CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-26 18:20:43 +12:00
Code Issues Projects Releases Wiki Activity

Refactored all providers, added expiry

Browse source
This commit is contained in:
Matej Baco 2022-02-01 11:42:11 +01:00
parent 76c8da92a3
commit 89834af47d
31 changed files with 570 additions and 511 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
app/config/collections.php
View file

@ -1168,6 +1168,17 @@ $collections = [
'array' => false,
'filters' => ['encrypt'],
],
[
'$id' => 'providerAccessTokenExpiry',
'type' => Database::VAR_INTEGER,
'format' => '',
'size' => 0,
'signed' => true,
'required' => false,
'default' => null,
'array' => false,
'filters' => [],
],
[
'$id' => 'providerRefreshToken',
'type' => Database::VAR_STRING,

7
app/controllers/api/account.php
View file

@ -430,10 +430,10 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
}
$state['failure'] = null;
$tokens = $oauth2->getTokens($code);
$accessToken = $tokens['access'];
$refreshToken = $tokens['refresh'];
$accessToken = $oauth2->getAccessToken($code);
$refreshToken =$oauth2->getRefreshToken($code);
$accessTokenExpiry = $oauth2->getAccessTokenExpiry($code);
if (empty($accessToken)) {
if (!empty($state['failure'])) {
@ -533,6 +533,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
'providerUid' => $oauth2ID,
'providerAccessToken' => $accessToken,
'providerRefreshToken' => $refreshToken,
'providerAccessTokenExpiry' => $accessTokenExpiry,
'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak
'expire' => $expiry,
'userAgent' => $request->getUserAgent('UNKNOWN'),

32
src/Appwrite/Auth/OAuth2.php
View file

@ -109,6 +109,38 @@ abstract class OAuth2
return $this->scopes;
}
/**
* @param string $code
*
* @return string
*/
public function getAccessToken(string $code):string
{
$tokens = $this->getTokens($code);
return $tokens['access_token'];
}
/**
* @param string $code
*
* @return string
*/
public function getRefreshToken(string $code):string
{
$tokens = $this->getTokens($code);
return $tokens['refresh_token'];
}
/**
* @param string $code
*
* @return string
*/
public function getAccessTokenExpiry(string $code):string
{
$tokens = $this->getTokens($code);
return $tokens['expires_in'];
}
// The parseState function was designed specifically for Amazon OAuth2 Adapter to override.
// The response from Amazon is html encoded and hence it needs to be html_decoded before

40
src/Appwrite/Auth/OAuth2/Amazon.php
View file

@ -15,6 +15,11 @@ class Amazon extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -63,26 +68,23 @@ class Amazon extends OAuth2
*/
public function getTokens(string $code): array
{
$headers = ['Content-Type: application/x-www-form-urlencoded;charset=UTF-8'];
$result = $this->request(
'POST',
'https://api.amazon.com/auth/o2/token',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID ,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback ,
'grant_type' => 'authorization_code'
])
);
if(empty($this->tokens)) {
$headers = ['Content-Type: application/x-www-form-urlencoded;charset=UTF-8'];
$this->tokens = \json_decode($this->request(
'POST',
'https://api.amazon.com/auth/o2/token',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback,
'grant_type' => 'authorization_code'
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

44
src/Appwrite/Auth/OAuth2/Apple.php
View file

@ -14,6 +14,11 @@ class Apple extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -58,29 +63,26 @@ class Apple extends OAuth2
*/
public function getTokens(string $code): array
{
$headers = ['Content-Type: application/x-www-form-urlencoded'];
$result = $this->request(
'POST',
'https://appleid.apple.com/auth/token',
$headers,
\http_build_query([
'grant_type' => 'authorization_code',
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->getAppSecret(),
'redirect_uri' => $this->callback,
])
);
if(empty($this->tokens)) {
$headers = ['Content-Type: application/x-www-form-urlencoded'];
$this->tokens = \json_decode($this->request(
'POST',
'https://appleid.apple.com/auth/token',
$headers,
\http_build_query([
'grant_type' => 'authorization_code',
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->getAppSecret(),
'redirect_uri' => $this->callback,
])
), true);
$result = \json_decode($result, true);
$this->claims = (isset($this->tokens['id_token'])) ? \explode('.', $this->tokens['id_token']) : [0 => '', 1 => ''];
$this->claims = (isset($this->claims[1])) ? \json_decode(\base64_decode($this->claims[1]), true) : [];
}
$this->claims = (isset($result['id_token'])) ? \explode('.', $result['id_token']) : [0 => '', 1 => ''];
$this->claims = (isset($this->claims[1])) ? \json_decode(\base64_decode($this->claims[1]), true) : [];
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

