Create Auth0 OAuth Adapter

app/config/providers.php

@@ -21,6 +21,16 @@ return [ // Ordered by ABC.
         'beta' => true,
         'mock' => false,
     ],
+    'auth0' => [
+        'name' => 'Auth0',
+        'developers' => 'https://auth0.com/developers',
+        'icon' => 'icon-auth0',
+        'enabled' => true,
+        'sandbox' => false,
+        'form' => 'auth0.phtml',
+        'beta' => false,
+        'mock' => false,
+    ],
     'bitbucket' => [
         'name' => 'BitBucket',
         'developers' => 'https://developer.atlassian.com/bitbucket',

app/views/console/users/oauth/auth0.phtml

@@ -0,0 +1,12 @@
+<?php
+$provider = $this->getParam('provider', '');
+?>
+
+<label for="oauth2<?php echo $this->escape(ucfirst($provider)); ?>Appid">Client ID<span class="tooltip" data-tooltip="Provided by Auth0"><i class="icon-info-circled"></i></span></label>
+<input name="appId" id="oauth2<?php echo $this->escape(ucfirst($provider)); ?>Appid" type="text" autocomplete="off" data-ls-bind="{{console-project.provider<?php echo $this->escape(ucfirst($provider)); ?>Appid}}" placeholder="Client ID" />
+<label for="oauth2<?php echo $this->escape(ucfirst($provider)); ?>ClientSecret">Client Secret <span class="tooltip" data-tooltip="Provided in the Application you created in Auth0"><i class="icon-info-circled"></i></span></label>
+<input name="clientSecret" id="oauth2<?php echo $this->escape(ucfirst($provider)); ?>ClientSecret" type="password" autocomplete="off" placeholder="Client Secret" />
+<label for="oauth2<?php echo $this->escape(ucfirst($provider)); ?>Domain">Auth0 Domain<span class="tooltip" data-tooltip="Your Auth0 Domain"><i class="icon-info-circled"></i></span></label>
+<input name="auth0Domain" id="oauth2<?php echo $this->escape(ucfirst($provider)); ?>Domain" type="text" autocomplete="off" placeholder="YOUR_DOMAIN" />
+<?php /*Hidden input for the final secret. Gets filled with a JSON via JS. */ ?>
+<input name="secret" data-forms-oauth-custom="<?php echo $this->escape(ucfirst($provider)); ?>" id="oauth2<?php echo $this->escape(ucfirst($provider)); ?>Secret" type="hidden" autocomplete="off" data-ls-bind="{{console-project.provider<?php echo $this->escape(ucfirst($provider)); ?>Secret}}" />

public/scripts/views/forms/oauth-custom.js

@@ -16,6 +16,10 @@
           "keyId": "oauth2AppleKeyId",
           "teamId": "oauth2AppleTeamId",
           "p8": "oauth2AppleP8"
+        },
+        "Auth0": {
+          "clientSecret": "oauth2Auth0ClientSecret",
+          "auth0Domain": "oauth2Auth0Domain"
         }
       }
       let provider = element.getAttribute("data-forms-oauth-custom");

