PHPoAuthLib provides oAuth support in PHP 7.2+ and is very easy to integrate with any project which requires an oAuth client.

Overview

PHPoAuthLib

NOTE: I'm looking for someone who could help to maintain this package alongside me, just because I don't have a ton of time to devote to it. However, I'm still going to keep trying to pay attention to PRs, etc.

PHPoAuthLib provides oAuth support in PHP 7.2+ and is very easy to integrate with any project which requires an oAuth client.

Build Status Code Coverage Scrutinizer Quality Score Latest Stable Version Total Downloads

Installation

This library can be found on Packagist. The recommended way to install this is through composer.

    composer require lusitanian/oauth

Features

  • PSR-4
  • Fully extensible in every facet.
    • You can implement any service with any custom requirements by extending the protocol version's AbstractService implementation.
    • You can use any HTTP client you desire, just create a class utilizing it which implements OAuth\Common\Http\ClientInterface (two implementations are included)
    • You can use any storage mechanism for tokens. By default, session, in-memory and Redis.io (requires PHPRedis) storage mechanisms are included. Implement additional mechanisms by implementing OAuth\Common\Token\TokenStorageInterface.

Service support

The library supports both oAuth 1.x and oAuth 2.0 compliant services. A list of currently implemented services can be found below.

Included service implementations

  • OAuth1
    • 500px
    • BitBucket
    • Etsy
    • FitBit
    • Flickr
    • QuickBooks
    • Scoop.it!
    • Tumblr
    • Twitter
    • Yahoo
  • OAuth2
    • Amazon
    • BitLy
    • Bitrix24
    • Box
    • Buffer
    • Dailymotion
    • Delicious
    • Deezer
    • DeviantArt
    • Dropbox
    • Eve Online
    • Facebook
    • Foursquare
    • GitHub
    • Google
    • Harvest
    • Heroku
    • Hubic
    • Instagram
    • Jawbone UP
    • LinkedIn
    • Mailchimp
    • Microsoft
    • Mondo
    • Nest
    • Netatmo
    • Parrot Flower Power
    • PayPal
    • Pinterest
    • Pocket
    • Reddit
    • RunKeeper
    • Salesforce
    • SoundCloud
    • Spotify
    • Strava
    • Stripe
    • Ustream
    • Vimeo
    • Vkontakte
    • Xing
    • Yahoo
    • Yammer
  • more to come!

Examples

    php -S localhost:8000 -t examples

Then point your browser to:

    http://localhost:8000/

Usage

For usage with complete auth flow, please see the examples. More in-depth documentation will come with release 1.0.

Framework Integration

  • Lithium: Sébastien Charrier has written an adapter for the library.
  • Laravel 4: Dariusz Prząda has written a service provider for the library.
  • Laravel 5: Valentin Ivaşcu ported Dariusz Prząda's Laravel 4 library to Laravel 5.
  • Symfony: Alexander Pinnecke has written a Symfony Bundle for the library.

Extensions

  • Extract normalized user data from OAuth Services with the library PHPoAuthUserData by Luciano Mammino

Tests

    composer tests
Comments
  • Microsoft wl.contacts_emails scope again

    Microsoft wl.contacts_emails scope again

    I just used this project in a new site and it was broken because the wl_contacts_emails scope is missing and I forgot to add the line below in again.

    const SCOPE_CONTACTS_EMAILS = 'wl.contacts_emails';

    I know you have concerns about adding it because it is not officially supported and documented by Microsoft.

    However, it does work and I think it's better for this library to support it rather than having to remember to add the line in again after each update to Microsoft.php or have the code fail if that scope is used.

    enhancement discussion 
    opened by asacarter 18
  • Support for user profiles

    Support for user profiles

    I would really love to have some abstraction layer to extract user profile data. Almost every Oauth providers offer the ability to extract informations about the user who grant the access. These informations could be used to simplify the registration process or to increase the profile completion rate on many applications.

    This feature is available on several other famous php Oauth libraries such as HWIOauthBundle (Symfony2 bundle) or PHP league oauth 2 client and IMHO it's not so hard to implement.

    It would be great to being able to just call

    $userData = $someService->requestUserProfile();
    

    and then

    $id = $userData->getId();
    $firstName = $userData->getFirstName();
    $lastName = $userData->getLastName();
    //...
    

