diff --git a/app/config/collections.php b/app/config/collections.php index 2c4023a5c..c8dffa841 100644 --- a/app/config/collections.php +++ b/app/config/collections.php @@ -1168,6 +1168,17 @@ $collections = [ 'array' => false, 'filters' => ['encrypt'], ], + [ + '$id' => 'providerAccessTokenExpiry', + 'type' => Database::VAR_INTEGER, + 'format' => '', + 'size' => 0, + 'signed' => true, + 'required' => false, + 'default' => null, + 'array' => false, + 'filters' => [], + ], [ '$id' => 'providerRefreshToken', 'type' => Database::VAR_STRING, diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index 4e70dd1f1..028e8ccab 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -430,10 +430,10 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') } $state['failure'] = null; - $tokens = $oauth2->getTokens($code); - $accessToken = $tokens['access']; - $refreshToken = $tokens['refresh']; + $accessToken = $oauth2->getAccessToken($code); + $refreshToken =$oauth2->getRefreshToken($code); + $accessTokenExpiry = $oauth2->getAccessTokenExpiry($code); if (empty($accessToken)) { if (!empty($state['failure'])) { @@ -533,6 +533,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') 'providerUid' => $oauth2ID, 'providerAccessToken' => $accessToken, 'providerRefreshToken' => $refreshToken, + 'providerAccessTokenExpiry' => $accessTokenExpiry, 'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak 'expire' => $expiry, 'userAgent' => $request->getUserAgent('UNKNOWN'), diff --git a/src/Appwrite/Auth/OAuth2.php b/src/Appwrite/Auth/OAuth2.php index a71bde732..356451dcf 100644 --- a/src/Appwrite/Auth/OAuth2.php +++ b/src/Appwrite/Auth/OAuth2.php @@ -109,6 +109,38 @@ abstract class OAuth2 return $this->scopes; } + /** + * @param string $code + * + * @return string + */ + public function getAccessToken(string $code):string + { + $tokens = $this->getTokens($code); + return $tokens['access_token']; + } + + /** + * @param string $code + * + * @return string + */ + public function getRefreshToken(string $code):string + { + $tokens = $this->getTokens($code); + return $tokens['refresh_token']; + } + + /** + * @param string $code + * + * @return string + */ + public function getAccessTokenExpiry(string $code):string + { + $tokens = $this->getTokens($code); + return $tokens['expires_in']; + } // The parseState function was designed specifically for Amazon OAuth2 Adapter to override. // The response from Amazon is html encoded and hence it needs to be html_decoded before diff --git a/src/Appwrite/Auth/OAuth2/Amazon.php b/src/Appwrite/Auth/OAuth2/Amazon.php index 0b8b78ad8..e73582508 100644 --- a/src/Appwrite/Auth/OAuth2/Amazon.php +++ b/src/Appwrite/Auth/OAuth2/Amazon.php @@ -15,6 +15,11 @@ class Amazon extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -63,26 +68,23 @@ class Amazon extends OAuth2 */ public function getTokens(string $code): array { - $headers = ['Content-Type: application/x-www-form-urlencoded;charset=UTF-8']; - $result = $this->request( - 'POST', - 'https://api.amazon.com/auth/o2/token', - $headers, - \http_build_query([ - 'code' => $code, - 'client_id' => $this->appID , - 'client_secret' => $this->appSecret, - 'redirect_uri' => $this->callback , - 'grant_type' => 'authorization_code' - ]) - ); + if(empty($this->tokens)) { + $headers = ['Content-Type: application/x-www-form-urlencoded;charset=UTF-8']; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://api.amazon.com/auth/o2/token', + $headers, + \http_build_query([ + 'code' => $code, + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'redirect_uri' => $this->callback, + 'grant_type' => 'authorization_code' + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Apple.php b/src/Appwrite/Auth/OAuth2/Apple.php index b272cf4df..0a764b966 100644 --- a/src/Appwrite/Auth/OAuth2/Apple.php +++ b/src/Appwrite/Auth/OAuth2/Apple.php @@ -14,6 +14,11 @@ class Apple extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -58,29 +63,26 @@ class Apple extends OAuth2 */ public function getTokens(string $code): array { - $headers = ['Content-Type: application/x-www-form-urlencoded']; - $result = $this->request( - 'POST', - 'https://appleid.apple.com/auth/token', - $headers, - \http_build_query([ - 'grant_type' => 'authorization_code', - 'code' => $code, - 'client_id' => $this->appID, - 'client_secret' => $this->getAppSecret(), - 'redirect_uri' => $this->callback, - ]) - ); + if(empty($this->tokens)) { + $headers = ['Content-Type: application/x-www-form-urlencoded']; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://appleid.apple.com/auth/token', + $headers, + \http_build_query([ + 'grant_type' => 'authorization_code', + 'code' => $code, + 'client_id' => $this->appID, + 'client_secret' => $this->getAppSecret(), + 'redirect_uri' => $this->callback, + ]) + ), true); - $result = \json_decode($result, true); + $this->claims = (isset($this->tokens['id_token'])) ? \explode('.', $this->tokens['id_token']) : [0 => '', 1 => '']; + $this->claims = (isset($this->claims[1])) ? \json_decode(\base64_decode($this->claims[1]), true) : []; + } - $this->claims = (isset($result['id_token'])) ? \explode('.', $result['id_token']) : [0 => '', 1 => '']; - $this->claims = (isset($this->claims[1])) ? \json_decode(\base64_decode($this->claims[1]), true) : []; - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Bitbucket.php b/src/Appwrite/Auth/OAuth2/Bitbucket.php index b82d722d5..bc35bd5ca 100644 --- a/src/Appwrite/Auth/OAuth2/Bitbucket.php +++ b/src/Appwrite/Auth/OAuth2/Bitbucket.php @@ -13,6 +13,11 @@ class Bitbucket extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -47,27 +52,23 @@ class Bitbucket extends OAuth2 */ public function getTokens(string $code): array { - // Required as per Bitbucket Spec. - $headers = ['Content-Type: application/x-www-form-urlencoded']; + if(empty($this->tokens)) { + // Required as per Bitbucket Spec. + $headers = ['Content-Type: application/x-www-form-urlencoded']; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://bitbucket.org/site/oauth2/access_token', + $headers, + \http_build_query([ + 'code' => $code, + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'grant_type' => 'authorization_code' + ]) + ), true); + } - $result = $this->request( - 'POST', - 'https://bitbucket.org/site/oauth2/access_token', - $headers, - \http_build_query([ - 'code' => $code, - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, - 'grant_type' => 'authorization_code' - ]) - ); - - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Bitly.php b/src/Appwrite/Auth/OAuth2/Bitly.php index db3cbfdbf..fcea846e0 100644 --- a/src/Appwrite/Auth/OAuth2/Bitly.php +++ b/src/Appwrite/Auth/OAuth2/Bitly.php @@ -29,6 +29,11 @@ class Bitly extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @return string @@ -58,25 +63,22 @@ class Bitly extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - $this->resourceEndpoint . 'oauth/access_token', - ["Content-Type: application/x-www-form-urlencoded"], - \http_build_query([ - "client_id" => $this->appID, - "client_secret" => $this->appSecret, - "code" => $code, - "redirect_uri" => $this->callback, - "state" => \json_encode($this->state) - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + $this->resourceEndpoint . 'oauth/access_token', + ["Content-Type: application/x-www-form-urlencoded"], + \http_build_query([ + "client_id" => $this->appID, + "client_secret" => $this->appSecret, + "code" => $code, + "redirect_uri" => $this->callback, + "state" => \json_encode($this->state) + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Box.php b/src/Appwrite/Auth/OAuth2/Box.php index c5c842394..f53a8d80f 100644 --- a/src/Appwrite/Auth/OAuth2/Box.php +++ b/src/Appwrite/Auth/OAuth2/Box.php @@ -23,6 +23,11 @@ class Box extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -63,27 +68,24 @@ class Box extends OAuth2 */ public function getTokens(string $code): array { - $header = "Content-Type: application/x-www-form-urlencoded"; - $result = $this->request( - 'POST', - $this->endpoint . 