src/Appwrite/Auth/OAuth2/Auth0.php

@@ -0,0 +1,206 @@
+<?php
+
+namespace Appwrite\Auth\OAuth2;
+
+use Appwrite\Auth\OAuth2;
+
+// Reference Material
+// https://auth0.com/docs/api/authentication
+
+class Auth0 extends OAuth2
+{  
+     /**
+     * @var array
+     */
+    protected $scopes = [
+        'openid',
+        'profile',
+        'email'
+    ];
+    
+    /**
+     * @var array
+     */
+    protected $user = [];
+    
+    /**
+     * @var array
+     */
+    protected $tokens = [];
+    
+    /**
+     * @return string
+     */
+    public function getName(): string
+    {
+        return 'auth0';
+    }
+
+    /**
+     * @return string
+     */
+    public function getLoginURL(): string
+    {
+        return 'https://'.$this->getAuth0Domain().'/authorize?'.\http_build_query([
+            'client_id' => $this->appID,
+            'redirect_uri' => $this->callback,
+            'state'=> \json_encode($this->state),
+            'scope'=> \implode(' ', $this->getScopes()),
+            'response_type' => 'code'
+        ]);
+    }
+
+    /**
+     * @param string $code
+     *
+     * @return array
+     */
+    protected function getTokens(string $code): array
+    {
+        if(empty($this->tokens)) {
+            $headers = ['Content-Type: application/x-www-form-urlencoded'];
+            $this->tokens = \json_decode($this->request(
+                'POST',
+                'https://'.$this->getAuth0Domain().'/oauth/token',
+                $headers,
+                \http_build_query([
+                    'code' => $code,
+                    'client_id' => $this->appID,
+                    'client_secret' => $this->getClientSecret(),
+                    'redirect_uri' => $this->callback,
+                    'scope' => \implode(' ', $this->getScopes()),
+                    'grant_type' => 'authorization_code'
+                ])
+            ), true);
+        }
+
+        return $this->tokens;
+    }
+    
+    
+    /**
+     * @param string $refreshToken
+     *
+     * @return array
+     */
+    public function refreshTokens(string $refreshToken):array
+    {
+        $headers = ['Content-Type: application/x-www-form-urlencoded'];
+        $this->tokens = \json_decode($this->request(
+            'POST',
+            'https://'.$this->getAuth0Domain().'/oauth/token',
+            $headers,
+            \http_build_query([
+                'refresh_token' => $refreshToken,
+                'client_id' => $this->appID,
+                'client_secret' => $this->getClientSecret(),
+                'grant_type' => 'refresh_token'
+            ])
+        ), true);
+
+        if(empty($this->tokens['refresh_token'])) {
+            $this->tokens['refresh_token'] = $refreshToken;
+        }
+
+        return $this->tokens;
+    }
+
+    /**
+     * @param string $accessToken
+     *
+     * @return string
+     */
+    public function getUserID(string $accessToken): string
+    {
+        $user = $this->getUser($accessToken);
+        
+        if (isset($user['sub'])) {
+            return $user['sub'];
+        }
+        
+        return '';
+    }
+
+    /**
+     * @param string $accessToken
+     *
+     * @return string
+     */
+    public function getUserEmail(string $accessToken): string
+    {
+        $user = $this->getUser($accessToken);
+        
+        if (isset($user['email'])) {
+            return $user['email'];
+        }
+        
+        return '';
+    }
+
+    /**
+     * @param string $accessToken
+     *
+     * @return string
+     */
+    public function getUserName(string $accessToken): string
+    {
+        $user = $this->getUser($accessToken);
+        
+        if (isset($user['name'])) {
+            return $user['name'];
+        }
+        
+        return '';
+    }
+    
+     /**
+     * @param string $accessToken
+     *
+     * @return array
+     */
+    protected function getUser(string $accessToken)
+    {
+        if (empty($this->user)) {
+            $headers = ['Authorization: Bearer '. \urlencode($accessToken)];
+            $user = $this->request('GET', 'https://'.$this->getAuth0Domain().'/userinfo', $headers);
+            $this->user = \json_decode($user, true);
+        }
+
+        return $this->user;
+    }
+
+    /**
+     * Extracts the Client Secret from the JSON stored in appSecret
+     * @return string
+     */
+    protected function getClientSecret(): string
+    {
+        $secret = $this->decodeJson();
+
+        return (isset($secret['clientSecret'])) ? $secret['clientSecret'] : ''; 
+    }
+
+     /**
+     * Extracts the Auth0 Domain from the JSON stored in appSecret. Defaults to 'common' as a fallback
+     * @return string
+     */
+    protected function getAuth0Domain(): string
+    {
+        $secret = $this->decodeJson();
+        return (isset($secret['auth0Domain'])) ? $secret['auth0Domain'] : ''; 
+    }
+
+    /**
+     * Decode the JSON stored in appSecret
+     * @return array
+     */
+    protected function decodeJson(): array
+    {    
+        try {
+            $secret = \json_decode($this->appSecret, true);
+        } catch (\Throwable $th) {
+            throw new Exception('Invalid secret');
+        }
+        return $secret;
+    }
+}