getEndpoint() . '/oauth/authorize?' . \http_build_query([ 'client_id' => $this->appID, 'redirect_uri' => $this->callback, 'scope' => \implode(' ', $this->getScopes()), 'state' => \json_encode($this->state), 'response_type' => 'code' ]); } /** * @param string $code * * @return array */ protected function getTokens(string $code): array { if (empty($this->tokens)) { $this->tokens = \json_decode($this->request( 'POST', $this->getEndpoint() . '/oauth/token?' . \http_build_query([ 'code' => $code, 'client_id' => $this->appID, 'client_secret' => $this->getAppSecret()['clientSecret'], 'redirect_uri' => $this->callback, 'grant_type' => 'authorization_code' ]) ), true); } return $this->tokens; } /** * @param string $refreshToken * * @return array */ public function refreshTokens(string $refreshToken): array { $this->tokens = \json_decode($this->request( 'POST', $this->getEndpoint() . '/oauth/token?' . \http_build_query([ 'refresh_token' => $refreshToken, 'client_id' => $this->appID, 'client_secret' => $this->getAppSecret()['clientSecret'], 'grant_type' => 'refresh_token' ]) ), true); if (empty($this->tokens['refresh_token'])) { $this->tokens['refresh_token'] = $refreshToken; } return $this->tokens; } /** * @param string $accessToken * * @return string */ public function getUserID(string $accessToken): string { $user = $this->getUser($accessToken); if (isset($user['id'])) { return $user['id']; } return ''; } /** * @param string $accessToken * * @return string */ public function getUserEmail(string $accessToken): string { $user = $this->getUser($accessToken); return $user['email'] ?? ''; } /** * Check if the OAuth email is verified * * @link https://docs.gitlab.com/ee/api/users.html#list-current-user-for-normal-users * * @param string $accessToken * * @return bool */ public function isEmailVerified(string $accessToken): bool { $user = $this->getUser($accessToken); if ($user['confirmed_at'] ?? false) { return true; } return false; } /** * @param string $accessToken * * @return string */ public function getUserName(string $accessToken): string { $user = $this->getUser($accessToken); return $user['name'] ?? ''; } /** * @param string $accessToken * * @return array */ protected function getUser(string $accessToken): array { if (empty($this->user)) { $user = $this->request('GET', $this->getEndpoint() . '/api/v4/user?access_token=' . \urlencode($accessToken)); $this->user = \json_decode($user, true); } return $this->user; } /** * Decode the JSON stored in appSecret * * @return array */ protected function getAppSecret(): array { try { $secret = \json_decode($this->appSecret, true, 512, JSON_THROW_ON_ERROR); } catch (\Throwable $th) { throw new \Exception('Invalid secret'); } return $secret; } /** * Extracts the Tenant Id from the JSON stored in appSecret. Defaults to 'common' as a fallback * * @return string */ protected function getEndpoint(): string { $defaultEndpoint = 'https://gitlab.com'; $secret = $this->getAppSecret(); $endpoint = $secret['endpoint'] ?? $defaultEndpoint; return empty($endpoint) ? $defaultEndpoint : $endpoint; } }