appwrite/src/Appwrite/Auth/OAuth2.php

<?php

namespace Appwrite\Auth;

use Appwrite\Auth\OAuth2\Exception;

abstract class OAuth2
{
    /**
     * @var string
     */
    protected string $appID;

    /**
     * @var string
     */
    protected string $appSecret;

    /**
     * @var string
     */
    protected string $callback;

    /**
     * @var array
     */
    protected array $state;

    /**
     * @var array
     */
    protected array $scopes;

    /**
     * OAuth2 constructor.
     *
     * @param string $appId
     * @param string $appSecret
     * @param string $callback
     * @param array  $state
     * @param array $scopes
     */
    public function __construct(string $appId, string $appSecret, string $callback, array $state = [], array $scopes = [])
    {
        $this->appID = $appId;
        $this->appSecret = $appSecret;
        $this->callback = $callback;
        $this->state = $state;
        foreach ($scopes as $scope) {
            $this->addScope($scope);
        }
    }

    /**
     * @return string
     */
    abstract public function getName(): string;

    /**
     * @return string
     */
    abstract public function getLoginURL(): string;

    /**
     * @param string $code
     *
     * @return array
     */
    abstract protected function getTokens(string $code): array;

    /**
     * @param string $refreshToken
     *
     * @return array
     */
    abstract public function refreshTokens(string $refreshToken): array;

    /**
     * @param string $accessToken
     *
     * @return string
     */
    abstract public function getUserID(string $accessToken): string;

    /**
     * @param string $accessToken
     *
     * @return string
     */
    abstract public function getUserEmail(string $accessToken): string;

    /**
     * Check if the OAuth email is verified
     *
     * @param string $accessToken
     *
     * @return bool
     */
    abstract public function isEmailVerified(string $accessToken): bool;

    /**
     * @param string $accessToken
     *
     * @return string
     */
    abstract public function getUserName(string $accessToken): string;

    /**
     * @param $scope
     *
     * @return $this
     */
    protected function addScope(string $scope): OAuth2
    {
        // Add a scope to the scopes array if it isn't already present
        if (!\in_array($scope, $this->scopes)) {
            $this->scopes[] = $scope;
        }

        return $this;
    }

    /**
     * @return array
     */
    protected function getScopes(): array
    {
        return $this->scopes;
    }

    /**
     * @param string $code
     *
     * @return string
     */
    public function getAccessToken(string $code): string
    {
        $tokens = $this->getTokens($code);

        return $tokens['access_token'] ?? '';
    }

    /**
     * @param string $code
     *
     * @return string
     */
    public function getRefreshToken(string $code): string
    {
        $tokens = $this->getTokens($code);

        return $tokens['refresh_token'] ?? '';
    }

    /**
     * @param string $code
     *
     * @return string
     */
    public function getAccessTokenExpiry(string $code): int
    {
        $tokens = $this->getTokens($code);

        return $tokens['expires_in'] ?? 0;
    }

    // The parseState function was designed specifically for Amazon OAuth2 Adapter to override.
    // The response from Amazon is html encoded and hence it needs to be html_decoded before
    // json_decoding
    /**
     * @param $state
     *
     * @return array
     */
    public function parseState(string $state)
    {
        return \json_decode($state, true);
    }

    /**
     * @param string $method
     * @param string $url
     * @param array  $headers
     * @param string $payload
     *
     * @return string
     */
    protected function request(string $method, string $url = '', array $headers = [], string $payload = ''): string
    {
        $ch = \curl_init($url);

        \curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
        \curl_setopt($ch, CURLOPT_HEADER, 0);
        \curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        \curl_setopt($ch, CURLOPT_USERAGENT, 'Appwrite OAuth2');

        if (!empty($payload)) {
            \curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
        }

        $headers[] = 'Content-length: ' . \strlen($payload);
        \curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

        // Send the request & save response to $response
        $response = \curl_exec($ch);

        $code = curl_getinfo($ch, CURLINFO_HTTP_CODE);

        \curl_close($ch);

        if ($code >= 400) {
            throw new Exception($response, $code);
        }

        return (string)$response;
    }
}
Added source code 2019-05-09 06:54:39 +00:00			`<?php`

