@@ -130,9 +130,157 @@ After successfully receiving the Token, we're ready to make API requests:
130130$storage->storeAccessToken($provider->serviceName, new AccessToken->__fromJSON($token_json));
131131
132132// make a request
133- $response = $provider->request('/some/endpoint', ['q' => 'param'], 'POST', ['data' => 'content'], ['content-type' => 'whatever']);
133+ $response = $provider->request(
134+ '/some/endpoint',
135+ ['q' => 'param'],
136+ 'POST',
137+ ['data' => 'content'],
138+ ['content-type' => 'whatever']
139+ );
134140
135141// use the data
136142$headers = $response->headers;
137143$data = $response->json;
138144```
145+
146+ ## Extensions
147+ In order to use a provider or storage, that is not yet supported, you'll need to implement the respective interfaces:
148+
149+ ### [ ` OAuth1Interface ` ] ( https://github.com/chillerlan/php-oauth-core/tree/master/src/Core/OAuth1Provider.php )
150+ The OAuth1 implementation is close to Twitter's specs and * should* work for most other OAuth1 services.
151+
152+ ``` php
153+ use chillerlan\OAuth\Providers\OAuth1Provider;
154+
155+ class MyOauth1Provider extends Oauth1Provider{
156+
157+ protected $apiURL = 'https://api.example.com';
158+ protected $requestTokenURL = 'https://example.com/oauth/request_token';
159+ protected $authURL = 'https://example.com/oauth/authorize';
160+ protected $accessTokenURL = 'https://example.com/oauth/access_token';
161+
162+ }
163+ ```
164+
165+ ### [ ` OAuth2Interface ` ] ( https://github.com/chillerlan/php-oauth/tree/master/src/Providers/OAuth2Provider.php )
166+ [ OAuth2 is a very straightforward... mess] ( https://hueniverse.com/oauth-2-0-and-the-road-to-hell-8eec45921529 ) . Please refer to your provider's docs for implementation details.
167+ ``` php
168+ use chillerlan\OAuth\Providers\OAuth2Provider;
169+
170+ class MyOauth2Provider extends Oauth2Provider implements ClientCredentials, CSRFToken, TokenExpires, TokenRefresh{
171+ use OAuth2ClientCredentialsTrait, CSRFTokenTrait, OAuth2TokenRefreshTrait;
172+
173+ public const SCOPE_WHATEVER = 'whatever';
174+
175+ protected $apiURL = 'https://api.example.com';
176+ protected $authURL = 'https://example.com/oauth2/authorize';
177+ protected $accessTokenURL = 'https://example.com/oauth2/token';
178+ protected $clientCredentialsTokenURL = 'https://example.com/oauth2/client_credentials';
179+ protected $authMethod = self::HEADER_BEARER;
180+ protected $authHeaders = ['Accept' => 'application/json'];
181+ protected $apiHeaders = ['Accept' => 'application/json'];
182+ protected $scopesDelimiter = ',';
183+
184+ }
185+ ```
186+
187+ ### [ ` OAuthStorageInterface ` ] ( https://github.com/chillerlan/php-oauth-core/tree/master/src/Storage/OAuthStorageInterface.php )
188+ There are currently 3 different ` OAuthStorageInterface ` , refer to these for implementation details (extend ` OAuthStorageAbstract ` ):
189+ - [ ` MemoryStorage ` ] ( https://github.com/chillerlan/php-oauth-core/tree/master/src/Storage/MemoryStorage.php ) : non-persistent, to store a token during script runtime and then discard it.
190+ - [ ` SessionStorage ` ] ( https://github.com/chillerlan/php-oauth-core/tree/master/src/Storage/SessionStorage.php ) : half-persistent, stores a token for as long a user's session is alive.
