mkm/nk-lihaink-cn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1

Browse Source
This commit is contained in:
彭桃 2023-03-24 09:52:44 +08:00
parent fa8b6729d1
commit 11ab30cf2c
59 changed files with 6417 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
vendor/overtrue/socialite/.github/FUNDING.yml vendored Normal file
View File

@ -0,0 +1 @@
github: [overtrue]

11
vendor/overtrue/socialite/.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,11 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2
updates:
- package-ecosystem: "composer" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "daily"

34
vendor/overtrue/socialite/.github/workflows/lint.yml vendored Normal file
View File

@ -0,0 +1,34 @@
name: Lint
on: [push, pull_request]
jobs:
phpstan:
name: PHPStan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- run: composer validate --strict
- run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
id: composer-cache
- uses: actions/cache@v3
with:
path: ${{ steps.composer-cache.outputs.dir }}
key: dependencies-caches-php-${{ hashFiles('**/composer.lock') }}
restore-keys: dependencies-caches-php-
- run: composer install --no-progress
- run: composer phpstan
php_cs_fixer:
name: PHP-CS-Fxier
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
id: composer-cache
- uses: actions/cache@v3
with:
path: ${{ steps.composer-cache.outputs.dir }}
key: dependencies-caches-php-${{ hashFiles('**/composer.lock') }}
restore-keys: dependencies-caches-php-
- run: composer install --no-progress
- run: composer check-style

28
vendor/overtrue/socialite/.github/workflows/test.yml vendored Normal file
View File

@ -0,0 +1,28 @@
name: Test
on: [push, pull_request]
jobs:
phpunit:
name: PHP-${{ matrix.php_version }}-${{ matrix.perfer }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php_version:
- 8.0
- 8.1
perfer:
- stable
- lowest
steps:
- uses: actions/checkout@v3
- run: composer validate --strict
- run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
id: composer-cache
- uses: actions/cache@v3
with:
path: ${{ steps.composer-cache.outputs.dir }}
key: dependencies-caches-php-${{ hashFiles('**/composer.lock') }}
restore-keys: dependencies-caches-php-
- run: composer update --prefer-dist --no-interaction --no-suggest --prefer-${{ matrix.perfer }}
- run: ./vendor/bin/phpunit

11
vendor/overtrue/socialite/.gitignore vendored Normal file
View File

@ -0,0 +1,11 @@
/vendor
composer.phar
composer.lock
.DS_Store
/.idea
Thumbs.db
/*.php
sftp-config.json
*.cache.phpunit.result.cache
.phpunit.result.cache
.php-cs-fixer.cache

21
vendor/overtrue/socialite/LICENSE vendored Normal file
View File

@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2021 overtrue <i@overtrue.me>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