    We need to elaborate the proper request for each oAuth provider and map the results to mach a standardized array/object response.

    opened by lmammino 17
  • Proper error handling for the stream client

    Proper error handling for the stream client

    The stream client currently eats the response body on http errors which makes it a pretty crappy experience to debug.

    My proposal would be to set the stream context to ignore errors and the http status code to check for errors in request. This would be pretty easy to implement by adding ignore_errors => true to the context http directive and by adding a check for the response using $http_response_header.

    The only thing that is holding me back currently is that I don't know for sure whether all services play nice and give back a somewhat meaningful http status code when the shit hits the fan (i.e. not 200 Okily-dokily).

    enhancement question discussion 
    opened by PeeHaa 16
  • [RFC] Refactoring to use ivory-http-adapter

    [RFC] Refactoring to use ivory-http-adapter

    I have started to rewrite the client interface to use egeloen/ivory-http-adapter. The reason for this is that people could pick there own client to work with this library. One other reason is that it follows the PSR-7 specs and it allows us to fix my orinonal proposal to add the Response code #144.

    All the test work as of now but I still need tot test if it really stil works with some current providers. But I would like to hear feedback.

    discussion 
    opened by cmodijk 15
  • Performance Issue

    Performance Issue

    When running a profiler on my project utilizing this library, I get the following results (only showing the worst performers) Capture

    Apparently Uri.php is taking up by far the most of the execution time of my script, which seems weird since it isn't really doing much beyond string concatenation. Any ideas?

    opened by TheSavior 15
  • Library version has not been updated

    Library version has not been updated

    It seems that v0.8.9 at the moment does not include all the commits on master, it has up to the "add php 7.0 to travis test matrix" (7ae55e6). We have made a hotfix for facebook as it has deprecated its version 2.2 (and removed support as of March 25th 2017), but the commit 27d23a4 already has this fix from 22 Jun 2016. Could the version be updated to include all fixes after commit 7ae55e6? Thanks a lot!

    opened by alexkilty 14
  • Extract oauth1 response parsing

    Extract oauth1 response parsing

    • Removes a ton of duplication in the OAuth 1 token response parsing
    • Move default parsing behaviour into OAuth1\Services\AbstractService instead of repeating it in every single Subclass
    • remove oauth 1 service tests which now just duplicate the parser tests
    enhancement 
    opened by hanneskaeufler 14
  • Google - Failed on requestAccessToken function (file_get_contents)

    Google - Failed on requestAccessToken function (file_get_contents)

    Hi,

    I'm trying to use PHPoAuthLib to login using Google. Authentication works fine and I'm redirected on my callback url with a token.

    Then, when I try to make a request on google's server, I got an error on this :

      $oauth->getService()->requestAccessToken($_GET['code']);
    

    It looks like file_get_contents failed :

    • lusitanian/oauth/src/OAuth/Common/Http/Client/StreamClient.php:70
    • file_get_contents(https://accounts.google.com/o/oauth2/token): failed to open stream: HTTP request failed! HTTP/1.1 400 Bad Request

    Did I made a mistake ?

    opened by Dlacreme 11
  • Youtube listing videos

    Youtube listing videos

    Why can't I access my Youtube video's with this line:

    $result = json_decode( $googleService->request( 'https://www.googleapis.com/oauth2/v1/userinfo' ), true );
    var_dump($result); // works
    $result = json_decode( $googleService->request( 'https://www.googleapis.com/oauth2/v1/youtube' ), true );
    var_dump($result); // null
    

    It stays NULL.

    question 
    opened by renege 11
  • Question/Bug? Using StreamClient vs Curl - Github POST

    Question/Bug? Using StreamClient vs Curl - Github POST

    I was trying to use the GitHub API to create a new service hook. But errors were getting thrown here. Even though my hook was create successfully https://github.com/Lusitanian/PHPoAuthLib/blob/master/src/OAuth/Common/Http/Client/StreamClient.php#L61

    I noticed that the StreamClient was used for "backward compatibility" https://github.com/Lusitanian/PHPoAuthLib/blob/master/src/OAuth/ServiceFactory.php#L112 Using the CurlClient I didn't get any errors.

    Whats the difference between the two? Is the stream client the legacy version? And should I always use curl? Or is this a bug with the stream client?

    opened by thomaswelton 11
  • Request with Stored Token

    Request with Stored Token

    I think I am missing something, but can't quite figure it out. I can successfully request and store an OAuth1 access token and token secret. However, I cannot figure out what I am missing when trying to make a request with the stored token.