'token', - [$header], - \http_build_query([ - "client_id" => $this->appID, - "client_secret" => $this->appSecret, - "code" => $code, - "grant_type" => "authorization_code", - "scope" => \implode(',', $this->getScopes()), - "redirect_uri" => $this->callback - ]) - ); + if(empty($this->tokens)) { + $headers = ['Content-Type: application/x-www-form-urlencoded']; + $this->tokens = \json_decode($this->request( + 'POST', + $this->endpoint . 'token', + $headers, + \http_build_query([ + "client_id" => $this->appID, + "client_secret" => $this->appSecret, + "code" => $code, + "grant_type" => "authorization_code", + "scope" => \implode(',', $this->getScopes()), + "redirect_uri" => $this->callback + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Discord.php b/src/Appwrite/Auth/OAuth2/Discord.php index ed324e62f..9e55e5301 100644 --- a/src/Appwrite/Auth/OAuth2/Discord.php +++ b/src/Appwrite/Auth/OAuth2/Discord.php @@ -18,6 +18,11 @@ class Discord extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -59,26 +64,23 @@ class Discord extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - $this->endpoint . '/oauth2/token', - ['Content-Type: application/x-www-form-urlencoded'], - \http_build_query([ - 'grant_type' => 'authorization_code', - 'code' => $code, - 'redirect_uri' => $this->callback, - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, - 'scope' => \implode(' ', $this->getScopes()) - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + $this->endpoint . '/oauth2/token', + ['Content-Type: application/x-www-form-urlencoded'], + \http_build_query([ + 'grant_type' => 'authorization_code', + 'code' => $code, + 'redirect_uri' => $this->callback, + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'scope' => \implode(' ', $this->getScopes()) + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Dropbox.php b/src/Appwrite/Auth/OAuth2/Dropbox.php index 44cd3e978..cc1614f39 100644 --- a/src/Appwrite/Auth/OAuth2/Dropbox.php +++ b/src/Appwrite/Auth/OAuth2/Dropbox.php @@ -14,6 +14,11 @@ class Dropbox extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -48,26 +53,23 @@ class Dropbox extends OAuth2 */ public function getTokens(string $code): array { - $headers = ['Content-Type: application/x-www-form-urlencoded']; - $result = $this->request( - 'POST', - 'https://api.dropboxapi.com/oauth2/token', - $headers, - \http_build_query([ - 'code' => $code, - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, - 'redirect_uri' => $this->callback, - 'grant_type' => 'authorization_code' - ]) - ); + if(empty($this->tokens)) { + $headers = ['Content-Type: application/x-www-form-urlencoded']; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://api.dropboxapi.com/oauth2/token', + $headers, + \http_build_query([ + 'code' => $code, + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'redirect_uri' => $this->callback, + 'grant_type' => 'authorization_code' + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Facebook.php b/src/Appwrite/Auth/OAuth2/Facebook.php index e4b886d9c..ab4f173a4 100644 --- a/src/Appwrite/Auth/OAuth2/Facebook.php +++ b/src/Appwrite/Auth/OAuth2/Facebook.php @@ -15,6 +15,11 @@ class Facebook extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -51,22 +56,19 @@ class Facebook extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'GET', - 'https://graph.facebook.com/'.$this->version.'/oauth/access_token?'.\http_build_query([ - 'client_id' => $this->appID, - 'redirect_uri' => $this->callback, - 'client_secret' => $this->appSecret, - 'code' => $code - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'GET', + 'https://graph.facebook.com/' . $this->version . '/oauth/access_token?' . \http_build_query([ + 'client_id' => $this->appID, + 'redirect_uri' => $this->callback, + 'client_secret' => $this->appSecret, + 'code' => $code + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Github.php b/src/Appwrite/Auth/OAuth2/Github.php index 18cd9779a..e6329d696 100644 --- a/src/Appwrite/Auth/OAuth2/Github.php +++ b/src/Appwrite/Auth/OAuth2/Github.php @@ -10,6 +10,11 @@ class Github extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -46,24 +51,21 @@ class Github extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - 'https://github.com/login/oauth/access_token', - [], - \http_build_query([ - 'client_id' => $this->appID, - 