662
vendor/overtrue/socialite/README.md vendored Normal file
View File

@ -0,0 +1,662 @@
# Socialite
Socialite 是一个 [OAuth2](https://oauth.net/2/) 认证工具。 它的灵感来源于 [laravel/socialite](https://github.com/laravel/socialite) 你可以很轻易的在任何 PHP 项目中使用它。[英文文档](/README_EN.md)
[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/overtrue/socialite?style=flat-square)](https://github.com/overtrue/socialite/releases)
[![GitHub License](https://img.shields.io/github/license/overtrue/socialite?style=flat-square)](https://github.com/overtrue/socialite/blob/master/LICENSE)
[![Packagist Downloads](https://img.shields.io/packagist/dt/overtrue/socialite?style=flat-square)](https://packagist.org/packages/overtrue/socialite)
[![Sponsor me](https://github.com/overtrue/overtrue/blob/master/sponsor-me-button-s.svg?raw=true)](https://github.com/sponsors/overtrue)
该工具现已支持平台有FacebookGithubGoogleLinkedinOutlookQQTAPD支付宝淘宝百度钉钉微博微信抖音飞书Lark豆瓣企业微信腾讯云LineGiteeCoding。
如果你喜欢我的项目并想支持我,[点击这里 :heart:](https://github.com/sponsors/overtrue)
# 版本要求
```
PHP >= 8.0.2
```
# 安装
```shell
$ composer require "overtrue/socialite" -vvv
```
# 使用指南
用户只需要创建相应配置变量,然后通过工具为各个平台创建认证应用,并轻松获取该平台的 access_token 和用户相关信息。工具实现逻辑详见参照各大平台 OAuth2 文档。
工具使用大致分为以下几步:
1. 配置平台设置
2. 创建对应平台应用
3. 让用户跳转至平台认证
4. 服务器收到平台回调 Code使用 Code 换取平台处用户信息(包括 access_token
为 Laravel 用户创建的更方便的整合的包: [overtrue/laravel-socialite](https://github.com/overtrue/laravel-socialite)
`authorize.php`: 让用户跳转至平台认证
```php
<?php
use Overtrue\Socialite\SocialiteManager;
$config = [
'github' => [
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$socialite = new SocialiteManager($config);
$url = $socialite->create('github')->redirect();
return redirect($url);
```
`callback.php`:
```php
<?php
use Overtrue\Socialite\SocialiteManager;
$config = [
'github' => [
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$socialite = new SocialiteManager($config);
$code = request()->query('code');
$user = $socialite->create('github')->userFromCode($code);
$user->getId(); // 1472352
$user->getNickname(); // "overtrue"
$user->getUsername(); // "overtrue"
$user->getName(); // "安正超"
$user->getEmail(); // "anzhengchao@gmail.com"
...
```
## 配置
为每个平台设置相同的键值对后就能开箱即用:`client_id`, `client_secret`, `redirect`.
示例:
```php
$config = [
'weibo' => [
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
'facebook' => [
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
```
### 自定义应用名
你可以使用任意你喜欢的名字对每个平台进行命名,比如说 `foo` 采用别名的方法后需要在配置中多设置一个 `provider` 键,这样才能告诉工具包如何正确找到你想要的程序:
```php
$config = [
// 为 github 应用起别名为 foo
'foo' => [
'provider' => 'github', // <-- provider name
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
// 另外一个名字叫做 bar 的 github 应用
'bar' => [
'provider' => 'github', // <-- provider name
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
//...
];
$socialite = new SocialiteManager($config);
$appFoo = $socialite->create('foo');
$appBar = $socialite->create('bar');
```
### 扩展自定义服务提供程序
你可以很容易的从自定义的服务提供中创建应用,只需要遵循如下两点:
1. 使用自定义创建器