41
src/Appwrite/Auth/OAuth2/Bitbucket.php
View file

@ -13,6 +13,11 @@ class Bitbucket extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -47,27 +52,23 @@ class Bitbucket extends OAuth2
*/
public function getTokens(string $code): array
{
// Required as per Bitbucket Spec.
$headers = ['Content-Type: application/x-www-form-urlencoded'];
if(empty($this->tokens)) {
// Required as per Bitbucket Spec.
$headers = ['Content-Type: application/x-www-form-urlencoded'];
$this->tokens = \json_decode($this->request(
'POST',
'https://bitbucket.org/site/oauth2/access_token',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'grant_type' => 'authorization_code'
])
), true);
}
$result = $this->request(
'POST',
'https://bitbucket.org/site/oauth2/access_token',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'grant_type' => 'authorization_code'
])
);
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

38
src/Appwrite/Auth/OAuth2/Bitly.php
View file

@ -29,6 +29,11 @@ class Bitly extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @return string
@ -58,25 +63,22 @@ class Bitly extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
$this->resourceEndpoint . 'oauth/access_token',
["Content-Type: application/x-www-form-urlencoded"],
\http_build_query([
"client_id" => $this->appID,
"client_secret" => $this->appSecret,
"code" => $code,
"redirect_uri" => $this->callback,
"state" => \json_encode($this->state)
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
$this->resourceEndpoint . 'oauth/access_token',
["Content-Type: application/x-www-form-urlencoded"],
\http_build_query([
"client_id" => $this->appID,
"client_secret" => $this->appSecret,
"code" => $code,
"redirect_uri" => $this->callback,
"state" => \json_encode($this->state)
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

42
src/Appwrite/Auth/OAuth2/Box.php
View file

@ -23,6 +23,11 @@ class Box extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -63,27 +68,24 @@ class Box extends OAuth2
*/
public function getTokens(string $code): array
{
$header = "Content-Type: application/x-www-form-urlencoded";
$result = $this->request(
'POST',
$this->endpoint . 'token',
[$header],
\http_build_query([
"client_id" => $this->appID,
"client_secret" => $this->appSecret,
"code" => $code,
"grant_type" => "authorization_code",
"scope" => \implode(',', $this->getScopes()),
"redirect_uri" => $this->callback
])
);
if(empty($this->tokens)) {
$headers = ['Content-Type: application/x-www-form-urlencoded'];
$this->tokens = \json_decode($this->request(
'POST',
$this->endpoint . 'token',
$headers,
\http_build_query([
"client_id" => $this->appID,
"client_secret" => $this->appSecret,
"code" => $code,
"grant_type" => "authorization_code",
"scope" => \implode(',', $this->getScopes()),
"redirect_uri" => $this->callback
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

40
src/Appwrite/Auth/OAuth2/Discord.php
View file

@ -18,6 +18,11 @@ class Discord extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -59,26 +64,23 @@ class Discord extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
$this->endpoint . '/oauth2/token',
['Content-Type: application/x-www-form-urlencoded'],
\http_build_query([
'grant_type' => 'authorization_code',
'code' => $code,
'redirect_uri' => $this->callback,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'scope' => \implode(' ', $this->getScopes())
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
$this->endpoint . '/oauth2/token',
['Content-Type: application/x-www-form-urlencoded'],
\http_build_query([
'grant_type' => 'authorization_code',
'code' => $code,
'redirect_uri' => $this->callback,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'scope' => \implode(' ', $this->getScopes())
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