191+ - [ ` DBStorage ` ] ( https://github.com/chillerlan/php-oauth-core/tree/master/src/Storage/DBStorage.php ) : persistent, multi purpose database driven storage with encryption support
192+
193+ ## API
194+ ### [ ` OAuthInterface ` ] ( https://github.com/chillerlan/php-oauth-core/blob/master/src/Core/OAuthProvider.php )
195+ method | return
196+ ------ | ------
197+ ` __construct(HTTPClientInterface $http, OAuthStorageInterface $storage, ContainerInterface $options, LoggerInterface $logger = null) ` | -
198+ ` getAuthURL(array $params = null) ` | string
199+ ` getStorageInterface() ` | ` OAuthStorageInterface `
200+ ` request(string $path, array $params = null, string $method = null, $body = null, array $headers = null) ` | ` HTTPResponseInterface `
201+
202+ property | description
203+ -------- | -----------
204+ ` $serviceName ` | the classname for the current provider
205+ ` $userRevokeURL ` | an optional link to the provider's user control panel where they can revoke the current token
206+
207+ ### [ ` OAuth1Interface ` ] ( https://github.com/chillerlan/php-oauth-core/blob/master/src/Core/OAuth1Provider.php )
208+ method | return
209+ ------ | ------
210+ ` getAccessToken(string $token, string $verifier, string $tokenSecret = null) ` | ` AccessToken `
211+ ` getRequestToken() ` | ` AccessToken `
212+ ` getSignature(string $url, array $params, string $method = null) ` | string
213+
214+ ### [ ` OAuth2Interface ` ] ( https://github.com/chillerlan/php-oauth-core/blob/master/src/Core/OAuth2Provider.php )
215+ method | return
216+ ------ | ------
217+ ` __construct(HTTPClientInterface $http, OAuthStorageInterface $storage, ContainerInterface $options, LoggerInterface $logger = null, array $scopes = null) ` | -
218+ ` getAccessToken(string $code, string $state = null) ` | ` AccessToken `
219+
220+ ### ` ClientCredentials `
221+ implemented by ` OAuth2ClientCredentialsTrait `
222+
223+ method | return
224+ ------ | ------
225+ ` getClientCredentialsToken(array $scopes = null) ` | ` AccessToken `
226+ (protected) ` getClientCredentialsTokenBody(array $scopes) ` | array
227+ (protected) ` getClientCredentialsTokenHeaders() ` | array
228+
229+ ### ` CSRFToken `
230+ implemented by ` CSRFTokenTrait `
231+
232+ method | return
233+ ------ | ------
234+ (protected) ` checkState(string $state = null) ` | ` OAuth2Interface `
235+ (protected) ` setState(array $params) ` | array
236+
237+ ### ` TokenRefresh `
238+ implemented by ` OAuth2TokenRefreshTrait `
239+
240+ method | return
241+ ------ | ------
242+ ` refreshAccessToken(AccessToken $token = null) ` | ` AccessToken `
243+
244+ ### ` TokenExpires `
245+ method | return
246+ ------ | ------
247+
248+ ### [ ` OAuthStorageInterface ` ] ( https://github.com/chillerlan/php-oauth-core/blob/master/src/Storage/OAuthStorageAbstract.php )
249+ method | return
250+ ------ | ------
251+ ` storeAccessToken(string $service, AccessToken $token) ` | ` OAuthStorageInterface `
252+ ` getAccessToken(string $service) ` | ` AccessToken `
253+ ` hasAccessToken(string $service) ` | ` AccessToken `
254+ ` clearAccessToken(string$service) ` | ` OAuthStorageInterface `
255+ ` clearAllAccessTokens() ` | ` OAuthStorageInterface `
256+ ` storeCSRFState(string $service, string $state) ` | ` OAuthStorageInterface `
257+ ` getCSRFState(string $service) ` | string
258+ ` hasCSRFState(string $service) ` | bool
259+ ` clearCSRFState(string $service) ` | ` OAuthStorageInterface `
260+ ` clearAllCSRFStates() ` | ` OAuthStorageInterface `
261+ ` toStorage(AccessToken $token) ` | string
262+ ` fromStorage(string $data) ` | ` AccessToken `
263+
264+ ### [ ` AccessToken ` ] ( https://github.com/chillerlan/php-oauth-core/tree/master/src/Core/AccessToken.php )
265+ method | return | description
266+ ------ | ------ | -----------
267+ ` __construct(array $properties = null) ` | - |
268+ ` __set(string $property, $value) ` | void | overrides ` chillerlan\Traits\Container `
269+ ` __toArray() ` | array | from ` chillerlan\Traits\Container `
270+ ` setExpiry(int $expires = null) ` | ` AccessToken ` |
271+ ` isExpired() ` | ` bool ` |
272+
273+ property | type | default | allowed | description
274+ -------- | ---- | ------- | ------- | -----------
275+ ` $requestToken ` | string | null | * | OAuth1 only
276+ ` $requestTokenSecret ` | string | null | * | OAuth1 only
277+ ` $accessTokenSecret ` | string | null | * | OAuth1 only
278+ ` $accessToken ` | string | null | * |
279+ ` $refreshToken ` | string | null | * |
280+ ` $extraParams ` | array | ` [] ` | |
281+ ` $expires ` | int | ` AccessToken::EOL_UNKNOWN ` | |
282+
283+ # Disclaimer
284+ OAuth tokens are secrets and should be treated as such. Store them in a safe place,
285+ [ consider encryption] ( http://php.net/manual/book.sodium.php ) .<br />
286+ I won't take responsibility for stolen auth tokens. Use at your own risk.
0 commit comments