如下代码所示,为 foo 应用定义了服务提供名,但是工具本身还未支持,所以使用创建器 `extend()`,以闭包函数的形式为该服务提供创建一个实例。
```php
$config = [
'foo' => [
'provider' => 'myprovider', // <-- 一个工具还未支持的服务提供程序
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$socialite = new SocialiteManager($config);
$socialite->extend('myprovider', function(array $config) {
return new MyCustomProvider($config);
});
$app = $socialite->create('foo');
```
2. 使用服务提供类
>👋🏻 你的自定义服务提供类必须实现`Overtrue\Socialite\Contracts\ProviderInterface` 接口
```php
class MyCustomProvider implements \Overtrue\Socialite\Contracts\ProviderInterface
{
//...
}
```
接下来为 `provider` 设置该类名让工具可以找到该类并实例化:
```php
$config = [
'foo' => [
'provider' => MyCustomProvider::class, // <-- 类名
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$socialite = new SocialiteManager($config);
$app = $socialite->create('foo');
```
## 平台
不同的平台有不同的配置方法,为了确保工具的正常运行,所以请确保你所使用的平台的配置都是如期设置的。
### [支付宝](https://opendocs.alipay.com/open/200/105310#s2)
请按如下方式配置
```php
$config = [
'alipay' => [
// 这个键名还能像官方文档那样叫做 'app_id'
'client_id' => 'your-app-id',
// 请根据官方文档,在官方管理后台配置 RSA2
// 注意: 这是你自己的私钥
// 注意: 不允许私钥内容有其他字符
// 建议: 为了保证安全,你可以将文本信息从磁盘文件中读取,而不是在这里明文
'rsa_private_key' => 'your-rsa-private-key',
// 确保这里的值与你在服务后台绑定的地址值一致
// 这个键名还能像官方文档那样叫做 'redirect_url'
'redirect' => 'http://localhost/socialite/callback.php',
// 沙箱模式接入地址见 https://opendocs.alipay.com/open/220/105337#%E5%85%B3%E4%BA%8E%E6%B2%99%E7%AE%B1
'sandbox' => false,
]
...
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('alipay')->userFromCode('here is auth code');
// 详见文档后面 "User interface"
$user->getId(); // 1472352
$user->getNickname(); // "overtrue"
$user->getUsername(); // "overtrue"
$user->getName(); // "安正超"
...
```
本工具暂时只支持 RSA2 个人私钥认证方式。
### [钉钉](https://ding-doc.dingtalk.com/doc#/serverapi3/mrugr3)
如文档所示
> 注意:该工具仅支持 QR code 连接到第三方网站用来获取用户信息opeid unionid 和 nickname
```php
$config = [
'dingtalk' => [
// or 'app_id'
'client_id' => 'your app id',
// or 'app_secret'
'client_secret' => 'your app secret',
// or 'redirect_url'
'redirect' => 'redirect URL'
]
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('dingtalk')->userFromCode('here is auth code');
// 详见文档后面 "User interface"
$user->getId(); // 1472352
$user->getNickname(); // "overtrue"
$user->getUsername(); // "overtrue"
$user->getName(); // "安正超"
...
```
### [抖音](https://open.douyin.com/platform/doc/OpenAPI-oauth2)
> 注意: 使用抖音服务提供的时候,如果你想直接使用 access_token 获取用户信息时,请先设置 openid。 先调用 `withOpenId()` 再调用 `userFromToken()`
```php
$config = [
'douyin' => [
'client_id' => 'your app id',
'client_secret' => 'your app secret',
'redirect' => 'redirect URL'
]
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('douyin')->userFromCode('here is auth code');
$user = $socialite->create('douyin')->withOpenId('openId')->userFromToken('here is the access token');
```
### [头条](https://open.douyin.com/platform/resource/docs/develop/permission/toutiao-or-xigua/OAuth2.0/)
> 注意: 使用`头条`服务提供的时候,如果你想直接使用 access_token 获取用户信息时,请先设置 openid。 先调用 `withOpenId()` 再调用 `userFromToken()`