Added a vendor namespace to all local libs 2020-03-24 17:56:32 +00:00			`namespace Appwrite\Auth;`
Added source code 2019-05-09 06:54:39 +00:00
Improve OAuth2 Error Handling Update the OAuth2 class to throw an exception if an API call to the OAuth2 provider fails and update the endpoint to redirect to the failure url with the information from the OAuth2 provider. 2023-07-15 00:28:45 +00:00			`use Appwrite\Auth\OAuth2\Exception;`

Updated naming from OAuth to OAuth2 2020-02-16 11:41:03 +00:00			`abstract class OAuth2`
Added source code 2019-05-09 06:54:39 +00:00			`{`
			`/**`
			`* @var string`
			`*/`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00			`protected string $appID;`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
			`* @var string`
			`*/`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00			`protected string $appSecret;`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
			`* @var string`
			`*/`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00			`protected string $callback;`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
Feat psalm analysis (#699) * Added static code analysis * Updated code to solve psalm issue 2020-10-27 00:08:29 +00:00			`* @var array`
Added source code 2019-05-09 06:54:39 +00:00			`*/`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00			`protected array $state;`
Added source code 2019-05-09 06:54:39 +00:00
feat: added support for scopes param in OAuth Constructor 2020-01-11 19:09:22 +00:00			`/**`
			`* @var array`
			`*/`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00			`protected array $scopes;`
feat: added support for scopes param in OAuth Constructor 2020-01-11 19:09:22 +00:00
Added source code 2019-05-09 06:54:39 +00:00			`/**`
Updated naming from OAuth to OAuth2 2020-02-16 11:41:03 +00:00			`* OAuth2 constructor.`
Added source code 2019-05-09 06:54:39 +00:00			`*`
			`* @param string $appId`
			`* @param string $appSecret`
			`* @param string $callback`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`* @param array $state`
chore: added duplicate scope check in constructor 2020-01-13 06:31:36 +00:00			`* @param array $scopes`
Added source code 2019-05-09 06:54:39 +00:00			`*/`
Feat psalm analysis (#699) * Added static code analysis * Updated code to solve psalm issue 2020-10-27 00:08:29 +00:00			`public function __construct(string $appId, string $appSecret, string $callback, array $state = [], array $scopes = [])`
Added source code 2019-05-09 06:54:39 +00:00			`{`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`$this->appID = $appId;`
			`$this->appSecret = $appSecret;`
			`$this->callback = $callback;`
			`$this->state = $state;`
Fixed coding standards 2020-06-24 21:02:27 +00:00			`foreach ($scopes as $scope) {`
chore: added duplicate scope check in constructor 2020-01-13 06:31:36 +00:00			`$this->addScope($scope);`
			`}`
Added source code 2019-05-09 06:54:39 +00:00			`}`

			`/**`
			`* @return string`
			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`abstract public function getName(): string;`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
			`* @return string`
			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`abstract public function getLoginURL(): string;`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
			`* @param string $code`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`*`
Temporarly disabled all oauths 2022-01-31 20:20:17 +00:00			`* @return array`
Added source code 2019-05-09 06:54:39 +00:00			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`abstract protected function getTokens(string $code): array;`
Added source code 2019-05-09 06:54:39 +00:00
Implemented refresh token endpoint 2022-02-01 15:54:20 +00:00			`/**`
			`* @param string $refreshToken`
			`*`
			`* @return array`
			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`abstract public function refreshTokens(string $refreshToken): array;`
Implemented refresh token endpoint 2022-02-01 15:54:20 +00:00
Fix typing issues in OAuth2 2023-07-14 23:22:30 +00:00			`/**`
			`* @param string $accessToken`
Improve OAuth2 Error Handling Update the OAuth2 class to throw an exception if an API call to the OAuth2 provider fails and update the endpoint to redirect to the failure url with the information from the OAuth2 provider. 2023-07-15 00:28:45 +00:00			`*`
Fix typing issues in OAuth2 2023-07-14 23:22:30 +00:00			`* @return string`
			`*/`
			`abstract public function getUserID(string $accessToken): string;`

