oauth2-client/README.md

# OAuth 2.0 Client

[![Build Status](https://travis-ci.org/thephpleague/oauth2-client.png?branch=master)](https://travis-ci.org/thephpleague/oauth2-client)
[![Coverage Status](https://coveralls.io/repos/thephpleague/oauth2-client/badge.png)](https://coveralls.io/r/thephpleague/oauth2-client)
[![Total Downloads](https://poser.pugx.org/league/oauth2-client/downloads.png)](https://packagist.org/packages/league/oauth2-client)
[![Latest Stable Version](https://poser.pugx.org/league/oauth2-client/v/stable.png)](https://packagist.org/packages/league/oauth2-client)

This package makes it stupidly simple to integrate your application with OAuth 2.0 identity providers.

Everyone is used to seeing those "Connect with Facebook/Google/etc" buttons around the Internet and social network
integration is an important feature of most web-apps these days. Many of these sites use an Authentication and Authorization standard called OAuth 2.0.

It will work with any OAuth 2.0 provider (be it an OAuth 2.0 Server for your own API or Facebook) and provides support
for popular systems out of the box. This package abstracts out some of the subtle but important differences between various providers, handles access tokens and refresh tokens, and allows you easy access to profile information on these other sites.

This package is compliant with [PSR-1][], [PSR-2][] and [PSR-4][]. If you notice compliance oversights, please send
a patch via pull request.

[PSR-1]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-1-basic-coding-standard.md
[PSR-2]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md
[PSR-4]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-4-autoloader.md


## Requirements

The following versions of PHP are supported.

* PHP 5.4
* PHP 5.5
* PHP 5.6
* HHVM

## Usage

### Authorization Code Flow

```php
$provider = new League\OAuth2\Client\Provider\<ProviderName>(array(
    'clientId'  =>  'XXXXXXXX',
    'clientSecret'  =>  'XXXXXXXX',
    'redirectUri'   =>  'https://your-registered-redirect-uri/'
));

if ( ! isset($_GET['code'])) {

    // If we don't have an authorization code then get one
    header('Location: '.$provider->getAuthorizationUrl());
    exit;

} else {

	// Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
    	'code' => $_GET['code']
    ]);

    // If you are using Eventbrite you will need to add the grant_type parameter (see below)
    $token = $provider->getAccessToken('authorization_code', [
    	'code' => $_GET['code'],
    	'grant_type' => 'authorization_code'
    ]);

    // Optional: Now you have a token you can look up a users profile data
    try {

        // We got an access token, let's now get the user's details
        $userDetails = $provider->getUserDetails($token);

        // Use these details to create a new profile
	    printf('Hello %s!', $userDetails->firstName);

    } catch (Exception $e) {

        // Failed to get user details
        exit('Oh dear...');
    }

    // Use this to interact with an API on the users behalf
    echo $token->access_token;

    // Use this to get a new access token if the old one expires
    echo $token->refresh_token;

    // Number of seconds until the access token will expire, and need refreshing
    echo $token->expires_in;
}
```

### Refreshing a Token

```php
$provider = new League\OAuth2\Client\Provider\<ProviderName>(array(
    'clientId'  =>  'XXXXXXXX',
    'clientSecret'  =>  'XXXXXXXX',
    'redirectUri'   =>  'https://your-registered-redirect-uri/'
));

$grant = new \League\OAuth2\Client\Grant\RefreshToken();
$token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);
```


### Built-In Providers

This package currently has built-in support for:

- Eventbrite
- Facebook
- Github
- Google
- Instagram
- LinkedIn
- Microsoft

These are as many OAuth 2 services as we plan to support officially. Maintaining a wide selection of providers
damages our ability to make this package the best it can be, especially as we progress towards v1.0.

### Third-Party Providers

If you would like to support other providers, please make them available as a Composer package, then link to them
below.

These providers allow integration with other providers not supported by `oauth2-client`. They may require an older version
so please help them out with a pull request if you notice this.

- [QQ](https://github.com/tlikai/oauth2-client)
- [Weibo](https://github.com/tlikai/oauth2-client)

### Client Packages

Some developers use this library as a base for their own PHP API wrappers, and that seems like a really great idea. It might make it slightly tricky to integrate their provider with an existing generic "OAuth 2.0 All the Things" login system, but it does make working with them easier.