40
src/Appwrite/Auth/OAuth2/Dropbox.php
View file

@ -14,6 +14,11 @@ class Dropbox extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -48,26 +53,23 @@ class Dropbox extends OAuth2
*/
public function getTokens(string $code): array
{
$headers = ['Content-Type: application/x-www-form-urlencoded'];
$result = $this->request(
'POST',
'https://api.dropboxapi.com/oauth2/token',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback,
'grant_type' => 'authorization_code'
])
);
if(empty($this->tokens)) {
$headers = ['Content-Type: application/x-www-form-urlencoded'];
$this->tokens = \json_decode($this->request(
'POST',
'https://api.dropboxapi.com/oauth2/token',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback,
'grant_type' => 'authorization_code'
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

32
src/Appwrite/Auth/OAuth2/Facebook.php
View file

@ -15,6 +15,11 @@ class Facebook extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -51,22 +56,19 @@ class Facebook extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'GET',
'https://graph.facebook.com/'.$this->version.'/oauth/access_token?'.\http_build_query([
'client_id' => $this->appID,
'redirect_uri' => $this->callback,
'client_secret' => $this->appSecret,
'code' => $code
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'GET',
'https://graph.facebook.com/' . $this->version . '/oauth/access_token?' . \http_build_query([
'client_id' => $this->appID,
'redirect_uri' => $this->callback,
'client_secret' => $this->appSecret,
'code' => $code
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

36
src/Appwrite/Auth/OAuth2/Github.php
View file

@ -10,6 +10,11 @@ class Github extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -46,24 +51,21 @@ class Github extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
'https://github.com/login/oauth/access_token',
[],
\http_build_query([
'client_id' => $this->appID,
'redirect_uri' => $this->callback,
'client_secret' => $this->appSecret,
'code' => $code
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
'https://github.com/login/oauth/access_token',
[],
\http_build_query([
'client_id' => $this->appID,
'redirect_uri' => $this->callback,
'client_secret' => $this->appSecret,
'code' => $code
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

34
src/Appwrite/Auth/OAuth2/Gitlab.php
View file

@ -13,6 +13,11 @@ class Gitlab extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -50,23 +55,20 @@ class Gitlab extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
'https://gitlab.com/oauth/token?'.\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback,
'grant_type' => 'authorization_code'
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
'https://gitlab.com/oauth/token?' . \http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback,
'grant_type' => 'authorization_code'
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

36
src/Appwrite/Auth/OAuth2/Google.php
View file

@ -29,6 +29,11 @@ class Google extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @return string
@ -59,24 +64,21 @@ class Google extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
'https://oauth2.googleapis.com/token?'.\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback,
'scope' => null,
'grant_type' => 'authorization_code'
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
'https://oauth2.googleapis.com/token?' . \http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback,
'scope' => null,
'grant_type' => 'authorization_code'
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

38
src/Appwrite/Auth/OAuth2/Linkedin.php
View file

@ -10,6 +10,11 @@ class Linkedin extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -61,25 +66,22 @@ class Linkedin extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
'https://www.linkedin.com/oauth/v2/accessToken',
['Content-Type: application/x-www-form-urlencoded'],
\http_build_query([
'grant_type' => 'authorization_code',
'code' => $code,
'redirect_uri' => $this->callback,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
'https://www.linkedin.com/oauth/v2/accessToken',
['Content-Type: application/x-www-form-urlencoded'],
\http_build_query([
'grant_type' => 'authorization_code',
'code' => $code,
'redirect_uri' => $this->callback,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

43
src/Appwrite/Auth/OAuth2/Microsoft.php
View file

@ -14,6 +14,11 @@ class Microsoft extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -53,28 +58,24 @@ class Microsoft extends OAuth2
*/
public function getTokens(string $code): array
{
$headers = ['Content-Type: application/x-www-form-urlencoded'];
if(empty($this->tokens)) {
$headers = ['Content-Type: application/x-www-form-urlencoded'];
$this->tokens = \json_decode($this->request(
'POST',
'https://login.microsoftonline.com/' . $this->getTenantId() . '/oauth2/v2.0/token',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->getClientSecret(),
'redirect_uri' => $this->callback,
'scope' => \implode(' ', $this->getScopes()),
'grant_type' => 'authorization_code'
])
), true);
}
$result = $this->request(
'POST',
'https://login.microsoftonline.com/'.$this->getTenantId().'/oauth2/v2.0/token',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->getClientSecret(),
'redirect_uri' => $this->callback,
'scope' => \implode(' ', $this->getScopes()),
'grant_type' => 'authorization_code'
])
);
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

