在PHP应用中简化OAuth2.0身份验证集成:OAuth 2.0 Client
jopen
10年前
这个包能够让你以很简单的方式在在PHP应用中集成OAuth2.0身份验证。
用法
验证代码流程
$provider = new League\OAuth2\Client\Provider\<ProviderName>(array( 'clientId' => 'XXXXXXXX', 'clientSecret' => 'XXXXXXXX', 'redirectUri' => 'https://your-registered-redirect-uri/', 'scopes' => array('email', '...', '...'), )); if ( ! isset($_GET['code'])) { // If we don't have an authorization code then get one header('Location: '.$provider->getAuthorizationUrl()); exit; } else { // Try to get an access token (using the authorization code grant) $token = $provider->getAccessToken('authorization_code', [ 'code' => $_GET['code'] ]); // If you are using Eventbrite you will need to add the grant_type parameter (see below) $token = $provider->getAccessToken('authorization_code', [ 'code' => $_GET['code'], 'grant_type' => 'authorization_code' ]); // Optional: Now you have a token you can look up a users profile data try { // We got an access token, let's now get the user's details $userDetails = $provider->getUserDetails($token); // Use these details to create a new profile printf('Hello %s!', $userDetails->firstName); } catch (Exception $e) { // Failed to get user details exit('Oh dear...'); } // Use this to interact with an API on the users behalf echo $token->accessToken; // Use this to get a new access token if the old one expires echo $token->refreshToken; // Number of seconds until the access token will expire, and need refreshing echo $token->expires; } Refreshing a Token
$provider = new League\OAuth2\Client\Provider\<ProviderName>(array( 'clientId' => 'XXXXXXXX', 'clientSecret' => 'XXXXXXXX', 'redirectUri' => 'https://your-registered-redirect-uri/' )); $grant = new \League\OAuth2\Client\Grant\RefreshToken(); $token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);
Built-In Providers
这个包目前已经内置了支持:
- Eventbrite
- 非死book
- Github
- Microsoft