'redirect_uri' => $this->callback, - 'client_secret' => $this->appSecret, - 'code' => $code - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + 'https://github.com/login/oauth/access_token', + [], + \http_build_query([ + 'client_id' => $this->appID, + 'redirect_uri' => $this->callback, + 'client_secret' => $this->appSecret, + 'code' => $code + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Gitlab.php b/src/Appwrite/Auth/OAuth2/Gitlab.php index d63f25bad..2278affed 100644 --- a/src/Appwrite/Auth/OAuth2/Gitlab.php +++ b/src/Appwrite/Auth/OAuth2/Gitlab.php @@ -13,6 +13,11 @@ class Gitlab extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -50,23 +55,20 @@ class Gitlab extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - 'https://gitlab.com/oauth/token?'.\http_build_query([ - 'code' => $code, - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, - 'redirect_uri' => $this->callback, - 'grant_type' => 'authorization_code' - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + 'https://gitlab.com/oauth/token?' . \http_build_query([ + 'code' => $code, + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'redirect_uri' => $this->callback, + 'grant_type' => 'authorization_code' + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Google.php b/src/Appwrite/Auth/OAuth2/Google.php index 50c1e7a9e..437965d68 100644 --- a/src/Appwrite/Auth/OAuth2/Google.php +++ b/src/Appwrite/Auth/OAuth2/Google.php @@ -29,6 +29,11 @@ class Google extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @return string @@ -59,24 +64,21 @@ class Google extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - 'https://oauth2.googleapis.com/token?'.\http_build_query([ - 'code' => $code, - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, - 'redirect_uri' => $this->callback, - 'scope' => null, - 'grant_type' => 'authorization_code' - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + 'https://oauth2.googleapis.com/token?' . \http_build_query([ + 'code' => $code, + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'redirect_uri' => $this->callback, + 'scope' => null, + 'grant_type' => 'authorization_code' + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Linkedin.php b/src/Appwrite/Auth/OAuth2/Linkedin.php index cc26a7cd0..2331cbf34 100644 --- a/src/Appwrite/Auth/OAuth2/Linkedin.php +++ b/src/Appwrite/Auth/OAuth2/Linkedin.php @@ -10,6 +10,11 @@ class Linkedin extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -61,25 +66,22 @@ class Linkedin extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - 'https://www.linkedin.com/oauth/v2/accessToken', - ['Content-Type: application/x-www-form-urlencoded'], - \http_build_query([ - 'grant_type' => 'authorization_code', - 'code' => $code, - 'redirect_uri' => $this->callback, - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + 'https://www.linkedin.com/oauth/v2/accessToken', + ['Content-Type: application/x-www-form-urlencoded'], + \http_build_query([ + 'grant_type' => 'authorization_code', + 'code' => $code, + 'redirect_uri' => $this->callback, + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Microsoft.php b/src/Appwrite/Auth/OAuth2/Microsoft.php index efd6b4dd6..59e758727 100644 --- a/src/Appwrite/Auth/OAuth2/Microsoft.php +++ b/src/Appwrite/Auth/OAuth2/Microsoft.php @@ -14,6 +14,11 @@ class Microsoft extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -53,28 +58,24 @@ class Microsoft extends OAuth2 */ public function getTokens(string $code): array { - $headers = ['Content-Type: application/x-www-form-urlencoded']; + if(empty($this->tokens)) { + $headers = ['Content-Type: application/x-www-form-urlencoded']; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://login.microsoftonline.com/' . $this->getTenantId() . '/oauth2/v2.0/token', + $headers, + \http_build_query([ + 'code' => $code, + 'client_id' => $this->appID, + 'client_secret' => $this->getClientSecret(), + 'redirect_uri' => $this->callback, + 'scope' => \implode(' ', $this->getScopes()), + 'grant_type' => 'authorization_code' + ]) + ), true); + } - $result = $this->request( - 'POST', - 'https://login.microsoftonline.com/'.