Skip to content

WiderFunnel/OAuth2-Optimizely

BranchesTags

Repository files navigation

Optimizely Provider for OAuth 2.0 Client

Packagist Travis

This package provides Optimizely OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

Installation

To install, use composer:

composer require widerfunnel/oauth2-optimizely

Usage

Usage is the same as The League's OAuth client, using \WiderFunnel\OAuth2\Client\Provider\Optimizely as the provider.

Authorization Code Flow

Note: Optimizely does not allow access to the resource owner profile via their API currently. This will be updated accordingly, should the Optimizely API be updated.

$provider = new WiderFunnel\OAuth2\Client\Provider\Optimizely([
    'clientId'          => '{optimizely-client-id}',
    'clientSecret'      => '{optimizely-client-secret}',
    'redirectUri'       => 'https://example.com/callback-url',
]);

if (!isset($_GET['code'])) {

    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: '.$authUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    unset($_SESSION['oauth2state']);
    exit('Invalid state');

} else {

    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]);

    // Optional: Now you have a token you can look up a users profile data
    try {

        // We got an access token, let's now get the projects details
        $project = $provider->getResourceOwner($token);        

    } catch (Exception $e) {

        // Failed to get user details
        exit('Oh dear...');
    }

    // Use this to interact with an API on the users behalf
    echo $token->getToken();
}

Refresh token

$provider = new WiderFunnel\OAuth2\Client\Provider\Optimizely([
    'clientId'          => '{optimizely-client-id}',
    'clientSecret'      => '{optimizely-client-secret}',
    'redirectUri'       => 'https://example.com/callback-url',
]);

$existingAccessToken = getAccessTokenFromYourDataStore();

if ($existingAccessToken->hasExpired()) {
    $newAccessToken = $provider->getAccessToken('refresh_token', [
        'refresh_token' => $existingAccessToken->getRefreshToken()
    ]);

    // Purge old access token and store new access token to your data store.
}

Testing

$ ./vendor/bin/phpunit

Contributing

Please see CONTRIBUTING for details.

Credits

License

The MIT License (MIT). Please see License File for more information.

About

Optimizely Provider for the OAuth 2.0 Client

Topics

oauth2 sdk oauth2-provider sdk-php optimizely

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

1 star

Watchers

12 watching

Forks

1 fork
Report repository

Releases

8 tags

Packages

No packages published

Languages