```php
$config = [
'toutiao' => [
'client_id' => 'your app id',
'client_secret' => 'your app secret',
'redirect' => 'redirect URL'
]
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('toutiao')->userFromCode('here is auth code');
$user = $socialite->create('toutiao')->withOpenId('openId')->userFromToken('here is the access token');
```
### [西瓜](https://open.douyin.com/platform/resource/docs/develop/permission/toutiao-or-xigua/OAuth2.0/)
> 注意: 使用`西瓜`服务提供的时候,如果你想直接使用 access_token 获取用户信息时,请先设置 openid。 先调用 `withOpenId()` 再调用 `userFromToken()`
```php
$config = [
'xigua' => [
'client_id' => 'your app id',
'client_secret' => 'your app secret',
'redirect' => 'redirect URL'
]
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('xigua')->userFromCode('here is auth code');
$user = $socialite->create('xigua')->withOpenId('openId')->userFromToken('here is the access token');
```
### [百度](https://developer.baidu.com/wiki/index.php?title=docs/oauth)
其他配置没啥区别,在用法上,可以很轻易的选择重定向登录页面的模式,通过 `withDisplay()`
- **page**全屏形式的授权页面 (默认),适用于 web 应用。
- **popup:** 弹框形式的授权页面,适用于桌面软件应用和 web 应用。
- **dialog:** 浮层形式的授权页面,只能用于站内 web 应用。
- **mobile:** Iphone/Android 等智能移动终端上用的授权页面,适用于 Iphone/Android 等智能移动终端上的应用。
- **tv:** 电视等超大显示屏使用的授权页面。
- **pad:** IPad/Android 等智能平板电脑使用的授权页面。
```php
$authUrl = $socialite->create('baidu')->withDisplay('mobile')->redirect();
```
`popup` 模式是工具内默认的使用模式。`basic` 是默认使用的 scopes 值。
### [飞书](https://open.feishu.cn/document/ukTMukTMukTM/uITNz4iM1MjLyUzM)
通过一些简单的方法配置 app_ticket 就能使用内部应用模式
```php
$config = [
'feishu' => [
// or 'app_id'
'client_id' => 'your app id',
// or 'app_secret'
'client_secret' => 'your app secret',
// or 'redirect_url'
'redirect' => 'redirect URL',
// 如果你想使用使用内部应用的方式获取 app_access_token
// 对这个键设置了 'internal' 值那么你已经开启了内部应用模式
'app_mode' => 'internal'
]
];
$socialite = new SocialiteManager($config);
$feishuDriver = $socialite->create('feishu');
$feishuDriver->withInternalAppMode()->userFromCode('here is code');
$feishuDriver->withDefaultMode()->withAppTicket('app_ticket')->userFromCode('here is code');
```
### [Lark](https://open.larksuite.com/document/ukTMukTMukTM/uITNz4iM1MjLyUzM)
通过一些简单的方法配置 app_ticket 就能使用内部应用模式
```php
$config = [
'lark' => [
// or 'app_id'
'client_id' => 'your app id',
// or 'app_secret'
'client_secret' => 'your app secret',
// or 'redirect_url'
'redirect' => 'redirect URL',
// 如果你想使用使用内部应用的方式获取 app_access_token
// 对这个键设置了 'internal' 值那么你已经开启了内部应用模式
'app_mode' => 'internal'
]
];
$socialite = new SocialiteManager($config);
$larkDriver = $socialite->create('lark');
$larkDriver->withInternalAppMode()->userFromCode('here is code');
$larkDriver->withDefaultMode()->withAppTicket('app_ticket')->userFromCode('here is code');
```
### [淘宝](https://open.taobao.com/doc.htm?docId=102635&docType=1&source=search)
其他配置与其他平台的一样,你能选择你想要展示的重定向页面类型通过使用 `withView()`
```php
$authUrl = $socialite->create('taobao')->withView('wap')->redirect();
```
`web` 模式是工具默认使用的展示方式, `user_info` 是默认使用的 scopes 范围值。