$this->getTenantId().'/oauth2/v2.0/token', - $headers, - \http_build_query([ - 'code' => $code, - 'client_id' => $this->appID, - 'client_secret' => $this->getClientSecret(), - 'redirect_uri' => $this->callback, - 'scope' => \implode(' ', $this->getScopes()), - 'grant_type' => 'authorization_code' - ]) - ); - - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Mock.php b/src/Appwrite/Auth/OAuth2/Mock.php index cc8e12e2e..8cfc68e7b 100644 --- a/src/Appwrite/Auth/OAuth2/Mock.php +++ b/src/Appwrite/Auth/OAuth2/Mock.php @@ -22,6 +22,11 @@ class Mock extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @return string @@ -51,23 +56,20 @@ class Mock extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'GET', - 'http://localhost/'.$this->version.'/mock/tests/general/oauth2/token?'. - \http_build_query([ - 'client_id' => $this->appID, - 'redirect_uri' => $this->callback, - 'client_secret' => $this->appSecret, - 'code' => $code - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'GET', + 'http://localhost/' . $this->version . '/mock/tests/general/oauth2/token?' . + \http_build_query([ + 'client_id' => $this->appID, + 'redirect_uri' => $this->callback, + 'client_secret' => $this->appSecret, + 'code' => $code + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Notion.php b/src/Appwrite/Auth/OAuth2/Notion.php index 28b98ff72..dbe8f700a 100644 --- a/src/Appwrite/Auth/OAuth2/Notion.php +++ b/src/Appwrite/Auth/OAuth2/Notion.php @@ -20,6 +20,11 @@ class Notion extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -55,27 +60,21 @@ class Notion extends OAuth2 */ public function getTokens(string $code): array { - $headers = [ - "Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret), - ]; + if(empty($this->tokens)) { + $headers = ['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)]; + $this->tokens = \json_decode($this->request( + 'POST', + $this->endpoint . '/oauth/token', + $headers, + \http_build_query([ + 'grant_type' => 'authorization_code', + 'redirect_uri' => $this->callback, + 'code' => $code + ]) + ), true); + } - $result = $this->request( - 'POST', - $this->endpoint . '/oauth/token', - $headers, - \http_build_query([ - 'grant_type' => 'authorization_code', - 'redirect_uri' => $this->callback, - 'code' => $code - ]) - ); - - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Paypal.php b/src/Appwrite/Auth/OAuth2/Paypal.php index 17414cafe..038190baf 100644 --- a/src/Appwrite/Auth/OAuth2/Paypal.php +++ b/src/Appwrite/Auth/OAuth2/Paypal.php @@ -34,6 +34,11 @@ class Paypal extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -78,22 +83,19 @@ class Paypal extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - $this->resourceEndpoint[$this->environment] . 'oauth2/token', - ['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)], - \http_build_query([ - 'code' => $code, - 'grant_type' => 'authorization_code', - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + $this->resourceEndpoint[$this->environment] . 'oauth2/token', + ['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)], + \http_build_query([ + 'code' => $code, + 'grant_type' => 'authorization_code', + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Salesforce.php b/src/Appwrite/Auth/OAuth2/Salesforce.php index a49d8ace9..ffcbf3e4d 100644 --- a/src/Appwrite/Auth/OAuth2/Salesforce.php +++ b/src/Appwrite/Auth/OAuth2/Salesforce.php @@ -15,6 +15,11 @@ class Salesforce extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -63,28 +68,24 @@ class Salesforce extends OAuth2 */ public function getTokens(string $code): array { - $headers = [ - "Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret), - "Content-Type: application/x-www-form-urlencoded", - ]; + if(empty($this->tokens)) { + $headers = [ + 'Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret), + 'Content-Type: application/x-www-form-urlencoded', + ]; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://login.salesforce.com/services/oauth2/token', + $headers, + \http_build_query([ + 'code' => $code, + 'redirect_uri' => $this->callback, + 'grant_type' => 