Added source code 2019-05-09 06:54:39 +00:00			`/**`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00			`* @param string $accessToken`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`*`
Added source code 2019-05-09 06:54:39 +00:00			`* @return string`
			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`abstract public function getUserEmail(string $accessToken): string;`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
feat: add method to check for email verification 2022-04-27 19:14:09 +00:00			`* Check if the OAuth email is verified`
format files in app, src, tests 2022-05-23 14:54:50 +00:00			`*`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00			`* @param string $accessToken`
format files in app, src, tests 2022-05-23 14:54:50 +00:00			`*`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`* @return bool`
Added source code 2019-05-09 06:54:39 +00:00			`*/`
feat: fixed typo 2022-04-27 20:27:21 +00:00			`abstract public function isEmailVerified(string $accessToken): bool;`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00			`* @param string $accessToken`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`*`
Added source code 2019-05-09 06:54:39 +00:00			`* @return string`
			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`abstract public function getUserName(string $accessToken): string;`
Added source code 2019-05-09 06:54:39 +00:00
feat: added methods for adding and getting scopes 2020-01-11 19:29:22 +00:00			`/**`
			`* @param $scope`
Updated coding standards 2020-06-24 21:05:16 +00:00			`*`
chore: corrected function doc 2020-01-13 14:13:08 +00:00			`* @return $this`
feat: added methods for adding and getting scopes 2020-01-11 19:29:22 +00:00			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`protected function addScope(string $scope): OAuth2`
Fixed psr standard 2020-01-18 21:08:28 +00:00			`{`
Updated coding standards 2020-06-24 21:05:16 +00:00			`// Add a scope to the scopes array if it isn't already present`
Fixed coding standards 2020-06-24 21:02:27 +00:00			`if (!\in_array($scope, $this->scopes)) {`
			`$this->scopes[] = $scope;`
feat: added methods for adding and getting scopes 2020-01-11 19:29:22 +00:00			`}`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00
chore: support for chaining in addScope 2020-01-13 14:12:09 +00:00			`return $this;`
feat: added methods for adding and getting scopes 2020-01-11 19:29:22 +00:00			`}`

Fixed coding standards 2020-06-24 21:02:27 +00:00			`/**`
			`* @return array`
			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`protected function getScopes(): array`
Fixed psr standard 2020-01-18 21:08:28 +00:00			`{`
chore: added duplicate scope check in constructor 2020-01-13 06:31:36 +00:00			`return $this->scopes;`
feat: added methods for adding and getting scopes 2020-01-11 19:29:22 +00:00			`}`
chore: disabled twitter 2019-10-07 19:39:01 +00:00
Refactored all providers, added expiry 2022-02-01 10:42:11 +00:00			`/**`
			`* @param string $code`
			`*`
			`* @return string`
			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`public function getAccessToken(string $code): string`
Refactored all providers, added expiry 2022-02-01 10:42:11 +00:00			`{`
			`$tokens = $this->getTokens($code);`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00
Code review changes 2022-02-03 11:57:04 +00:00			`return $tokens['access_token'] ?? '';`
Refactored all providers, added expiry 2022-02-01 10:42:11 +00:00			`}`

			`/**`
			`* @param string $code`
			`*`
			`* @return string`
			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`public function getRefreshToken(string $code): string`
Refactored all providers, added expiry 2022-02-01 10:42:11 +00:00			`{`
			`$tokens = $this->getTokens($code);`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00
Code review changes 2022-02-03 11:57:04 +00:00			`return $tokens['refresh_token'] ?? '';`
Refactored all providers, added expiry 2022-02-01 10:42:11 +00:00			`}`