34
src/Appwrite/Auth/OAuth2/Mock.php
View file

@ -22,6 +22,11 @@ class Mock extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @return string
@ -51,23 +56,20 @@ class Mock extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'GET',
'http://localhost/'.$this->version.'/mock/tests/general/oauth2/token?'.
\http_build_query([
'client_id' => $this->appID,
'redirect_uri' => $this->callback,
'client_secret' => $this->appSecret,
'code' => $code
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'GET',
'http://localhost/' . $this->version . '/mock/tests/general/oauth2/token?' .
\http_build_query([
'client_id' => $this->appID,
'redirect_uri' => $this->callback,
'client_secret' => $this->appSecret,
'code' => $code
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

39
src/Appwrite/Auth/OAuth2/Notion.php
View file

@ -20,6 +20,11 @@ class Notion extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -55,27 +60,21 @@ class Notion extends OAuth2
*/
public function getTokens(string $code): array
{
$headers = [
"Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret),
];
if(empty($this->tokens)) {
$headers = ['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)];
$this->tokens = \json_decode($this->request(
'POST',
$this->endpoint . '/oauth/token',
$headers,
\http_build_query([
'grant_type' => 'authorization_code',
'redirect_uri' => $this->callback,
'code' => $code
])
), true);
}
$result = $this->request(
'POST',
$this->endpoint . '/oauth/token',
$headers,
\http_build_query([
'grant_type' => 'authorization_code',
'redirect_uri' => $this->callback,
'code' => $code
])
);
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

32
src/Appwrite/Auth/OAuth2/Paypal.php
View file

@ -34,6 +34,11 @@ class Paypal extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -78,22 +83,19 @@ class Paypal extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
$this->resourceEndpoint[$this->environment] . 'oauth2/token',
['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)],
\http_build_query([
'code' => $code,
'grant_type' => 'authorization_code',
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
$this->resourceEndpoint[$this->environment] . 'oauth2/token',
['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)],
\http_build_query([
'code' => $code,
'grant_type' => 'authorization_code',
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

43
src/Appwrite/Auth/OAuth2/Salesforce.php
View file

@ -15,6 +15,11 @@ class Salesforce extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -63,28 +68,24 @@ class Salesforce extends OAuth2
*/
public function getTokens(string $code): array
{
$headers = [
"Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret),
"Content-Type: application/x-www-form-urlencoded",
];
if(empty($this->tokens)) {
$headers = [
'Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret),
'Content-Type: application/x-www-form-urlencoded',
];
$this->tokens = \json_decode($this->request(
'POST',
'https://login.salesforce.com/services/oauth2/token',
$headers,
\http_build_query([
'code' => $code,
'redirect_uri' => $this->callback,
'grant_type' => 'authorization_code'
])
), true);
}
$result = $this->request(
'POST',
'https://login.salesforce.com/services/oauth2/token',
$headers,
\http_build_query([
'code' => $code,
'redirect_uri' => $this->callback ,
'grant_type' => 'authorization_code'
])
);
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

34
src/Appwrite/Auth/OAuth2/Slack.php
View file

@ -10,6 +10,11 @@ class Slack extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -50,23 +55,20 @@ class Slack extends OAuth2
*/
public function getTokens(string $code): array
{
// https://api.slack.com/docs/oauth#step_3_-_exchanging_a_verification_code_for_an_access_token
$result = $this->request(
'GET',
'https://slack.com/api/oauth.access?'.\http_build_query([
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'code' => $code,
'redirect_uri' => $this->callback
])
);
if(empty($this->tokens)) {
// https://api.slack.com/docs/oauth#step_3_-_exchanging_a_verification_code_for_an_access_token
$this->tokens = \json_decode($this->request(
'GET',
'https://slack.com/api/oauth.access?' . \http_build_query([
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'code' => $code,
'redirect_uri' => $this->callback
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

