diff --git a/OAuth.php b/OAuth.php new file mode 100644 index 0000000..5771a5a --- /dev/null +++ b/OAuth.php @@ -0,0 +1,26 @@ +oauthProvider = $provider; + $this->request = $request; + } + + public function check() { + if (isset($this->request["code"]) && !empty($this->request["code"])) { + $this->oauthProvider->getProfile(); + return true; + } else { + return $this->oauthProvider->getLoginUrl(); + } + } + + public function getProfile() { + return $this->oauthProvider->getProfile(); + } +} \ No newline at end of file diff --git a/OAuthDataProvider.php b/OAuthDataProvider.php new file mode 100644 index 0000000..42baba8 --- /dev/null +++ b/OAuthDataProvider.php @@ -0,0 +1,113 @@ +profile = $profile; + $this->dialog = $dialog; + $this->accessToken = $accessToken; + $this->header = $header; + $this->request = $request; + } + + public function getLoginUrl() { + $urlBuilder = []; + $urlBuilder[] = "client_id=" . $this->clientId; + $urlBuilder[] = "response_type=" . $this->responseType; + $urlBuilder[] = "scope=" . $this->scope; + $urlBuilder[] = "state=" . $this->state; + $urlBuilder[] = "redirect_uri=" . urlencode($this->redirectURL); + return $this->dialog . "?" . implode("&", $urlBuilder); + } + + protected function getToken() { + $tokenBuilder = []; + $tokenBuilder["client_id"] = $this->clientId; + $tokenBuilder["client_secret"] = $this->client_secret; + $tokenBuilder["grant_type"] = "authorization_code"; + $tokenBuilder["redirect_uri"] = htmlspecialchars($this->redirectURL); + $tokenBuilder["code"] = $this->request["code"]; + $curl = new ccurl($this->accessToken); + $curl->setPost($tokenBuilder); + $curl->createCurl(); + return (string)$curl; + } + + protected function parseToken() { + $token = $this->getToken(); + $convertedToken = json_decode($token, true); + if (!$convertedToken) { + $realToken = $token; + } else { + $realToken = $convertedToken["access_token"]; + } + + return $realToken; + } + + public function getProfile() { + $token = $this->parseToken(); + + $profileUrl = $this->profile . "=" . $token; + $curl = new ccurl($profileUrl); + $curl->addHeader($this->header . " " . $token); + $curl->createCurl(); + $this->profileData = json_decode((string)$curl, true); + return (string)$curl; + } + + public function getEmail() { + return null; + } + + public function getFirstName() { + return null; + } + + public function getLastName() { + return null; + } + + public function getGender() { + return null; + } + + public function getId() { + return null; + } + + public function getRawProfile() { + return $this->profileData; + } + + public function getSource() { + return null; + } +} \ No newline at end of file diff --git a/ccurl.php b/ccurl.php new file mode 100644 index 0000000..d66ec60 --- /dev/null +++ b/ccurl.php @@ -0,0 +1,149 @@ +authentication = 0; + if($use == true) $this->authentication = 1; + } + + public function setName($name){ + $this->auth_name = $name; + } + public function setPass($pass){ + $this->auth_pass = $pass; + } + + public function addHeader($head) + { + $this->_header[] = $head; + } + + public function __construct($url,$followlocation = true,$timeOut = 30,$maxRedirecs = 4,$binaryTransfer = false,$includeHeader = false,$noBody = false) + { + $this->_url = $url; + $this->_followlocation = $followlocation; + $this->_timeout = $timeOut; + $this->_maxRedirects = $maxRedirecs; + $this->_noBody = $noBody; + $this->_includeHeader = $includeHeader; + $this->_binaryTransfer = $binaryTransfer; + + $this->_cookieFileLocation = dirname(__FILE__).'/cookie.txt'; + + } + + public function setReferer($referer){ + $this->_referer = $referer; + } + + public function setCookiFileLocation($path) + { + $this->_cookieFileLocation = $path; + } + + public function setPost ($postFields) + { + $this->_post = true; + $this->_postFields = $postFields; + } + + public function setUserAgent($userAgent) + { + $this->_useragent = $userAgent; + } + + public function createCurl($url = 'nul') + { + if($url != 'nul'){ + $this->_url = $url; + } + + $s = curl_init(); + + curl_setopt($s,CURLOPT_URL,$this->_url); + + // I understand the implications here - but this isn't a client application + // if my ISP is performing MITM sniffing I have bigger fish to fry + // also the security of a CA signed certificate is questionable at best + // https://www.schneier.com/blog/archives/2012/02/verisign_hacked.html + // Email me if you want to discus this adamsna@datanethost.net + // NA - 12/10/2014 + curl_setopt($s, CURLOPT_SSL_VERIFYPEER, false); + + curl_setopt($s,CURLOPT_HTTPHEADER,$this->_header); + curl_setopt($s,CURLOPT_TIMEOUT,$this->_timeout); + curl_setopt($s,CURLOPT_MAXREDIRS,$this->_maxRedirects); + curl_setopt($s,CURLOPT_RETURNTRANSFER,true); + curl_setopt($s,CURLOPT_FOLLOWLOCATION,$this->_followlocation); + curl_setopt($s,CURLOPT_COOKIEJAR,$this->_cookieFileLocation); + curl_setopt($s,CURLOPT_COOKIEFILE,$this->_cookieFileLocation); + + if($this->authentication == 1){ + curl_setopt($s, CURLOPT_USERPWD, $this->auth_name.':'.$this->auth_pass); + } + if($this->_post) + { + //curl_setopt($s,CURLOPT_POST,true); + curl_setopt($s, CURLOPT_CUSTOMREQUEST, "POST"); + curl_setopt($s,CURLOPT_POSTFIELDS,$this->_postFields); + + } + + if($this->_includeHeader) + { + curl_setopt($s,CURLOPT_HEADER,true); + } + + if($this->_noBody) + { + curl_setopt($s,CURLOPT_NOBODY,true); + } + + curl_setopt($s,CURLOPT_USERAGENT,$this->_useragent); + curl_setopt($s,CURLOPT_REFERER,$this->_referer); + + $this->_webpage = curl_exec($s); + $this->_status = curl_getinfo($s,CURLINFO_HTTP_CODE); + curl_close($s); + + } + + public function getHttpStatus() + { + return $this->_status; + } + + public function __tostring(){ + return $this->_webpage; + } +} \ No newline at end of file diff --git a/example.php b/example.php new file mode 100644 index 0000000..5a4813f --- /dev/null +++ b/example.php @@ -0,0 +1,24 @@ + "apps.googleusercontent.com", + "client_secret" => "", + "redirect_uri" => "http://example.com/phpoauthlib2/example.php" +]); + +$oauth = new OAuth($authProvider, $_GET); + +$check = $oauth->check(); + +if ($check === true) { + echo "Hello - " . $authProvider->getFirstName(); + echo "
Your email is - " . $authProvider->getEmail(); +} else { + header("Location: " . $check); +} \ No newline at end of file diff --git a/providers/FacebookAuthProvider.php b/providers/FacebookAuthProvider.php new file mode 100644 index 0000000..9e62045 --- /dev/null +++ b/providers/FacebookAuthProvider.php @@ -0,0 +1,70 @@ +client_secret = $conf["client_secret"]; + $this->redirectURL = $conf["redirect_uri"]; + $this->clientId = $conf["client_id"]; + $tempScopes = []; + foreach($scopes as $scope) { + switch ($scope) { + case OAUTH_SCOPES::EMAIL: + $tempScopes[] = "email"; + } + } + $tempScopes[] = "public_profile"; + $this->scope = implode(" ", $tempScopes); + } + + public function getEmail() { + return $this->profileData["email"]; + } + + public function getFirstName() { + return $this->profileData["first_name"]; + } + + public function getLastName() { + return $this->profileData["last_name"]; + } + + public function getId() { + return $this->profileData["id"]; + } + + public function getSource() { + return "FACEBOOK"; + } + + public function parseToken() { + $token = $this->getToken(); + return explode("=", $token)[1]; + } + + public function getProfile() { + $token = $this->parseToken(); + $profileUrl = $this->profile . "?fields=first_name,last_name,name,email,age_range&access_token=" . $token; + $curl = new ccurl($profileUrl); + $curl->createCurl(); + $ret = (string)$curl; + $this->profileData = json_decode($ret, true); + return $ret; + } + +} \ No newline at end of file diff --git a/providers/GoogleAuthProvider.php b/providers/GoogleAuthProvider.php new file mode 100644 index 0000000..6eaeaa4 --- /dev/null +++ b/providers/GoogleAuthProvider.php @@ -0,0 +1,57 @@ +client_secret = $conf["client_secret"]; + $this->redirectURL = $conf["redirect_uri"]; + $this->clientId = $conf["client_id"]; + + $tmpScopes = []; + foreach($scopes as $scope) { + switch ($scope) { + case OAUTH_SCOPES::EMAIL: + $tmpScopes[] = "https://www.googleapis.com/auth/userinfo.email"; + } + } + + $this->scope = implode(" ", $tmpScopes); + } + + public function getEmail() { + return $this->profileData["email"]; + } + + public function getFirstName() { + return $this->profileData["given_name"]; + } + + public function getLastName() { + return $this->profileData["family_name"]; + } + + public function getGender() { + return $this->profileData["gender"]; + } + + public function getId() { + return $this->profileData["id"]; + } + + public function getSource() { + return "GOOGLE"; + } +} \ No newline at end of file