appwrite/src/Appwrite/Auth/OAuth2/Gitlab.php

<?php

namespace Appwrite\Auth\OAuth2;

use Appwrite\Auth\OAuth2;

// Reference Material
// https://docs.gitlab.com/ee/api/oauth2.html

class Gitlab extends OAuth2
{
    /**
     * @var array
     */
    protected array $user = [];

    /**
     * @var array
     */
    protected array $tokens = [];

    /**
     * @var array
     */
    protected array $scopes = [
        'read_user'
    ];

    /**
     * @return string
     */
    public function getName(): string
    {
        return 'gitlab';
    }

    /**
     * @return string
     */
    public function getLoginURL(): string
    {
        return $this->getEndpoint() . '/oauth/authorize?' . \http_build_query([
            'client_id' => $this->appID,
            'redirect_uri' => $this->callback,
            'scope' => \implode(' ', $this->getScopes()),
            'state' => \json_encode($this->state),
            'response_type' => 'code'
        ]);
    }

    /**
     * @param string $code
     *
     * @return array
     */
    protected function getTokens(string $code): array
    {
        if (empty($this->tokens)) {
            $this->tokens = \json_decode($this->request(
                'POST',
                $this->getEndpoint() . '/oauth/token?' . \http_build_query([
                    'code' => $code,
                    'client_id' => $this->appID,
                    'client_secret' => $this->getAppSecret()['clientSecret'],
                    'redirect_uri' => $this->callback,
                    'grant_type' => 'authorization_code'
                ])
            ), true);
        }

        return $this->tokens;
    }

    /**
     * @param string $refreshToken
     *
     * @return array
     */
    public function refreshTokens(string $refreshToken): array
    {
        $this->tokens = \json_decode($this->request(
            'POST',
            $this->getEndpoint() . '/oauth/token?' . \http_build_query([
                'refresh_token' => $refreshToken,
                'client_id' => $this->appID,
                'client_secret' => $this->getAppSecret()['clientSecret'],
                'grant_type' => 'refresh_token'
            ])
        ), true);

        if (empty($this->tokens['refresh_token'])) {
            $this->tokens['refresh_token'] = $refreshToken;
        }

        return $this->tokens;
    }

    /**
     * @param string $accessToken
     *
     * @return string
     */
    public function getUserID(string $accessToken): string
    {
        $user = $this->getUser($accessToken);

        if (isset($user['id'])) {
            return $user['id'];
        }

        return '';
    }

    /**
     * @param string $accessToken
     *
     * @return string
     */
    public function getUserEmail(string $accessToken): string
    {
        $user = $this->getUser($accessToken);

        return $user['email'] ?? '';
    }

    /**
     * Check if the OAuth email is verified
     *
     * @link https://docs.gitlab.com/ee/api/users.html#list-current-user-for-normal-users
     *
     * @param string $accessToken
     *
     * @return bool
     */
    public function isEmailVerified(string $accessToken): bool
    {
        $user = $this->getUser($accessToken);

        if ($user['confirmed_at'] ?? false) {
            return true;
        }

        return false;
    }

    /**
     * @param string $accessToken
     *
     * @return string
     */
    public function getUserName(string $accessToken): string
    {
        $user = $this->getUser($accessToken);

        return $user['name'] ?? '';
    }

    /**
     * @param string $accessToken
     *
     * @return array
     */
    protected function getUser(string $accessToken): array
    {
        if (empty($this->user)) {
            $user = $this->request('GET', $this->getEndpoint() . '/api/v4/user?access_token=' . \urlencode($accessToken));
            $this->user = \json_decode($user, true);
        }

        return $this->user;
    }

    /**
     * Decode the JSON stored in appSecret
     *
     * @return array
     */
    protected function getAppSecret(): array
    {
        try {
            $secret = \json_decode($this->appSecret, true, 512, JSON_THROW_ON_ERROR);
        } catch (\Throwable $th) {
            throw new \Exception('Invalid secret');
        }
        return $secret;
    }


    /**
     * Extracts the Tenant Id from the JSON stored in appSecret. Defaults to 'common' as a fallback
     *
     * @return string
     */
    protected function getEndpoint(): string
    {
        $defaultEndpoint = 'https://gitlab.com';
        $secret = $this->getAppSecret();
        $endpoint = $secret['endpoint'] ?? $defaultEndpoint;
        return empty($endpoint) ? $defaultEndpoint : $endpoint;
    }
}
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`<?php`

