url);
 
-		$params = null;
+		switch ($params['grant_type'])
+		{
+			case 'authorization_code':
+				$params['code'] = $code;
+				$params['redirect_uri'] = isset($options['redirect_uri']) ? $options['redirect_uri'] : $this->redirect_uri;
+			break;
+
+			case 'refresh_token':
+				$params['refresh_token'] = $code;
+			break;
+		}
+
+		$response = null;	
+		$url = $this->url_access_token();
 
-		// TODO: This could be moved to a provider method to reduce provider specific awareness
-		switch($this->name)
+		switch ($this->method)
 		{
-			case 'windowslive':
-				$params = json_decode($response, true);
+			case 'GET':
+
+				// Need to switch to Request library, but need to test it on one that works
+				$url .= '?'.http_build_query($params);
+				$response = file_get_contents($url);
+
+				parse_str($response, $return); 
+
+			break;
+
+			case 'POST':
+
+				$postdata = http_build_query($params);
+				$opts = array(
+					'http' => array(
+						'method'  => 'POST',
+						'header'  => 'Content-type: application/x-www-form-urlencoded',
+						'content' => $postdata
+					)
+				);
+				$context  = stream_context_create($opts);
+				$response = file_get_contents($url, false, $context);
+
+				$return = get_object_vars(json_decode($response));
+
 			break;
 
 			default:
-				parse_str($response, $params);
+				throw new OutOfBoundsException("Method '{$this->method}' must be either GET or POST");
 		}
 
-		if (isset($params['error']))
+		if (isset($return['error']))
 		{
-			throw new OAuth2_Exception($params);
+			throw new OAuth2_Exception($return);
+		}
+		
+		switch ($params['grant_type'])
+		{
+			case 'authorization_code':
+				return OAuth2_Token::factory('access', $return);
+			break;
+
+			case 'refresh_token':
+				return OAuth2_Token::factory('refresh', $return);
+			break;
 		}
 
-		return $params;
 	}
 
 }

libraries/OAuth2_Provider.php

@@ -0,0 +1,59 @@
+<?php
+/**
+ * OAuth2 Token
+ *
+ * @package    OAuth2
+ * @category   Token
+ * @author     Phil Sturgeon
+ * @copyright  (c) 2011 HappyNinjas Ltd
+ */
+
+abstract class OAuth2_Token {
+
+	/**
+	 * Create a new token object.
+	 *
+	 *     $token = OAuth2_Token::forge($name);
+	 *
+	 * @param   string  token type
+	 * @param   array   token options
+	 * @return  Token
+	 */
+	public static function factory($type = 'access', array $options = null)
+	{
+		$class = 'OAuth2_Token_'.ucfirst($type);
+		
+		include $class.'.php';
+		
+		return new $class($options);
+	}
+
+	/**
+	 * Return the value of any protected class variable.
+	 *
+	 *     // Get the token secret
+	 *     $secret = $token->secret;
+	 *
+	 * @param   string  variable name
+	 * @return  mixed
+	 */
+	public function __get($key)
+	{
+		return $this->$key;
+	}
+	
+	/**
+	 * Return a boolean if the property is set
+	 *
+	 *     // Get the token secret
+	 *     if ($token->secret) exit('YAY SECRET');
+	 *
+	 * @param   string  variable name
+	 * @return  bool
+	 */
+	public function __isset($key)
+	{
+		return isset($this->$key);
+	}
+
+} // End Token

libraries/OAuth2_Token.php

@@ -0,0 +1,76 @@
+<?php
+/**
+ * OAuth2 Token
+ *
+ * @package    OAuth2
+ * @category   Token
+ * @author     Phil Sturgeon
+ * @copyright  (c) 2011 HappyNinjas Ltd
+ */
+
+class OAuth2_Token_Access extends OAuth2_Token
+{
+	/**
+	 * @var  string  access_token
+	 */
+	protected $access_token;
+
+	/**
+	 * @var  int  expires
+	 */
+	protected $expires;
+
+	/**
+	 * @var  string  refresh_token
+	 */
+	protected $refresh_token;
+
+	/**
+	 * @var  string  uid
+	 */
+	protected $uid;
+
+	/**
+	 * Sets the token, expiry, etc values.
+	 *
+	 * @param   array   token options
+	 * @return  void
+	 */
+	public function __construct(array $options)
+	{
+		if ( ! isset($options['access_token']))
+		{
+			throw new Exception('Required option not passed: access_token'.PHP_EOL.print_r($options, true));
+		}
+		
+		// if ( ! isset($options['expires_in']) and ! isset($options['expires']))
+		// {
+		// 	throw new Exception('We do not know when this access_token will expire');
+		// }
+
+		$this->access_token = $options['access_token'];
+		
+		// Some providers (not many) give the uid here, so lets take it
+		isset($options['uid']) and $this->uid = $options['uid'];
+		
+		// We need to know when the token expires, add num. seconds to current time
+		isset($options['expires_in']) and $this->expires = time() + ((int) $options['expires_in']);
+		
+		// Facebook is just being a spec ignoring jerk
+		isset($options['expires']) and $this->expires = time() + ((int) $options['expires']);
+		
+		// Grab a refresh token so we can update access tokens when they expires
+		isset($options['refresh_token']) and $this->refresh_token = $options['refresh_token'];
+	}
+
+	/**
+	 * Returns the token key.
+	 *
+	 * @return  string
+	 */
+	public function __toString()
+	{
+		return (string) $this->access_token;
+	}
+
+} // End OAuth2_Token_Access