39
src/Appwrite/Auth/OAuth2/Spotify.php
View file

@ -31,7 +31,7 @@ class Spotify extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
@ -68,11 +68,11 @@ class Spotify extends OAuth2
public function getTokens(string $code): array
{
if(empty($this->tokens)) {
$header = "Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret);
$headers = ['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)];
$this->tokens = \json_decode($this->request(
'POST',
$this->endpoint . 'api/token',
[$header],
$headers,
\http_build_query([
"code" => $code,
"grant_type" => "authorization_code",
@ -84,39 +84,6 @@ class Spotify extends OAuth2
return $this->tokens;
}
/**
* @param string $code
*
* @return string
*/
public function getAccessToken(string $code):string
{
$tokens = $this->getTokens($code);
return $tokens['access_token'];
}
/**
* @param string $code
*
* @return string
*/
public function getRefreshToken(string $code):string
{
$tokens = $this->getTokens($code);
return $tokens['refresh_token'];
}
/**
* @param string $code
*
* @return string
*/
public function getTokenExpiry(string $code):string
{
$tokens = $this->getTokens($code);
return $tokens['expires_in'];
}
/**
* @param $accessToken
*

34
src/Appwrite/Auth/OAuth2/Stripe.php
View file

@ -10,6 +10,11 @@ class Stripe extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var string
@ -61,26 +66,21 @@ class Stripe extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
'https://connect.stripe.com/oauth/token',
[],
\http_build_query([
'grant_type' => $this->grantType['authorize'],
'code' => $code
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
'https://connect.stripe.com/oauth/token',
[],
\http_build_query([
'grant_type' => $this->grantType['authorize'],
'code' => $code
])
), true);
$result = \json_decode($result, true);
if (isset($result['stripe_user_id'])) {
$this->stripeAccountId = $result['stripe_user_id'];
$this->stripeAccountId = $this->tokens['stripe_user_id'];
}
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

32
src/Appwrite/Auth/OAuth2/Tradeshift.php
View file

@ -33,6 +33,11 @@ class Tradeshift extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
protected $scopes = [
@ -73,22 +78,19 @@ class Tradeshift extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
$this->endpoint[$this->environment] . 'auth/token',
['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)],
\http_build_query([
'grant_type' => 'authorization_code',
'code' => $code,
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
$this->endpoint[$this->environment] . 'auth/token',
['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)],
\http_build_query([
'grant_type' => 'authorization_code',
'code' => $code,
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

32
src/Appwrite/Auth/OAuth2/Twitch.php
View file

@ -31,6 +31,11 @@ class Twitch extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @return string
@ -63,21 +68,20 @@ class Twitch extends OAuth2
*/
public function getTokens(string $code): array
{
$result = \json_decode($this->request(
'POST',
$this->endpoint . 'token?'. \http_build_query([
"client_id" => $this->appID,
"client_secret" => $this->appSecret,
"code" => $code,
"grant_type" => "authorization_code",
"redirect_uri" => $this->callback
])
), true);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
$this->endpoint . 'token?' . \http_build_query([
"client_id" => $this->appID,
"client_secret" => $this->appSecret,
"code" => $code,
"grant_type" => "authorization_code",
"redirect_uri" => $this->callback
])
), true);
}
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

44
src/Appwrite/Auth/OAuth2/Vk.php
View file

@ -16,6 +16,11 @@ class Vk extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -61,32 +66,25 @@ class Vk extends OAuth2
*/
public function getTokens(string $code): array
{
$headers = ['Content-Type: application/x-www-form-urlencoded;charset=UTF-8'];
$result = $this->request(
'POST',
'https://oauth.vk.com/access_token?',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback
])
);
$result = \json_decode($result, true);
if(empty($this->tokens)) {
$headers = ['Content-Type: application/x-www-form-urlencoded;charset=UTF-8'];
$this->tokens = \json_decode($this->request(
'POST',
'https://oauth.vk.com/access_token?',
$headers,
\http_build_query([
'code' => $code,
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'redirect_uri' => $this->callback
])
), true);
if (isset($result['email'])) {
$this->user['email'] = $result['email'];
$this->user['email'] = $this->tokens['email'];
$this->user['user_id'] = $this->tokens['user_id'];
}
if (isset($result['user_id'])) {
$this->user['user_id'] = $result['user_id'];
}
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