    Here is my code...

          // Fetch stored access token.
          $stored_token = Token::getUserToken($service);
    
          $token = new StdOAuth1Token();
          $token->setAccessToken($stored_token->token);
          $token->setAccessTokenSecret($stored_token->token_secret);
    
          // Initialize OAuth consumer (hannesvdvreken/laravel-oauth)
          $consumer = OAuth::consumer($service);
          $consumer->getStorage()->storeAccessToken($service, $token);
    
          $consumer->request('API_URL_HERE');
    

    The request returns "Failed to request resource". I know I have to be missing something obvious, but I am unsure what since this is my first time to implement OAuth.

    opened by oblogic7 11
  • Update Signature.php

    Update Signature.php

    Support for HMAC-SHA256 Fix for: #586 Magento 2

    To use it, you need to overwide the following function:

    class OauthClient extends AbstractService { protected function getSignatureMethod() { return 'HMAC-SHA256'; } }

    opened by teunlielu 0
  • Add support for php 8.1?

    Add support for php 8.1?

    The package is used in multiple library eq : oriceon/oauth-5-laravel can we please release this as we are getting this errors

    OAuth\\Common\\Http\\Client\\AbstractClient::OAuth\\Common\\Http\\Client\\{closure}(): Argument #2 ($key) must be passed by reference, value given

    opened by ani37 3
  • Many provider examples are not working

    Many provider examples are not working

    Many providers in the example page are not working. For example: http://localhost:8000/provider/twitter.php

    The following warnings/errors are outputted: Warning: require_once([MY_DIR]\PHPoAuthLib\examples\provider/bootstrap.php): failed to open stream: No such file or directory in[MY_DIR]\PHPoAuthLib\examples\provider\twitter.php on line 20

    Fatal error: require_once(): Failed opening required '[MY_DIR]\PHPoAuthLib\examples\provider/bootstrap.php' (include_path='.;C:/laragon/etc/php/pear') in [MY_DIR]\PHPoAuthLib\examples\provider\twitter.php on line 20

    Not Working: https://github.com/daviddesberg/PHPoAuthLib/blob/master/examples/provider/twitter.php#L20 require_once __DIR__ . '/bootstrap.php';

    Working: https://github.com/daviddesberg/PHPoAuthLib/blob/master/examples/provider/google.php#L10 require_once __DIR__ . '/../bootstrap.php';

    It seems that "/.." is required but not used in many cases.

    opened by goldingdamien 1
  • Request support HMAC-SHA256

    Request support HMAC-SHA256

    Hi owner,

    Some API integration does not support HMAC-SHA1 anymore, is it possible to adding support HMAC-SHA256 hash?

    lusitanian/oauth/src/OAuth/OAuth1/Service/AbstractService.php:277

    opened by hieuhidro 4
  • Serialize the endOfLife field on AbstractToken

    Serialize the endOfLife field on AbstractToken

    Otherwise, after serialize/deserialize the AbstractToken is incorrectly determined to be expired when making an authentication request (ExpiredTokenException is thrown because endOfLife is null).

    It looks like this was introduced by f08a062d5abe903a4092bcf92f855f6e2e7b676a

    opened by tfvlrue 0
Releases(v0.8.11)
Owner
David Desberg
David Desberg
EvaOAuth provides a standard interface for OAuth1.0(a) / OAuth2.0 client authorization, it is easy to integrate with any PHP project by very few lines code.

EvaOAuth EvaOAuth provides a standard interface for OAuth1.0 / OAuth2.0 client authorization, it is easy to integrate with any PHP project by very few

AlloVince 261 Jan 17, 2022
Symfony bundle which provides OAuth 2.0 authorization/resource server capabilities

Symfony bundle which provides OAuth 2.0 authorization/resource server capabilities. The authorization and resource server actors are implemented using the thephpleague/oauth2-server library.

Trikoder 253 Dec 21, 2022
Kaiju is an open source verification bot based on Discord's OAuth written in C# and PHP, with the functionality of being able to integrate the user to a new server in case yours is suspended.

What is Kaiju? Kaiju is an open source verification bot for Discord servers, based on OAuth and with permission for the server owner, to be able to mi

in the space 10 Nov 20, 2022
The Salla OAuth Client library is designed to provide client applications with secure delegated access to Salla Merchant stores.

