noellabo/oauth2-mastodon

为PHP League OAuth2-Client提供的Mastodon OAuth 2.0客户端提供程序

维护者

详细信息

github.com/noellabo/oauth2-mastodon

源代码

问题

安装: 70

依赖: 0

建议者: 0

安全: 0

星标: 2

关注者: 1

分支: 0

开放问题: 0

v1.0.1 2018-06-17 06:41 UTC

Requires

Requires (Dev)

MIT 90222a8b67d6c7b2455829bc669ed5cb140fa18e

authorizationclientoauthoauth2authorisationmastodon

This package is not auto-updated.

Last update: 2024-09-29 05:21:12 UTC

README

此包为PHP League的OAuth 2.0客户端提供Mastodon OAuth 2.0支持。

安装

要安装,请使用composer

composer require noellabo/oauth2-mastodon

用法

用法与The League的OAuth客户端相同,使用\Noellabo\OAuth2\Client\Provider\Mastodon作为提供者。

对于Mastodon,分布式实例有自己的OAuth服务器,因此您需要通过指定域名进行认证。

oauth2-mastodon可以通过指定域名自动注册应用程序。一旦您注册了信息,请将其缓存并重用。

授权码流

<?php

require_once './vendor/autoload.php';
use Noellabo\OAuth2\Client\Provider\Mastodon;

session_start();

// Mastodon instance url
$domain = 'https://example.com';

// Save the provider information for each instance and restore it
$instances_filename = 'instances.json';
$instances = json_decode(file_get_contents($instances_filename), true);
if (is_array($instances) && is_array($instances[ $domain ])) {
    $options = $instances[ $domain ];
}

// Set required parameters.
$options['domain']      = $domain;
$options['appName']     = 'OAuth2-Mastodon test app';
$options['redirectUri'] = 'https://:3000/';

// Application registration is done through the API, so various exceptions are thrown. Properly deal with it.
$provider = new Mastodon($options);

// Acquire and save parameters for regenerating the provider. Save only the credential at a minimum.
$params = $provider->getRegenerateParams();
if (! empty($params['clientId'])) {
    $instances[ $domain ] = [
        'clientId'     => $params['clientId'],
        'clientSecret' => $params['clientSecret'],
    ];
}
file_put_contents($instances_filename, json_encode($instances, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));

if (!isset($_GET['code'])) {
    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: '.$authUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
    unset($_SESSION['oauth2state']);
    exit('Invalid state');
} else {
    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]);

    // Optional: Now you have a token you can look up a users profile data
    try {
        // We got an access token, let's now get the user's details
        $user = $provider->getResourceOwner($token);

        // Use this to interact with an API on the users behalf
        printf("Authorization: Bearer %s\n", $token->getToken());

        // Use these details to create a new profile
        printf('<pre>');
        print_r($user->toArray());
        printf('</pre>');

        // Get '@username@domain' format
        printf('accr: %s', $user->getAcct());
    } catch (Exception $e) {
        // Failed to get user details
        exit('Oh dear...');
    }
}

测试

$ ./vendor/bin/phpunit

鸣谢

许可证

MIT许可证(MIT)。有关更多信息,请参阅许可证文件