From 3bd8405deba92ca781ec42b211e97bc2e837dd6b Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Tue, 8 Apr 2025 07:56:35 +0000 Subject: [PATCH 1/2] feat: add figma oauth provider --- app/config/oAuthProviders.php | 10 + app/config/specs/open-api3-latest-client.json | 8 +- .../specs/open-api3-latest-console.json | 12 +- app/config/specs/open-api3-latest-server.json | 5 +- app/config/specs/swagger2-latest-client.json | 8 +- app/config/specs/swagger2-latest-console.json | 12 +- app/config/specs/swagger2-latest-server.json | 5 +- src/Appwrite/Auth/OAuth2/Figma.php | 176 ++++++++++++++++++ 8 files changed, 216 insertions(+), 20 deletions(-) create mode 100644 src/Appwrite/Auth/OAuth2/Figma.php diff --git a/app/config/oAuthProviders.php b/app/config/oAuthProviders.php index 9d7efc2f1e..261df5c07e 100644 --- a/app/config/oAuthProviders.php +++ b/app/config/oAuthProviders.php @@ -142,6 +142,16 @@ return [ 'beta' => false, 'mock' => false, ], + 'figma' => [ + 'name' => 'Figma', + 'developers' => 'https://www.figma.com/developers/api#oauth2', + 'icon' => 'icon-figma', + 'enabled' => true, + 'sandbox' => false, + 'form' => false, + 'beta' => false, + 'mock' => false, + ], 'github' => [ 'name' => 'GitHub', 'developers' => 'https://developer.github.com/', diff --git a/app/config/specs/open-api3-latest-client.json b/app/config/specs/open-api3-latest-client.json index 316fe13116..082d342c49 100644 --- a/app/config/specs/open-api3-latest-client.json +++ b/app/config/specs/open-api3-latest-client.json @@ -1,7 +1,7 @@ { "openapi": "3.0.0", "info": { - "version": "1.6.1", + "version": "1.6.2", "title": "Appwrite", "description": "Appwrite backend as a service cuts up to 70% of the time and costs required for building a modern application. We abstract and simplify common development tasks behind a REST APIs, to help you develop your app in a fast and secure way. For full API documentation and tutorials go to [https:\/\/appwrite.io\/docs](https:\/\/appwrite.io\/docs)", "termsOfService": "https:\/\/appwrite.io\/policy\/terms", @@ -1902,7 +1902,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "schema": { "type": "string", @@ -1922,6 +1922,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", @@ -2778,7 +2779,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "schema": { "type": "string", @@ -2798,6 +2799,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", diff --git a/app/config/specs/open-api3-latest-console.json b/app/config/specs/open-api3-latest-console.json index 54161c4262..9d488351bc 100644 --- a/app/config/specs/open-api3-latest-console.json +++ b/app/config/specs/open-api3-latest-console.json @@ -1,7 +1,7 @@ { "openapi": "3.0.0", "info": { - "version": "1.6.1", + "version": "1.6.2", "title": "Appwrite", "description": "Appwrite backend as a service cuts up to 70% of the time and costs required for building a modern application. We abstract and simplify common development tasks behind a REST APIs, to help you develop your app in a fast and secure way. For full API documentation and tutorials go to [https:\/\/appwrite.io\/docs](https:\/\/appwrite.io\/docs)", "termsOfService": "https:\/\/appwrite.io\/policy\/terms", @@ -1917,7 +1917,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "schema": { "type": "string", @@ -1937,6 +1937,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", @@ -2786,7 +2787,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "schema": { "type": "string", @@ -2806,6 +2807,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", @@ -19056,8 +19058,7 @@ "description": "Project Region.", "x-example": "default", "enum": [ - "default", - "fra" + "default" ], "x-enum-name": null, "x-enum-keys": [] @@ -20880,6 +20881,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", diff --git a/app/config/specs/open-api3-latest-server.json b/app/config/specs/open-api3-latest-server.json index 3d32d3e978..991a380c92 100644 --- a/app/config/specs/open-api3-latest-server.json +++ b/app/config/specs/open-api3-latest-server.json @@ -1,7 +1,7 @@ { "openapi": "3.0.0", "info": { - "version": "1.6.1", + "version": "1.6.2", "title": "Appwrite", "description": "Appwrite backend as a service cuts up to 70% of the time and costs required for building a modern application. We abstract and simplify common development tasks behind a REST APIs, to help you develop your app in a fast and secure way. For full API documentation and tutorials go to [https:\/\/appwrite.io\/docs](https:\/\/appwrite.io\/docs)", "termsOfService": "https:\/\/appwrite.io\/policy\/terms", @@ -2464,7 +2464,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "schema": { "type": "string", @@ -2484,6 +2484,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", diff --git a/app/config/specs/swagger2-latest-client.json b/app/config/specs/swagger2-latest-client.json index 8960bfaa5c..d0f23092bb 100644 --- a/app/config/specs/swagger2-latest-client.json +++ b/app/config/specs/swagger2-latest-client.json @@ -1,7 +1,7 @@ { "swagger": "2.0", "info": { - "version": "1.6.1", + "version": "1.6.2", "title": "Appwrite", "description": "Appwrite backend as a service cuts up to 70% of the time and costs required for building a modern application. We abstract and simplify common development tasks behind a REST APIs, to help you develop your app in a fast and secure way. For full API documentation and tutorials go to [https:\/\/appwrite.io\/docs](https:\/\/appwrite.io\/docs)", "termsOfService": "https:\/\/appwrite.io\/policy\/terms", @@ -2028,7 +2028,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "type": "string", "x-example": "amazon", @@ -2047,6 +2047,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", @@ -2932,7 +2933,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "type": "string", "x-example": "amazon", @@ -2951,6 +2952,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", diff --git a/app/config/specs/swagger2-latest-console.json b/app/config/specs/swagger2-latest-console.json index 8fc7e7daf3..634eeb344e 100644 --- a/app/config/specs/swagger2-latest-console.json +++ b/app/config/specs/swagger2-latest-console.json @@ -1,7 +1,7 @@ { "swagger": "2.0", "info": { - "version": "1.6.1", + "version": "1.6.2", "title": "Appwrite", "description": "Appwrite backend as a service cuts up to 70% of the time and costs required for building a modern application. We abstract and simplify common development tasks behind a REST APIs, to help you develop your app in a fast and secure way. For full API documentation and tutorials go to [https:\/\/appwrite.io\/docs](https:\/\/appwrite.io\/docs)", "termsOfService": "https:\/\/appwrite.io\/policy\/terms", @@ -2059,7 +2059,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "type": "string", "x-example": "amazon", @@ -2078,6 +2078,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", @@ -2956,7 +2957,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "type": "string", "x-example": "amazon", @@ -2975,6 +2976,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", @@ -19522,8 +19524,7 @@ "default": "default", "x-example": "default", "enum": [ - "default", - "fra" + "default" ], "x-enum-name": null, "x-enum-keys": [] @@ -21351,6 +21352,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", diff --git a/app/config/specs/swagger2-latest-server.json b/app/config/specs/swagger2-latest-server.json index 83757c94f4..0c6e48523a 100644 --- a/app/config/specs/swagger2-latest-server.json +++ b/app/config/specs/swagger2-latest-server.json @@ -1,7 +1,7 @@ { "swagger": "2.0", "info": { - "version": "1.6.1", + "version": "1.6.2", "title": "Appwrite", "description": "Appwrite backend as a service cuts up to 70% of the time and costs required for building a modern application. We abstract and simplify common development tasks behind a REST APIs, to help you develop your app in a fast and secure way. For full API documentation and tutorials go to [https:\/\/appwrite.io\/docs](https:\/\/appwrite.io\/docs)", "termsOfService": "https:\/\/appwrite.io\/policy\/terms", @@ -2628,7 +2628,7 @@ "parameters": [ { "name": "provider", - "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", + "description": "OAuth2 Provider. Currently, supported providers are: amazon, apple, auth0, authentik, autodesk, bitbucket, bitly, box, dailymotion, discord, disqus, dropbox, etsy, facebook, figma, github, gitlab, google, linkedin, microsoft, notion, oidc, okta, paypal, paypalSandbox, podio, salesforce, slack, spotify, stripe, tradeshift, tradeshiftBox, twitch, wordpress, yahoo, yammer, yandex, zoho, zoom.", "required": true, "type": "string", "x-example": "amazon", @@ -2647,6 +2647,7 @@ "dropbox", "etsy", "facebook", + "figma", "github", "gitlab", "google", diff --git a/src/Appwrite/Auth/OAuth2/Figma.php b/src/Appwrite/Auth/OAuth2/Figma.php new file mode 100644 index 0000000000..d6294afd33 --- /dev/null +++ b/src/Appwrite/Auth/OAuth2/Figma.php @@ -0,0 +1,176 @@ + 'code', + 'client_id' => $this->appID, + 'redirect_uri' => $this->callback, + 'scope' => \implode(',', $this->getScopes()), + 'state' => \json_encode($this->state) + ]); + } + + /** + * @param string $code + * + * @return array + */ + protected function getTokens(string $code): array + { + if (empty($this->tokens)) { + $headers = ['Content-Type: application/x-www-form-urlencoded']; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://www.figma.com/api/oauth/token', + $headers, + \http_build_query([ + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'redirect_uri' => $this->callback, + 'code' => $code, + 'grant_type' => 'authorization_code' + ]) + ), true); + } + + return $this->tokens; + } + + /** + * @param string $refreshToken + * + * @return array + */ + public function refreshTokens(string $refreshToken): array + { + $headers = ['Content-Type: application/x-www-form-urlencoded']; + $this->tokens = \json_decode($this->request( + 'POST', + 'https://www.figma.com/api/oauth/refresh', + $headers, + \http_build_query([ + 'client_id' => $this->appID, + 'client_secret' => $this->appSecret, + 'refresh_token' => $refreshToken + ]) + ), true); + + if (empty($this->tokens['refresh_token'])) { + $this->tokens['refresh_token'] = $refreshToken; + } + + return $this->tokens; + } + + /** + * @param string $accessToken + * + * @return string + */ + public function getUserID(string $accessToken): string + { + $user = $this->getUser($accessToken); + + return $user['id'] ?? ''; + } + + /** + * @param string $accessToken + * + * @return string + */ + public function getUserEmail(string $accessToken): string + { + $user = $this->getUser($accessToken); + + return $user['email'] ?? ''; + } + + /** + * Check if the OAuth email is verified + * + * Figma requires email verification during signup, + * so if we have an email, it's verified + * + * @param string $accessToken + * + * @return bool + */ + public function isEmailVerified(string $accessToken): bool + { + $email = $this->getUserEmail($accessToken); + + return !empty($email); + } + + /** + * @param string $accessToken + * + * @return string + */ + public function getUserName(string $accessToken): string + { + $user = $this->getUser($accessToken); + + return $user['handle'] ?? ''; + } + + /** + * @param string $accessToken + * + * @return array + */ + protected function getUser(string $accessToken): array + { + if (empty($this->user)) { + $headers = ['Authorization: Bearer ' . \urlencode($accessToken)]; + $user = $this->request( + 'GET', + 'https://api.figma.com/v1/me', + $headers + ); + $this->user = \json_decode($user, true); + } + + return $this->user; + } +} From 2c453d5fd9156bb3d655de3eca9d1c00a19aed08 Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Tue, 8 Apr 2025 08:51:04 +0000 Subject: [PATCH 2/2] fix: request issues and permissions --- src/Appwrite/Auth/OAuth2.php | 2 +- src/Appwrite/Auth/OAuth2/Figma.php | 24 +++++++++++++----------- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/src/Appwrite/Auth/OAuth2.php b/src/Appwrite/Auth/OAuth2.php index f7dc1d50a1..9358c89547 100644 --- a/src/Appwrite/Auth/OAuth2.php +++ b/src/Appwrite/Auth/OAuth2.php @@ -196,9 +196,9 @@ abstract class OAuth2 if (!empty($payload)) { \curl_setopt($ch, CURLOPT_POSTFIELDS, $payload); + $headers[] = 'Content-length: ' . \strlen($payload); } - $headers[] = 'Content-length: ' . \strlen($payload); \curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); // Send the request & save response to $response diff --git a/src/Appwrite/Auth/OAuth2/Figma.php b/src/Appwrite/Auth/OAuth2/Figma.php index d6294afd33..b5e53cbed4 100644 --- a/src/Appwrite/Auth/OAuth2/Figma.php +++ b/src/Appwrite/Auth/OAuth2/Figma.php @@ -24,7 +24,7 @@ class Figma extends OAuth2 * @var array */ protected array $scopes = [ - 'file_read' + 'current_user:read' ]; /** @@ -44,7 +44,7 @@ class Figma extends OAuth2 'response_type' => 'code', 'client_id' => $this->appID, 'redirect_uri' => $this->callback, - 'scope' => \implode(',', $this->getScopes()), + 'scope' => \implode(' ', $this->getScopes()), 'state' => \json_encode($this->state) ]); } @@ -57,14 +57,15 @@ class Figma extends OAuth2 protected function getTokens(string $code): array { if (empty($this->tokens)) { - $headers = ['Content-Type: application/x-www-form-urlencoded']; + $headers = [ + 'Content-Type: application/x-www-form-urlencoded', + 'Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret) + ]; $this->tokens = \json_decode($this->request( 'POST', - 'https://www.figma.com/api/oauth/token', + 'https://api.figma.com/v1/oauth/token', $headers, \http_build_query([ - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, 'redirect_uri' => $this->callback, 'code' => $code, 'grant_type' => 'authorization_code' @@ -82,14 +83,15 @@ class Figma extends OAuth2 */ public function refreshTokens(string $refreshToken): array { - $headers = ['Content-Type: application/x-www-form-urlencoded']; + $headers = [ + 'Content-Type: application/x-www-form-urlencoded', + 'Authorization: Basic ' . \base64_encode($this->appID . ':' . $this->appSecret) + ]; $this->tokens = \json_decode($this->request( 'POST', - 'https://www.figma.com/api/oauth/refresh', + 'https://api.figma.com/v1/oauth/refresh', $headers, \http_build_query([ - 'client_id' => $this->appID, - 'client_secret' => $this->appSecret, 'refresh_token' => $refreshToken ]) ), true); @@ -162,7 +164,7 @@ class Figma extends OAuth2 protected function getUser(string $accessToken): array { if (empty($this->user)) { - $headers = ['Authorization: Bearer ' . \urlencode($accessToken)]; + $headers = ['Authorization: Bearer ' . $accessToken]; $user = $this->request( 'GET', 'https://api.figma.com/v1/me',