38
src/Appwrite/Auth/OAuth2/WordPress.php
View file

@ -13,6 +13,11 @@ class WordPress extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -50,25 +55,22 @@ class WordPress extends OAuth2
*/
public function getTokens(string $code): array
{
$result = $this->request(
'POST',
'https://public-api.wordpress.com/oauth2/token',
[],
\http_build_query([
'client_id' => $this->appID,
'redirect_uri' => $this->callback,
'client_secret' => $this->appSecret,
'grant_type' => 'authorization_code',
'code' => $code
])
);
if(empty($this->tokens)) {
$this->tokens = \json_decode($this->request(
'POST',
'https://public-api.wordpress.com/oauth2/token',
[],
\http_build_query([
'client_id' => $this->appID,
'redirect_uri' => $this->callback,
'client_secret' => $this->appSecret,
'grant_type' => 'authorization_code',
'code' => $code
])
), true);
}
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

40
src/Appwrite/Auth/OAuth2/Yahoo.php
View file

@ -32,6 +32,11 @@ class Yahoo extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @return string
@ -74,26 +79,25 @@ class Yahoo extends OAuth2
*/
public function getTokens(string $code): array
{
$header = [
"Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret),
"Content-Type: application/x-www-form-urlencoded",
];
if(empty($this->tokens)) {
$headers = [
'Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret),
'Content-Type: application/x-www-form-urlencoded',
];
$result = \json_decode($this->request(
'POST',
$this->endpoint . 'get_token',
$header,
\http_build_query([
"code" => $code,
"grant_type" => "authorization_code",
"redirect_uri" => $this->callback
])
), true);
$this->tokens = \json_decode($this->request(
'POST',
$this->endpoint . 'get_token',
$headers,
\http_build_query([
"code" => $code,
"grant_type" => "authorization_code",
"redirect_uri" => $this->callback
])
), true);
}
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

39
src/Appwrite/Auth/OAuth2/Yammer.php
View file

@ -18,6 +18,11 @@ class Yammer extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @return string
@ -48,26 +53,22 @@ class Yammer extends OAuth2
*/
public function getTokens(string $code): array
{
$headers = ['Content-Type: application/x-www-form-urlencoded'];
if(empty($this->tokens)) {
$headers = ['Content-Type: application/x-www-form-urlencoded'];
$this->tokens = \json_decode($this->request(
'POST',
$this->endpoint . 'access_token?',
$headers,
\http_build_query([
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'code' => $code,
'grant_type' => 'authorization_code'
])
), true);
}
$result = $this->request(
'POST',
$this->endpoint . 'access_token?',
$headers,
\http_build_query([
'client_id' => $this->appID,
'client_secret' => $this->appSecret,
'code' => $code,
'grant_type' => 'authorization_code'
])
);
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

41
src/Appwrite/Auth/OAuth2/Yandex.php
View file

@ -15,6 +15,11 @@ class Yandex extends OAuth2
* @var array
*/
protected $user = [];
/**
* @var array
*/
protected $tokens = [];
/**
* @var array
@ -60,27 +65,23 @@ class Yandex extends OAuth2
*/
public function getTokens(string $code): array
{
$headers = [
"Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret),
"Content-Type: application/x-www-form-urlencoded",
];
if(empty($this->tokens)) {
$headers = [
'Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret),
'Content-Type: application/x-www-form-urlencoded',
];
$this->tokens = \json_decode($this->request(
'POST',
'https://oauth.yandex.com/token',
$headers,
\http_build_query([
'code' => $code,
'grant_type' => 'authorization_code'
])
), true);
}
$result = $this->request(
'POST',
'https://oauth.yandex.com/token',
$headers,
\http_build_query([
'code' => $code,
'grant_type' => 'authorization_code'
])
);
$result = \json_decode($result, true);
return [
'access' => $result['access_token'],
'refresh' => $result['refresh_token']
];
return $this->tokens;
}
/**

6
src/Appwrite/Utopia/Response/Model/Session.php
View file

@ -46,6 +46,12 @@ class Session extends Model
'default' => '',
'example' => 'MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3',
])
->addRule('providerAccessTokenExpiry', [
'type' => self::TYPE_INTEGER,
'description' => 'Date, the user has accepted the invitation to join the team in Unix timestamp.',
'default' => 0,
'example' => 1592981250,
])
->addRule('providerRefreshToken', [
'type' => self::TYPE_STRING,
'description' => 'Session Provider Refresh Token.',