通过 
搜索
搜索prestashopcorp / oauth2-prestashop
PrestaShop 对 PHP League 的 OAuth 2.0 客户端的 OAuth 2.0 支持
v2.0.0
2024-05-22 12:33 UTC
Requires
- php: >=5.6
- league/oauth2-client: ^2.0
Requires (Dev)
- phpstan/phpstan: ^1.7
- phpunit/phpunit: ^8.0 || ^9.0
- prestashop/php-dev-tools: ^4.2
This package is auto-updated.
Last update: 2024-09-22 13:10:22 UTC
README
此包为 PrestaShop 提供了对 PHP League 的 OAuth 2.0 客户端 的 OAuth 2.0 支持。
安装
composer require prestashopcorp/oauth2-prestashop
使用
$prestaShopProvider = new \PrestaShop\OAuth2\Client\Provider\PrestaShop([ 'clientId' => 'yourClientId', // The client ID assigned to you by PrestaShop 'clientSecret' => 'yourClientSecret', // The client password assigned to you by PrestaShop 'redirectUri' => 'yourClientRedirectUri', // The URL responding to the code flow implemented here // Optional parameters 'uiLocales' => ['fr-FR', 'en'], 'acrValues' => ['prompt:create'], // In that specific case we change the default prompt to the "register" page ]); if (!empty($_GET['error'])) { // Got an error, probably user denied access exit($_GET['error']); // If we don't have an authorization code then get one } elseif (!isset($_GET['code'])) { $authorizationUrl = $prestaShopProvider->getAuthorizationUrl($options); // Get state and store it to the session $_SESSION['oauth2state'] = $prestaShopProvider->getState(); // Redirect user to authorization URL header('Location: ' . $authorizationUrl); exit; // Check given state against previously stored one to mitigate CSRF attack } elseif (empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])) { if (isset($_SESSION['oauth2state'])) { unset($_SESSION['oauth2state']); } exit('Invalid state'); } else { try { // Try to get an access token (using the authorization code grant) $accessToken = $prestaShopProvider->getAccessToken('authorization_code', [ 'code' => $_GET['code'] ]); // Use this to interact with an API on the users behalf $token = $accessToken->getToken(); // Get resource owner $prestaShopUser = $provider->getResourceOwner($accessToken); var_dump( $prestaShopUser->getId(), $prestaShopUser->getName(), $prestaShopUser->getEmail(), $prestaShopUser->getEmailVerified(), $prestaShopUser->getPicture(), $prestaShopUser->toArray() ); } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { exit($e->getMessage()); } }
有关更多信息,请参阅 PHP League 的一般使用示例。
注销流程
超出此库的范围,我们提供了一个辅助函数 getLogoutUrl,用于注销 OAuth 2.0 会话。
这里唯一必需的参数是 id_token_int,您可以可选地提供 post_logout_redirect_uri 以覆盖构造函数中的值。
另外,如果您计划使用它,请在构造时提供 postLogoutCallbackUri。
$prestaShopProvider = new \PrestaShop\OAuth2\Client\Provider\PrestaShop([ 'clientId' => 'yourClientId', // The client ID assigned to you by PrestaShop 'clientSecret' => 'yourClientSecret', // The client password assigned to you by PrestaShop 'redirectUri' => 'yourClientRedirectUri', // The URL responding to the code flow implemented here 'postLogoutCallbackUri' => 'yourLogoutCallbackUri', // Logout url whitelisted among the ones defined with your client // Optional parameters 'uiLocales' => ['fr-FR', 'en'], 'acrValues' => ['prompt:create'], // In that specific case we change the default prompt to the "register" page ]); if (isset($_GET['oauth2Callback')) { // your logout code session_destroy(); } else { /** @var \League\OAuth2\Client\Token\AccessToken $accessToken */ $accessToken = $_SESSION['accessToken']; // The only required parameter is "id_token_int" here, // you can optionally provide "post_logout_redirect_uri" to override the one from the constructor. $logoutUrl = $prestaShopProvider->getLogoutUrl([ 'id_token_hint' => $accessToken->getValues()['id_token'], // (Optionnal here) Logout url whitelisted among the ones defined with your client // 'post_logout_redirect_uri' => 'https://my-logout-url/?oauth2Callback', ]); header('Location: ' . $logoutUrl); exit; }
测试
$ ./vendor/bin/phpunit
许可协议
MIT 许可协议 (MIT)。有关更多信息,请参阅 许可文件。