'authorization_code' + ]) + ), true); + } - $result = $this->request( - 'POST', - 'https://login.salesforce.com/services/oauth2/token', - $headers, - \http_build_query([ - 'code' => $code, - 'redirect_uri' => $this->callback , - 'grant_type' => 'authorization_code' - ]) - ); - - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index 26605356a..6c2786eea 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -10,6 +10,11 @@ class Slack extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -50,23 +55,20 @@ class Slack extends OAuth2 */ public function getTokens(string $code): array { - // https://api.slack.com/docs/oauth#step_3_-_exchanging_a_verification_code_for_an_access_token - $result = $this->request( - 'GET', - 'https://slack.com/api/oauth.access?'.\http_build_query([ - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, - 'code' => $code, - 'redirect_uri' => $this->callback - ]) - ); + if(empty($this->tokens)) { + // https://api.slack.com/docs/oauth#step_3_-_exchanging_a_verification_code_for_an_access_token + $this->tokens = \json_decode($this->request( + 'GET', + 'https://slack.com/api/oauth.access?' . \http_build_query([ + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'code' => $code, + 'redirect_uri' => $this->callback + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Spotify.php b/src/Appwrite/Auth/OAuth2/Spotify.php index 8de5bd4f7..6cb31d5be 100644 --- a/src/Appwrite/Auth/OAuth2/Spotify.php +++ b/src/Appwrite/Auth/OAuth2/Spotify.php @@ -31,7 +31,7 @@ class Spotify extends OAuth2 * @var array */ protected $user = []; - + /** * @var array */ @@ -68,11 +68,11 @@ class Spotify extends OAuth2 public function getTokens(string $code): array { if(empty($this->tokens)) { - $header = "Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret); + $headers = ['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)]; $this->tokens = \json_decode($this->request( 'POST', $this->endpoint . 'api/token', - [$header], + $headers, \http_build_query([ "code" => $code, "grant_type" => "authorization_code", @@ -84,39 +84,6 @@ class Spotify extends OAuth2 return $this->tokens; } - /** - * @param string $code - * - * @return string - */ - public function getAccessToken(string $code):string - { - $tokens = $this->getTokens($code); - return $tokens['access_token']; - } - - /** - * @param string $code - * - * @return string - */ - public function getRefreshToken(string $code):string - { - $tokens = $this->getTokens($code); - return $tokens['refresh_token']; - } - - /** - * @param string $code - * - * @return string - */ - public function getTokenExpiry(string $code):string - { - $tokens = $this->getTokens($code); - return $tokens['expires_in']; - } - /** * @param $accessToken * diff --git a/src/Appwrite/Auth/OAuth2/Stripe.php b/src/Appwrite/Auth/OAuth2/Stripe.php index b8f29b315..76512a197 100644 --- a/src/Appwrite/Auth/OAuth2/Stripe.php +++ b/src/Appwrite/Auth/OAuth2/Stripe.php @@ -10,6 +10,11 @@ class Stripe extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var string @@ -61,26 +66,21 @@ class Stripe extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - 'https://connect.stripe.com/oauth/token', - [], - \http_build_query([ - 'grant_type' => $this->grantType['authorize'], - 'code' => $code - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + 'https://connect.stripe.com/oauth/token', + [], + \http_build_query([ + 'grant_type' => $this->grantType['authorize'], + 'code' => $code + ]) + ), true); - $result = \json_decode($result, true); - - if (isset($result['stripe_user_id'])) { - $this->stripeAccountId = $result['stripe_user_id']; + $this->stripeAccountId = $this->tokens['stripe_user_id']; } - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Tradeshift.php b/src/Appwrite/Auth/OAuth2/Tradeshift.php index 51b668fca..b50d5032f 100644 --- a/src/Appwrite/Auth/OAuth2/Tradeshift.php +++ b/src/Appwrite/Auth/OAuth2/Tradeshift.php @@ -33,6 +33,11 @@ class Tradeshift extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; protected $scopes = [ @@ -73,22 +78,19 @@ class Tradeshift extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - $this->endpoint[$this->environment] . 