			`/**`
			`* @param string $code`
			`*`
			`* @return string`
			`*/`
Fix typing issues in OAuth2 2023-07-14 23:22:30 +00:00			`public function getAccessTokenExpiry(string $code): int`
Refactored all providers, added expiry 2022-02-01 10:42:11 +00:00			`{`
			`$tokens = $this->getTokens($code);`
fix: improve typing and nullish values 2022-05-12 15:56:20 +00:00
Fix typing issues in OAuth2 2023-07-14 23:22:30 +00:00			`return $tokens['expires_in'] ?? 0;`
Refactored all providers, added expiry 2022-02-01 10:42:11 +00:00			`}`
feat: applied methods to adapters 2020-01-12 11:51:30 +00:00
Updated naming from OAuth to OAuth2 2020-02-16 11:41:03 +00:00			`// The parseState function was designed specifically for Amazon OAuth2 Adapter to override.`
chore: lint fix 2019-10-06 12:58:01 +00:00			`// The response from Amazon is html encoded and hence it needs to be html_decoded before`
feat: implemented abstract method parseState 2019-10-06 12:56:44 +00:00			`// json_decoding`
			`/**`
			`* @param $state`
			`*`
Feat psalm analysis (#699) * Added static code analysis * Updated code to solve psalm issue 2020-10-27 00:08:29 +00:00			`* @return array`
feat: implemented abstract method parseState 2019-10-06 12:56:44 +00:00			`*/`
fix: return type of parseState removed 2019-10-13 18:25:39 +00:00			`public function parseState(string $state)`
chore: lint fix 2019-10-06 12:58:01 +00:00			`{`
Improve PHP exeution time by using fully-qualified function calls 2020-06-20 11:05:43 +00:00			`return \json_decode($state, true);`
feat: implemented abstract method parseState 2019-10-06 12:56:44 +00:00			`}`

Added source code 2019-05-09 06:54:39 +00:00			`/**`
			`* @param string $method`
			`* @param string $url`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`* @param array $headers`
Added source code 2019-05-09 06:54:39 +00:00			`* @param string $payload`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`*`
Added source code 2019-05-09 06:54:39 +00:00			`* @return string`
			`*/`
feat: add method to check for email verification 2022-04-27 19:08:32 +00:00			`protected function request(string $method, string $url = '', array $headers = [], string $payload = ''): string`
Added source code 2019-05-09 06:54:39 +00:00			`{`
Improve PHP exeution time by using fully-qualified function calls 2020-06-20 11:05:43 +00:00			`$ch = \curl_init($url);`
Added source code 2019-05-09 06:54:39 +00:00
Improve PHP exeution time by using fully-qualified function calls 2020-06-20 11:05:43 +00:00			`\curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);`
			`\curl_setopt($ch, CURLOPT_HEADER, 0);`
			`\curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);`
Unable to use GitHub OAuth provider Fixes #456 2020-06-27 22:30:03 +00:00			`\curl_setopt($ch, CURLOPT_USERAGENT, 'Appwrite OAuth2');`
Added source code 2019-05-09 06:54:39 +00:00
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`if (!empty($payload)) {`
Improve PHP exeution time by using fully-qualified function calls 2020-06-20 11:05:43 +00:00			`\curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);`
Added source code 2019-05-09 06:54:39 +00:00			`}`

format files in app, src, tests 2022-05-23 14:54:50 +00:00			`$headers[] = 'Content-length: ' . \strlen($payload);`
Improve PHP exeution time by using fully-qualified function calls 2020-06-20 11:05:43 +00:00			`\curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);`
feat: added Google OAuth Support 2019-09-29 22:03:22 +00:00
			`// Send the request & save response to $response`
Improve PHP exeution time by using fully-qualified function calls 2020-06-20 11:05:43 +00:00			`$response = \curl_exec($ch);`
Added source code 2019-05-09 06:54:39 +00:00
Improve OAuth2 Error Handling Update the OAuth2 class to throw an exception if an API call to the OAuth2 provider fails and update the endpoint to redirect to the failure url with the information from the OAuth2 provider. 2023-07-15 00:28:45 +00:00			`$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);`

Improve PHP exeution time by using fully-qualified function calls 2020-06-20 11:05:43 +00:00			`\curl_close($ch);`
Added source code 2019-05-09 06:54:39 +00:00
Fix deployment issues from QA server 2023-08-10 00:31:49 +00:00			`if ($code >= 400) {`
Improve OAuth2 Error Handling Update the OAuth2 class to throw an exception if an API call to the OAuth2 provider fails and update the endpoint to redirect to the failure url with the information from the OAuth2 provider. 2023-07-15 00:28:45 +00:00			`throw new Exception($response, $code);`
			`}`

Feat psalm analysis (#699) * Added static code analysis * Updated code to solve psalm issue 2020-10-27 00:08:29 +00:00			`return (string)$response;`
Added source code 2019-05-09 06:54:39 +00:00			`}`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`}`