- [Sniply](https://github.com/younes0/sniply)

## Install

Via Composer

``` json
{
    "require": {
        "league/oauth2-client": "~0.3"
    }
}
```

## Testing

``` bash
$ phpunit
```

## License

The MIT License (MIT). Please see [License File](https://github.com/thephpleague/oauth2-client/blob/master/LICENSE) for more information.
Update README.md 2014-04-30 02:20:09 +04:00			`# OAuth 2.0 Client`
Started README 2013-03-15 15:26:41 +04:00
Update README.md 2014-01-23 07:39:53 +04:00			`[![Build Status](https://travis-ci.org/thephpleague/oauth2-client.png?branch=master)](https://travis-ci.org/thephpleague/oauth2-client)`
Added Coveralls badge. 2014-05-03 14:34:52 +04:00			`[![Coverage Status](https://coveralls.io/repos/thephpleague/oauth2-client/badge.png)](https://coveralls.io/r/thephpleague/oauth2-client)`
Added widgets 2013-11-18 06:18:23 +04:00			`[![Total Downloads](https://poser.pugx.org/league/oauth2-client/downloads.png)](https://packagist.org/packages/league/oauth2-client)`
			`[![Latest Stable Version](https://poser.pugx.org/league/oauth2-client/v/stable.png)](https://packagist.org/packages/league/oauth2-client)`

Add third-party providers links to README 2014-05-09 10:36:47 +04:00			`This package makes it stupidly simple to integrate your application with OAuth 2.0 identity providers.`
KISS 2014-04-30 06:03:22 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`Everyone is used to seeing those "Connect with Facebook/Google/etc" buttons around the Internet and social network`
			`integration is an important feature of most web-apps these days. Many of these sites use an Authentication and Authorization standard called OAuth 2.0.`
Started README 2013-03-15 15:26:41 +04:00
Update README.md 2014-04-30 02:21:30 +04:00			`It will work with any OAuth 2.0 provider (be it an OAuth 2.0 Server for your own API or Facebook) and provides support`
			`for popular systems out of the box. This package abstracts out some of the subtle but important differences between various providers, handles access tokens and refresh tokens, and allows you easy access to profile information on these other sites.`
Started README 2013-03-15 15:26:41 +04:00
Add third-party providers links to README 2014-05-09 10:36:47 +04:00			`This package is compliant with [PSR-1][], [PSR-2][] and [PSR-4][]. If you notice compliance oversights, please send`
Update README.md 2014-04-30 02:20:09 +04:00			`a patch via pull request.`
Updated README 2013-03-25 16:59:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`[PSR-1]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-1-basic-coding-standard.md`
			`[PSR-2]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md`
			`[PSR-4]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-4-autoloader.md`


			`## Requirements`

Add third-party providers links to README 2014-05-09 10:36:47 +04:00			`The following versions of PHP are supported.`
Update README.md 2014-04-30 02:20:09 +04:00
			`* PHP 5.4`
			`* PHP 5.5`
			`* PHP 5.6`
			`* HHVM`
Updated README 2013-03-25 16:59:42 +04:00
			`## Usage`

Update README.md 2014-04-30 02:20:09 +04:00			`### Authorization Code Flow`

Updated README 2013-03-25 16:59:42 +04:00			```php
Update README.md 2014-04-30 02:20:09 +04:00			`$provider = new League\OAuth2\Client\Provider\<ProviderName>(array(`
Updated README 2013-03-25 16:59:42 +04:00			`'clientId' => 'XXXXXXXX',`
			`'clientSecret' => 'XXXXXXXX',`
Update README.md 2014-04-30 02:20:09 +04:00			`'redirectUri' => 'https://your-registered-redirect-uri/'`
Updated README 2013-03-25 16:59:42 +04:00			`));`

			`if ( ! isset($_GET['code'])) {`

Update README.md 2014-04-30 02:20:09 +04:00			`// If we don't have an authorization code then get one`
			`header('Location: '.$provider->getAuthorizationUrl());`
			`exit;`
Updated README 2013-03-25 16:59:42 +04:00
			`} else {`