### [微信](https://developers.weixin.qq.com/doc/oplatform/Third-party_Platforms/Official_Accounts/official_account_website_authorization.html)
我们支持开放平台代表公众号进行第三方平台网页授权。
你只需要像下面这样输入你的配置。官方账号不需要授权。
```php
...
[
'wechat' =>
[
'client_id' => 'client_id',
'client_secret' => 'client_secret',
'redirect' => 'redirect-url',
// 开放平台 - 第三方平台所需
'component' => [
// or 'app_id', 'component_app_id' as key
'id' => 'component-app-id',
// or 'app_token', 'access_token', 'component_access_token' as key
'token' => 'component-access-token',
]
]
],
...
```
### [Coding](https://coding.net/help/openapi#oauth)
您需要额外配置 `team_url` 为您的团队域名,例如:
```php
$config = [
'coding' => [
'team_url' => 'https://{your-team}.coding.net',
'client_id' => 'your app id',
'client_secret' => 'your app secret',
'redirect' => 'redirect URL',
]
];
```
## 其他一些技巧
### Scopes
在重定向用户之前,您还可以使用 `scopes()` 方法在请求上设置 “范围”。此方法将覆盖所有现有的作用域:
```php
$response = $socialite->create('github')
->scopes(['scope1', 'scope2'])->redirect();
```
### Redirect URL
你也可以动态设置' redirect_uri ',你可以使用以下方法来改变 `redirect_uri` URL:
```php
$url = 'your callback url.';
$socialite->redirect($url);
// or
$socialite->withRedirectUrl($url)->redirect();
```
### State
你的应用程序可以使用一个状态参数来确保响应属于同一个用户发起的请求,从而防止跨站请求伪造 (CSFR) 攻击。当恶意攻击者欺骗用户执行不需要的操作 (只有用户有权在受信任的 web 应用程序上执行) 时,就会发生 CSFR 攻击,所有操作都将在不涉及或警告用户的情况下完成。
这里有一个最简单的例子,说明了如何提供状态可以让你的应用程序更安全。在本例中,我们使用会话 ID 作为状态参数,但是您可以使用您想要为状态创建值的任何逻辑。
### 带着 `state` 参数的重定向
```php
<?php
session_start();
$config = [
//...
];
// Assign to state the hashing of the session ID
$state = hash('sha256', session_id());
$socialite = new SocialiteManager($config);
$url = $socialite->create('github')->withState($state)->redirect();
return redirect($url);
```
### 检验回调的 `state`
一旦用户授权你的应用程序,用户将被重定向回你的应用程序的 redirect_uri。OAuth 服务器将不加修改地返回状态参数。检查 redirect_uri 中提供的状态是否与应用程序生成的状态相匹配:
```php
<?php
session_start();
$state = request()->query('state');
$code = request()->query('code');
// Check the state received with current session id
if ($state != hash('sha256', session_id())) {
exit('State does not match!');
}
$user = $socialite->create('github')->userFromCode($code);
// authorized
```
[查看更多关于 `state` 参数的文档](https://auth0.com/docs/protocols/oauth2/oauth-state)
### 其他的一些参数
要在请求中包含任何可选参数,调用 `with()` 方法传入一个你想要设置的关联数组:
```php
$response = $socialite->create('google')
->with(['hd' => 'example.com'])->redirect();
```
## User interface
### 标准的 user api
```php
$user = $socialite->create('github')->userFromCode($code);
```
```json
{
"id": 1472352,
"nickname": "overtrue",
"name": "安正超",
"email": "anzhengchao@gmail.com",
"avatar": "https://avatars.githubusercontent.com/u/1472352?v=3",
"raw": {
"login": "overtrue",
"id": 1472352,
"avatar_url": "https://avatars.githubusercontent.com/u/1472352?v=3",
"gravatar_id": "",
"url": "https://api.github.com/users/overtrue",
"html_url": "https://github.com/overtrue",
...
},
"token_response": {
"access_token": "5b1dc56d64fffbd052359f032716cc4e0a1cb9a0",
"token_type": "bearer",