Added a vendor namespace to all local libs 2020-03-25 06:56:32 +13:00			`namespace Appwrite\Auth\OAuth2;`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00
Added a vendor namespace to all local libs 2020-03-25 06:56:32 +13:00			`use Appwrite\Auth\OAuth2;`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00
Updated coding standards 2020-06-25 09:05:16 +12:00			`// Reference Material`
feat: added reference docs for Gitlab 2019-10-05 04:06:13 +13:00			`// https://docs.gitlab.com/ee/api/oauth2.html`

Updated naming from OAuth to OAuth2 2020-02-17 00:41:03 +13:00			`class Gitlab extends OAuth2`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`{`
			`/**`
			`* @var array`
			`*/`
fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`protected array $user = [];`

Refactored all providers, added expiry 2022-02-01 23:42:11 +13:00			`/**`
			`* @var array`
			`*/`
fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`protected array $tokens = [];`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00
chore: gitlab adapter fixes 2020-01-19 04:08:46 +13:00			`/**`
			`* @var array`
			`*/`
fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`protected array $scopes = [`
chore: refactoring OAuth Adapters 2020-01-19 09:12:41 +13:00			`'read_user'`
			`];`
chore: gitlab adapter fixes 2020-01-19 04:08:46 +13:00
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`/**`
			`* @return string`
			`*/`
			`public function getName(): string`
			`{`
			`return 'gitlab';`
			`}`

			`/**`
			`* @return string`
			`*/`
			`public function getLoginURL(): string`
			`{`
WIP: Gitlab OAuth custom endpoint 2022-06-10 22:03:30 +12:00			`return $this->getEndpoint() . '/oauth/authorize?' . \http_build_query([`
chore: gitlab adapter fixes 2020-01-19 04:08:46 +13:00			`'client_id' => $this->appID,`
			`'redirect_uri' => $this->callback,`
Improve PHP exeution time by using fully-qualified function calls 2020-06-20 23:05:43 +12:00			`'scope' => \implode(' ', $this->getScopes()),`
			`'state' => \json_encode($this->state),`
chore: gitlab adapter fixes 2020-01-19 04:08:46 +13:00			`'response_type' => 'code'`
			`]);`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`}`

			`/**`
			`* @param string $code`
			`*`
Temporarly disabled all oauths 2022-02-01 09:20:17 +13:00			`* @return array`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`*/`
Protected oauth methods 2022-02-02 05:47:19 +13:00			`protected function getTokens(string $code): array`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`{`
fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`if (empty($this->tokens)) {`
Refactored all providers, added expiry 2022-02-01 23:42:11 +13:00			`$this->tokens = \json_decode($this->request(`
			`'POST',`
WIP: Gitlab OAuth custom endpoint 2022-06-10 22:03:30 +12:00			`$this->getEndpoint() . '/oauth/token?' . \http_build_query([`
Refactored all providers, added expiry 2022-02-01 23:42:11 +13:00			`'code' => $code,`
			`'client_id' => $this->appID,`
Bug fix 2022-06-11 00:05:16 +12:00			`'client_secret' => $this->getAppSecret()['clientSecret'],`
Refactored all providers, added expiry 2022-02-01 23:42:11 +13:00			`'redirect_uri' => $this->callback,`
			`'grant_type' => 'authorization_code'`
			`])`
			`), true);`
			`}`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00
Refactored all providers, added expiry 2022-02-01 23:42:11 +13:00			`return $this->tokens;`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`}`

Implemented refresh token endpoint 2022-02-02 04:54:20 +13:00			`/**`
			`* @param string $refreshToken`
			`*`
			`* @return array`
			`*/`
fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`public function refreshTokens(string $refreshToken): array`
Implemented refresh token endpoint 2022-02-02 04:54:20 +13:00			`{`
Implemented refresh token for all providers 2022-02-02 06:13:54 +13:00			`$this->tokens = \json_decode($this->request(`
			`'POST',`
WIP: Gitlab OAuth custom endpoint 2022-06-10 22:03:30 +12:00			`$this->getEndpoint() . '/oauth/token?' . \http_build_query([`
Implemented refresh token for all providers 2022-02-02 06:13:54 +13:00			`'refresh_token' => $refreshToken,`
			`'client_id' => $this->appID,`
Bug fix 2022-06-11 00:05:16 +12:00			`'client_secret' => $this->getAppSecret()['clientSecret'],`
Implemented refresh token for all providers 2022-02-02 06:13:54 +13:00			`'grant_type' => 'refresh_token'`
			`])`
			`), true);`
Implemented refresh token endpoint 2022-02-02 04:54:20 +13:00
fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`if (empty($this->tokens['refresh_token'])) {`
Implement refresh token fallback, if missing in response 2022-02-04 05:05:06 +13:00			`$this->tokens['refresh_token'] = $refreshToken;`
			`}`