Salla Provider for OAuth 2.0 Client This package provides Salla OAuth 2.0 support for the PHP League's OAuth 2.0 Client. To use this package, it will

Salla 14 Nov 27, 2022
OAuth 1/2 Provider implementations for chillerlan/php-oauth-core. PHP 7.4+

chillerlan/php-oauth-providers Documentation See the wiki for advanced documentation. Requirements PHP 7.4+ a PSR-18 compatible HTTP client library of

chillerlan 4 Dec 2, 2022
EAuth extension allows to authenticate users by the OpenID, OAuth 1.0 and OAuth 2.0 providers

EAuth extension allows to authenticate users with accounts on other websites. Supported protocols: OpenID, OAuth 1.0 and OAuth 2.0.

Maxim Zemskov 330 Jun 3, 2022
Laravel wrapper around OAuth 1 & OAuth 2 libraries.

Introduction Laravel Socialite provides an expressive, fluent interface to OAuth authentication with Facebook, Twitter, Google, LinkedIn, GitHub, GitL

The Laravel Framework 5.2k Dec 27, 2022
The first PHP Library to support OAuth for Twitter's REST API.

THIS IS AN MODIFIED VERSION OF ABRAHAMS TWITTER OAUTH CLASS The directories are structured and the class uses PHP5.3 namespaces. Api.php has a new

Ruud Kamphuis 51 Feb 11, 2021
OAuth client integration for Symfony. Supports both OAuth1.0a and OAuth2.

HWIOAuthBundle The HWIOAuthBundle adds support for authenticating users via OAuth1.0a or OAuth2 in Symfony. Note: this bundle adds easy way to impleme

Hardware Info 2.2k Dec 30, 2022
PHP 5.3+ oAuth 1/2 Client Library

PHPoAuthLib NOTE: I'm looking for someone who could help to maintain this package alongside me, just because I don't have a ton of time to devote to i

David Desberg 1.1k Dec 27, 2022
OAuth 1 Client

OAuth 1.0 Client OAuth 1 Client is an OAuth RFC 5849 standards-compliant library for authenticating against OAuth 1 servers. It has built in support f

The League of Extraordinary Packages 907 Dec 16, 2022
Buddy Provider for the OAuth 2.0 Client

Buddy Provider for OAuth 2.0 Client This package provides Buddy OAuth 2.0 support for the PHP League's OAuth 2.0 Client. Installation To install, use

Buddy 0 Jan 19, 2021
Easy integration with OAuth 2.0 service providers.

OAuth 2.0 Client This package provides a base for integrating with OAuth 2.0 service providers. The OAuth 2.0 login flow, seen commonly around the web

The League of Extraordinary Packages 3.4k Dec 31, 2022
Redirects any user which hasn't setup two factor authentication yet to /2fa/

force-two-factor Redirects any user which hasn't setup two factor authentication yet to /2fa/. Use together with the forked two-factor plugin at https

Aiwos 0 Dec 24, 2021
This library extends the 'League OAuth2 Client' library to provide OpenID Connect Discovery support for supporting providers that expose a .well-known configuration endpoint.

OpenID Connect Discovery support for League - OAuth 2.0 Client This library extends the League OAuth2 Client library to provide OpenID Connect Discove

null 3 Jan 8, 2022
An OAuth 2.0 bridge for Laravel and Lumen [DEPRECATED FOR LARAVEL 5.3+]

OAuth 2.0 Server for Laravel (deprecated for Laravel 5.3+) Note: This package is no longer maintaned for Laravel 5.3+ since Laravel now features the P

Luca Degasperi 2.4k Jan 6, 2023
A Laravel 5 package for OAuth Social Login/Register implementation using Laravel socialite and (optionally) AdminLTE Laravel package

laravel-social A Laravel 5 package for OAuth Social Login/Register implementation using Laravel socialite and (optionally) AdminLTE Laravel package. I

Sergi Tur Badenas 42 Nov 29, 2022
Social OAuth Authentication for Laravel 5. drivers: facebook, github, google, linkedin, weibo, qq, wechat and douban

Social OAuth Authentication for Laravel 5. drivers: facebook, github, google, linkedin, weibo, qq, wechat and douban

安正超 330 Nov 14, 2022
A spec compliant, secure by default PHP OAuth 2.0 Server

PHP OAuth 2.0 Server league/oauth2-server is a standards compliant implementation of an OAuth 2.0 authorization server written in PHP which makes work

The League of Extraordinary Packages 6.2k Jan 4, 2023