"scope": "user:email"
}
}
```
你可以像这样以数组键的形式获取 user 属性:
```php
$user['id']; // 1472352
$user['nickname']; // "overtrue"
$user['name']; // "安正超"
$user['email']; // "anzhengchao@gmail.com"
...
```
或者使用该 `User` 对象的方法:
```php
mixed $user->getId();
?string $user->getNickname();
?string $user->getName();
?string $user->getEmail();
?string $user->getAvatar();
?string $user->getRaw();
?string $user->getAccessToken();
?string $user->getRefreshToken();
?int $user->getExpiresIn();
?array $user->getTokenResponse();
```
### 从 OAuth API 响应中取得原始数据
`$user->getRaw()` 方法会返回一个 **array**
### 当你使用 userFromCode() 想要获取 token 响应的原始数据
`$user->getTokenResponse()` 方法会返回一个 **array** 里面是响应从获取 token 时候 API 返回的响应。
> 注意:当你使用 `userFromCode()` 时,这个方法只返回一个 **有效的数组**,否则将返回 **null**,因为 `userFromToken() ` 没有 token 的 HTTP 响应。
### 通过 access token 获取用户信息
```php
$accessToken = 'xxxxxxxxxxx';
$user = $socialite->userFromToken($accessToken);
```
# Enjoy it! :heart:
# 参照
- [Alipay - 用户信息授权](https://opendocs.alipay.com/open/289/105656)
- [DingTalk - 扫码登录第三方网站](https://ding-doc.dingtalk.com/doc#/serverapi3/mrugr3)
- [Google - OpenID Connect](https://developers.google.com/identity/protocols/OpenIDConnect)
- [Github - Authorizing OAuth Apps](https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/)
- [Facebook - Graph API](https://developers.facebook.com/docs/graph-api)
- [Linkedin - Authenticating with OAuth 2.0](https://developer.linkedin.com/docs/oauth2)
- [微博 - OAuth 2.0 授权机制说明](http://open.weibo.com/wiki/%E6%8E%88%E6%9D%83%E6%9C%BA%E5%88%B6%E8%AF%B4%E6%98%8E)
- [QQ - OAuth 2.0 登录 QQ](http://wiki.connect.qq.com/oauth2-0%E7%AE%80%E4%BB%8B)
- [腾讯云 - OAuth2.0](https://cloud.tencent.com/document/product/306/37730#.E6.8E.A5.E5.85.A5.E8.85.BE.E8.AE.AF.E4.BA.91-oauth)
- [微信公众平台 - OAuth 文档](http://mp.weixin.qq.com/wiki/9/01f711493b5a02f24b04365ac5d8fd95.html)
- [微信开放平台 - 网站应用微信登录开发指南](https://open.weixin.qq.com/cgi-bin/showdocument?action=dir_list&t=resource/res_list&verify=1&id=open1419316505&token=&lang=zh_CN)
- [微信开放平台 - 代公众号发起网页授权](https://open.weixin.qq.com/cgi-bin/showdocument?action=dir_list&t=resource/res_list&verify=1&id=open1419318590&token=&lang=zh_CN)
- [企业微信 - OAuth 文档](https://open.work.weixin.qq.com/api/doc/90000/90135/91020)
- [企业微信第三方应用 - OAuth 文档](https://open.work.weixin.qq.com/api/doc/90001/90143/91118)
- [豆瓣 - OAuth 2.0 授权机制说明](http://developers.douban.com/wiki/?title=oauth2)
- [抖音 - 网站应用开发指南](http://open.douyin.com/platform/doc)
- [飞书 - 授权说明](https://open.feishu.cn/document/ukTMukTMukTM/uMTNz4yM1MjLzUzM)
- [Lark - 授权说明](https://open.larksuite.com/document/ukTMukTMukTM/uMTNz4yM1MjLzUzM)
- [Tapd - 用户授权说明](https://www.tapd.cn/help/show#1120003271001000093)
- [Line - OAuth 2.0](https://developers.line.biz/en/docs/line-login/integrate-line-login/)
- [Gitee - OAuth文档](https://gitee.com/api/v5/oauth_doc#/)
# PHP 扩展包开发
> 想知道如何从零开始构建 PHP 扩展包?
>
> 请关注我的实战课程,我会在此课程中分享一些扩展开发经验 —— [《PHP 扩展包实战教程 - 从入门到发布》](https://learnku.com/courses/creating-package)
# License
MIT