Update README.md 2014-04-30 02:20:09 +04:00			`// Try to get an access token (using the authorization code grant)`
			`$token = $provider->getAccessToken('authorization_code', [`
			`'code' => $_GET['code']`
			`]);`
Updated README 2013-03-25 16:59:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`// If you are using Eventbrite you will need to add the grant_type parameter (see below)`
			`$token = $provider->getAccessToken('authorization_code', [`
			`'code' => $_GET['code'],`
			`'grant_type' => 'authorization_code'`
			`]);`
Updated README 2013-03-25 16:59:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`// Optional: Now you have a token you can look up a users profile data`
			`try {`
Updated README 2013-03-25 16:59:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`// We got an access token, let's now get the user's details`
			`$userDetails = $provider->getUserDetails($token);`
Updated README 2013-03-25 16:59:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`// Use these details to create a new profile`
			`printf('Hello %s!', $userDetails->firstName);`
Updated README 2013-03-25 16:59:42 +04:00
			`} catch (Exception $e) {`

Update README.md 2014-04-30 02:20:09 +04:00			`// Failed to get user details`
			`exit('Oh dear...');`
Updated README 2013-03-25 16:59:42 +04:00			`}`

Update README.md 2014-04-30 02:20:09 +04:00			`// Use this to interact with an API on the users behalf`
			`echo $token->access_token;`
Add third-party providers links to README 2014-05-09 10:36:47 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`// Use this to get a new access token if the old one expires`
			`echo $token->refresh_token;`
Update README.md 2014-04-30 01:53:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`// Number of seconds until the access token will expire, and need refreshing`
			`echo $token->expires_in;`
			`}`
			```
Update README.md 2014-04-30 01:53:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`### Refreshing a Token`
Update README.md 2014-04-30 01:53:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			```php
			`$provider = new League\OAuth2\Client\Provider\<ProviderName>(array(`
			`'clientId' => 'XXXXXXXX',`
			`'clientSecret' => 'XXXXXXXX',`
			`'redirectUri' => 'https://your-registered-redirect-uri/'`
			`));`
Update README.md 2014-04-30 01:53:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			`$grant = new \League\OAuth2\Client\Grant\RefreshToken();`
			`$token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);`
			```
Update README.md 2014-04-30 01:53:42 +04:00
Added sniply 2014-05-12 18:01:32 +04:00
			`### Built-In Providers`

			`This package currently has built-in support for:`

			`- Eventbrite`
			`- Facebook`
			`- Github`
			`- Google`
			`- Instagram`
			`- LinkedIn`
			`- Microsoft`

			`These are as many OAuth 2 services as we plan to support officially. Maintaining a wide selection of providers`
			`damages our ability to make this package the best it can be, especially as we progress towards v1.0.`

			`### Third-Party Providers`

			`If you would like to support other providers, please make them available as a Composer package, then link to them`
			`below.`

			These providers allow integration with other providers not supported by `oauth2-client`. They may require an older version
			`so please help them out with a pull request if you notice this.`

			`- [QQ](https://github.com/tlikai/oauth2-client)`
			`- [Weibo](https://github.com/tlikai/oauth2-client)`

			`### Client Packages`

			`Some developers use this library as a base for their own PHP API wrappers, and that seems like a really great idea. It might make it slightly tricky to integrate their provider with an existing generic "OAuth 2.0 All the Things" login system, but it does make working with them easier.`

			`- [Sniply](https://github.com/younes0/sniply)`

			`## Install`

			`Via Composer`

			``` json
			`{`
			`"require": {`
			`"league/oauth2-client": "~0.3"`
			`}`
			`}`
			```

Update README.md 2014-04-30 02:20:09 +04:00			`## Testing`
Update README.md 2014-04-30 01:53:42 +04:00
Update README.md 2014-04-30 02:20:09 +04:00			``` bash
			`$ phpunit`
			```
Listed MIT in README 2013-11-18 06:18:44 +04:00
			`## License`

Update README.md 2014-01-23 07:39:53 +04:00			`The MIT License (MIT). Please see [License File](https://github.com/thephpleague/oauth2-client/blob/master/LICENSE) for more information.`