diff --git a/OAuth2Client.php b/OAuth2Client.php index 83f65cc..d69414d 100644 --- a/OAuth2Client.php +++ b/OAuth2Client.php @@ -17,31 +17,22 @@ class OAuth2 { private $grant_type; private $response_type; - public function __construct( - $client_id, - $client_secret, - $redirect_uri, - $auth, - $token, - $user, - $authorization_type = 'Bearer', - $session = false, - $verify = false, - $grant_type = 'authorization_code', - $response_type = 'code'){ + public function __construct($params){ - $this->client_id = $client_id; - $this->client_secret = $client_secret; - $this->redirect_uri = $redirect_uri; - $this->URL_AUTH = $auth . "?"; - $this->URL_TOKEN = $token . "?"; - $this->URL_USER = $user . "?"; - $this->auth_type = $authorization_type; - $this->session = $session; - $this->verify_ssl_peer = $verify ? 1 : 0; - $this->verify_ssl_host = $verify ? 2 : 0; - $this->grant_type = $grant_type; - $this->response_type = $response_type; + /* REQUIRED */ + $this->client_id = $params["client_id"]; + $this->client_secret = $params["client_secret"]; + $this->redirect_uri = $params["redirect_uri"]; + $this->URL_AUTH = $params["auth"] . "?"; + $this->URL_TOKEN = $params["token"] . "?"; + + /* OPTIONAL */ + $this->auth_type = isset($params["authorization_type"]) ? $params["authorization_type"] : "Bearer"; + $this->session = isset($params["session"]) ? $params["session"] : false; + $this->verify_ssl_peer = isset($params["verify"]) ? ($params["verify"] ? 1 : 0) : 1; + $this->verify_ssl_host = $this->verify_ssl_peer === 1 ? 2 : 0; + $this->grant_type = isset($params["grant_type"]) ? $params["grant_type"] : "authorization_code"; + $this->response_type = isset($params["response_type"]) ? $params["response_type"] : "code"; } public function get_access_token($state = false) { @@ -77,12 +68,12 @@ class OAuth2 { return $access_token; } - public function get_identity($access_token) { + public function get_identity($access_token, $identity_url) { $params = array( 'access_token' => $access_token, ); $url_params = http_build_query($params); - $url = $this->URL_USER . $url_params; + $url = $identity_url . "?" . $url_params; $result = curl_exec($this->create_curl($url, array('Authorization: ' . $this->auth_type . ' ' . $access_token), false)); $result_obj = json_decode($result, true); diff --git a/README.md b/README.md index c61d9ee..2d64254 100644 --- a/README.md +++ b/README.md @@ -2,24 +2,34 @@ To use this general OAuth2 client-class, include it with ``` require_once('OAuth2Client.php'); - $oauth2 = new OAuth2( $client_id, $client_secret, $redirect_uri, $auth, $token, $user, $authorization_type, $session, $verify, $grant_type, $response_type); + $oauth2 = new OAuth2([ + "client_id" => $client_id, + "client_secret" => $client_secret, + "redirect_uri" => $redirect_uri, + "auth" => $auth, + "token" => $token, + "authorization_type" => $authorization_type, + "session" => $session, + "verify" => $verify, + "grant_type" => $grant_type, + "response_type" => $response_type + ]); ``` -$client_id is client id of the OAuth2 application -$client_secret is client secret of the OAuth2 application -$redirect_uri is the specified redirect-uri for the OAuth2 application -$auth is the full url for authorization -$token is the full token url -$user is the full identity url (example: https://auth.dataporten.no/userinfo) +(string) $client_id is client id of the OAuth2 application +(string) $client_secret is client secret of the OAuth2 application +(string) $redirect_uri is the specified redirect-uri for the OAuth2 application +(string) $auth is the full url for authorization +(string) $token is the full token url Optional - -$authorization_type defaults to Bearer -$session specifies whether the state is to be saved in _SESSION storage, defaults to false -$verify is whether to verify SSL of host and peer, defaults to false -$grant_type defaults to 'authorization_code' -$response_type defaults to 'code' +(string) $authorization_type defaults to Bearer +(boolean) $session specifies whether the state is to be saved in _SESSION storage, defaults to false +(boolean) $verify is whether to verify SSL of host and peer, defaults to true +(string) $grant_type defaults to 'authorization_code' +(string) $response_type defaults to 'code' To start the redirect phase @@ -40,7 +50,9 @@ returns the access_token. To get identity -``` $oauth->get_identity($access_token); ``` +``` $oauth->get_identity($access_token, $user_url); ``` + +(string) $user_url is the endpoint for fetching info, example: https://auth.dataporten.no/userinfo returns the identity-object as returned from the OAuth2-provider.