Implemented refresh token endpoint 2022-02-02 04:54:20 +13:00			`return $this->tokens;`
			`}`

feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`/**`
			`* @param string $accessToken`
			`*`
			`* @return string`
			`*/`
			`public function getUserID(string $accessToken): string`
			`{`
			`$user = $this->getUser($accessToken);`

			`if (isset($user['id'])) {`
			`return $user['id'];`
			`}`

			`return '';`
			`}`

			`/**`
			`* @param string $accessToken`
			`*`
			`* @return string`
			`*/`
			`public function getUserEmail(string $accessToken): string`
			`{`
			`$user = $this->getUser($accessToken);`

fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`return $user['email'] ?? '';`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`}`

feat: add method to check for email verification 2022-04-28 07:08:32 +12:00			`/**`
feat: add method to check for email verification 2022-04-28 07:14:09 +12:00			`* Check if the OAuth email is verified`
format files in app, src, tests 2022-05-24 02:54:50 +12:00			`*`
feat: added check for Gitlab OAuth 2022-05-06 04:17:29 +12:00			`* @link https://docs.gitlab.com/ee/api/users.html#list-current-user-for-normal-users`
format files in app, src, tests 2022-05-24 02:54:50 +12:00			`*`
fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`* @param string $accessToken`
format files in app, src, tests 2022-05-24 02:54:50 +12:00			`*`
feat: add method to check for email verification 2022-04-28 07:08:32 +12:00			`* @return bool`
			`*/`
feat: fixed typo 2022-04-28 08:27:21 +12:00			`public function isEmailVerified(string $accessToken): bool`
feat: add method to check for email verification 2022-04-28 07:08:32 +12:00			`{`
feat: added check for Gitlab OAuth 2022-05-06 04:17:29 +12:00			`$user = $this->getUser($accessToken);`

fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`if ($user['confirmed_at'] ?? false) {`
feat: added check for Gitlab OAuth 2022-05-06 04:17:29 +12:00			`return true;`
			`}`

feat: add method to check for email verification 2022-04-28 07:08:32 +12:00			`return false;`
			`}`

feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`/**`
			`* @param string $accessToken`
			`*`
			`* @return string`
			`*/`
			`public function getUserName(string $accessToken): string`
			`{`
			`$user = $this->getUser($accessToken);`

fix: improve typing and nullish values 2022-05-13 03:56:20 +12:00			`return $user['name'] ?? '';`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`}`

			`/**`
			`* @param string $accessToken`
			`*`
			`* @return array`
			`*/`
			`protected function getUser(string $accessToken): array`
			`{`
			`if (empty($this->user)) {`
WIP: Gitlab OAuth custom endpoint 2022-06-10 22:03:30 +12:00			`$user = $this->request('GET', $this->getEndpoint() . '/api/v4/user?access_token=' . \urlencode($accessToken));`
Improve PHP exeution time by using fully-qualified function calls 2020-06-20 23:05:43 +12:00			`$this->user = \json_decode($user, true);`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`}`
PHP CS fixer 2019-10-01 17:34:01 +13:00
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`return $this->user;`
			`}`
WIP: Gitlab OAuth custom endpoint 2022-06-10 22:03:30 +12:00
			`/**`
			`* Decode the JSON stored in appSecret`
			`*`
			`* @return array`
			`*/`
			`protected function getAppSecret(): array`
			`{`
			`try {`
			`$secret = \json_decode($this->appSecret, true, 512, JSON_THROW_ON_ERROR);`
			`} catch (\Throwable $th) {`
			`throw new \Exception('Invalid secret');`
			`}`
			`return $secret;`
			`}`


			`/**`
			`* Extracts the Tenant Id from the JSON stored in appSecret. Defaults to 'common' as a fallback`
			`*`
			`* @return string`
			`*/`
			`protected function getEndpoint(): string`
			`{`
QA bug fixes 2022-06-11 00:41:31 +12:00			`$defaultEndpoint = 'https://gitlab.com';`
WIP: Gitlab OAuth custom endpoint 2022-06-10 22:03:30 +12:00			`$secret = $this->getAppSecret();`
QA bug fixes 2022-06-11 00:41:31 +12:00			`$endpoint = $secret['endpoint'] ?? $defaultEndpoint;`
			`return empty($endpoint) ? $defaultEndpoint : $endpoint;`
WIP: Gitlab OAuth custom endpoint 2022-06-10 22:03:30 +12:00			`}`
feat: added Gitlab OAuth Support 2019-09-30 22:03:55 +13:00			`}`