'auth/token', - ['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)], - \http_build_query([ - 'grant_type' => 'authorization_code', - 'code' => $code, - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + $this->endpoint[$this->environment] . 'auth/token', + ['Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret)], + \http_build_query([ + 'grant_type' => 'authorization_code', + 'code' => $code, + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Twitch.php b/src/Appwrite/Auth/OAuth2/Twitch.php index ba48c85ba..8d9fef201 100644 --- a/src/Appwrite/Auth/OAuth2/Twitch.php +++ b/src/Appwrite/Auth/OAuth2/Twitch.php @@ -31,6 +31,11 @@ class Twitch extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @return string @@ -63,21 +68,20 @@ class Twitch extends OAuth2 */ public function getTokens(string $code): array { - $result = \json_decode($this->request( - 'POST', - $this->endpoint . 'token?'. \http_build_query([ - "client_id" => $this->appID, - "client_secret" => $this->appSecret, - "code" => $code, - "grant_type" => "authorization_code", - "redirect_uri" => $this->callback - ]) - ), true); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + $this->endpoint . 'token?' . \http_build_query([ + "client_id" => $this->appID, + "client_secret" => $this->appSecret, + "code" => $code, + "grant_type" => "authorization_code", + "redirect_uri" => $this->callback + ]) + ), true); + } - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Vk.php b/src/Appwrite/Auth/OAuth2/Vk.php index f7b9c5c9d..2dc537411 100644 --- a/src/Appwrite/Auth/OAuth2/Vk.php +++ b/src/Appwrite/Auth/OAuth2/Vk.php @@ -16,6 +16,11 @@ class Vk extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -61,32 +66,25 @@ class Vk extends OAuth2 */ public function getTokens(string $code): array { - $headers = ['Content-Type: application/x-www-form-urlencoded;charset=UTF-8']; - $result = $this->request( - 'POST', - 'https://oauth.vk.com/access_token?', - $headers, - \http_build_query([ - 'code' => $code, - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, - 'redirect_uri' => $this->callback - ]) - ); - $result = \json_decode($result, true); + if(empty($this->tokens)) { + $headers = ['Content-Type: application/x-www-form-urlencoded;charset=UTF-8']; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://oauth.vk.com/access_token?', + $headers, + \http_build_query([ + 'code' => $code, + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'redirect_uri' => $this->callback + ]) + ), true); - if (isset($result['email'])) { - $this->user['email'] = $result['email']; + $this->user['email'] = $this->tokens['email']; + $this->user['user_id'] = $this->tokens['user_id']; } - if (isset($result['user_id'])) { - $this->user['user_id'] = $result['user_id']; - } - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/WordPress.php b/src/Appwrite/Auth/OAuth2/WordPress.php index e11777e64..ba4400a35 100644 --- a/src/Appwrite/Auth/OAuth2/WordPress.php +++ b/src/Appwrite/Auth/OAuth2/WordPress.php @@ -13,6 +13,11 @@ class WordPress extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -50,25 +55,22 @@ class WordPress extends OAuth2 */ public function getTokens(string $code): array { - $result = $this->request( - 'POST', - 'https://public-api.wordpress.com/oauth2/token', - [], - \http_build_query([ - 'client_id' => $this->appID, - 'redirect_uri' => $this->callback, - 'client_secret' => $this->appSecret, - 'grant_type' => 'authorization_code', - 'code' => $code - ]) - ); + if(empty($this->tokens)) { + $this->tokens = \json_decode($this->request( + 'POST', + 'https://public-api.wordpress.com/oauth2/token', + [], + \http_build_query([ + 'client_id' => $this->appID, + 'redirect_uri' => $this->callback, + 'client_secret' => $this->appSecret, + 'grant_type' => 'authorization_code', + 'code' => $code + ]) + ), true); + } - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Yahoo.php b/src/Appwrite/Auth/OAuth2/Yahoo.php index 113c99ca7..2e6a54cd0 100644 --- a/src/Appwrite/Auth/OAuth2/Yahoo.php +++ b/src/Appwrite/Auth/OAuth2/Yahoo.php @@ -32,6 +32,11 @@ class Yahoo extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @return string @@ -74,26 +79,25 @@ class Yahoo extends OAuth2 */ public function getTokens(string $code): array { - $header = [ - "Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret), - "Content-Type: application/x-www-form-urlencoded", - ]; + if(empty($this->tokens)) { + $headers = [ + 'Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret), + 'Content-Type: application/x-www-form-urlencoded', + ]; - $result = \json_decode($this->request( - 'POST', - $this->endpoint . 'get_token', - $header, - \http_build_query([ - "code" => $code, - "grant_type" => "authorization_code", - "redirect_uri" => $this->callback - ]) - ), true); + $this->tokens = \json_decode($this->request( + 'POST', + $this->endpoint . 'get_token', + $headers, + \http_build_query([ + "code" => $code, + "grant_type" => "authorization_code", + "redirect_uri" => $this->callback + ]) + ), true); + } - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Yammer.php b/src/Appwrite/Auth/OAuth2/Yammer.php index 6c0fe8589..f7b08a7e0 100644 --- a/src/Appwrite/Auth/OAuth2/Yammer.php +++ b/src/Appwrite/Auth/OAuth2/Yammer.php @@ -18,6 +18,11 @@ class Yammer extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @return string @@ -48,26 +53,22 @@ class Yammer extends OAuth2 */ public function getTokens(string $code): array { - $headers = ['Content-Type: application/x-www-form-urlencoded']; + if(empty($this->tokens)) { + $headers = ['Content-Type: application/x-www-form-urlencoded']; + $this->tokens = \json_decode($this->request( + 'POST', + $this->endpoint . 'access_token?', + $headers, + \http_build_query([ + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'code' => $code, + 'grant_type' => 'authorization_code' + ]) + ), true); + } - $result = $this->request( - 'POST', - $this->endpoint . 'access_token?', - $headers, - \http_build_query([ - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, - 'code' => $code, - 'grant_type' => 'authorization_code' - ]) - ); - - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Auth/OAuth2/Yandex.php b/src/Appwrite/Auth/OAuth2/Yandex.php index 2a60ac0e8..03fc9669e 100644 --- a/src/Appwrite/Auth/OAuth2/Yandex.php +++ b/src/Appwrite/Auth/OAuth2/Yandex.php @@ -15,6 +15,11 @@ class Yandex extends OAuth2 * @var array */ protected $user = []; + + /** + * @var array + */ + protected $tokens = []; /** * @var array @@ -60,27 +65,23 @@ class Yandex extends OAuth2 */ public function getTokens(string $code): array { - $headers = [ - "Authorization: Basic " . \base64_encode($this->appID . ":" . $this->appSecret), - "Content-Type: application/x-www-form-urlencoded", - ]; + if(empty($this->tokens)) { + $headers = [ + 'Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret), + 'Content-Type: application/x-www-form-urlencoded', + ]; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://oauth.yandex.com/token', + $headers, + \http_build_query([ + 'code' => $code, + 'grant_type' => 'authorization_code' + ]) + ), true); + } - $result = $this->request( - 'POST', - 'https://oauth.yandex.com/token', - $headers, - \http_build_query([ - 'code' => $code, - 'grant_type' => 'authorization_code' - ]) - ); - - $result = \json_decode($result, true); - - return [ - 'access' => $result['access_token'], - 'refresh' => $result['refresh_token'] - ]; + return $this->tokens; } /** diff --git a/src/Appwrite/Utopia/Response/Model/Session.php b/src/Appwrite/Utopia/Response/Model/Session.php index 1c6161170..5f32e1545 100644 --- a/src/Appwrite/Utopia/Response/Model/Session.php +++ b/src/Appwrite/Utopia/Response/Model/Session.php @@ -46,6 +46,12 @@ class Session extends Model 'default' => '', 'example' => 'MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3', ]) + ->addRule('providerAccessTokenExpiry', [ + 'type' => self::TYPE_INTEGER, + 'description' => 'Date, the user has accepted the invitation to join the team in Unix timestamp.', + 'default' => 0, + 'example' => 1592981250, + ]) ->addRule('providerRefreshToken', [ 'type' => self::TYPE_STRING, 'description' => 'Session Provider Refresh Token.',