648
vendor/overtrue/socialite/README_EN.md vendored Normal file
View File

@ -0,0 +1,648 @@
# Socialite
Socialite is an [OAuth2](https://oauth.net/2/) Authentication tool. It is inspired by [laravel/socialite](https://github.com/laravel/socialite), You can easily use it in any PHP project. [中文文档](/README.md)
[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/overtrue/socialite?style=flat-square)](https://github.com/overtrue/socialite/releases)
[![GitHub License](https://img.shields.io/github/license/overtrue/socialite?style=flat-square)](https://github.com/overtrue/socialite/blob/master/LICENSE)
[![Packagist Downloads](https://img.shields.io/packagist/dt/overtrue/socialite?style=flat-square)](https://packagist.org/packages/overtrue/socialite)
[![Sponsor me](https://github.com/overtrue/overtrue/blob/master/sponsor-me-button-s.svg?raw=true)](https://github.com/sponsors/overtrue)
This tool now supports platforms such as Facebook, GitHub, Google, Figma, LinkedIn, Outlook, QQ, Tapd, Alipay, Taobao, Baidu, DingTalk, Weibo, WeChat, Douyin, Feishu, Lark, Douban, WeWork, Tencent Cloud, Line, Gitee and Coding.
如果你喜欢我的项目并想支持我,[点击这里 :heart:](https://github.com/sponsors/overtrue)
# Requirement
```
PHP >= 8.0.2
```
# Installation
```shell
$ composer require "overtrue/socialite" -vvv
```
# Usage
Users just need to create the corresponding configuration variables, then create the authentication application for each platform through the tool, and easily obtain the access_token and user information for that platform. The implementation logic of the tool is referred to OAuth2 documents of major platforms for details.
The tool is used in the following steps:
1. Configurate platform config
2. Use this tool to create a platform application
3. Let the user redirect to platform authentication
4. The server receives a Code callback from the platform, and uses the Code to exchange the user information on the platform (including access_token).
Packages created for Laravel users are easier to integrate: [overtrue/laravel-socialite](https://github.com/overtrue/laravel-socialite)
`authorize.php`:
```php
<?php
use Overtrue\Socialite\SocialiteManager;
$config = [
'github' => [
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$socialite = new SocialiteManager($config);
$url = $socialite->create('github')->redirect();
return redirect($url);
```
`callback.php`:
```php
<?php
use Overtrue\Socialite\SocialiteManager;
$config = [
'github' => [
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$socialite = new SocialiteManager($config);
$code = request()->query('code');
$user = $socialite->create('github')->userFromCode($code);
$user->getId(); // 1472352
$user->getNickname(); // "overtrue"
$user->getUsername(); // "overtrue"
$user->getName(); // "安正超"
$user->getEmail(); // "anzhengchao@gmail.com"
...
```
## Configuration
Each create uses the same configuration keys: `client_id`, `client_secret`, `redirect`.
Example:
```php
$config = [
'weibo' => [
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
'facebook' => [
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
```
### Custom app name
You can use any name you like as the name of the application, such as `foo`, and set provider using `provider` key
```php
$config = [
'foo' => [
'provider' => 'github', // <-- provider name
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
// another github app
'bar' => [
'provider' => 'github', // <-- provider name
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
//...
];
```
### Extends custom provider
You can create application from you custom provider easilyyou have to ways to do this:
1. Using custom creator:
As shown in the following code, the service provider name is defined for the Foo application, but the tool itself does not support it, so use the creator `extend()` to create an instance of the service provider as a closure function.
```php
$config = [
'foo' => [
'provider' => 'myprovider', // <-- provider name
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$socialite = new SocialiteManager($config);
$socialite->extend('myprovider', function(array $config) {
return new MyCustomProvider($config);
});
$app = $socialite->create('foo');
```
2. Using provider:
>👋🏻 Your custom provider class must be implements of `Overtrue\Socialite\Contracts\ProviderInterface`.
```php
class MyCustomProvider implements \Overtrue\Socialite\Contracts\ProviderInterface
{
//...
}
```
then set `provider` with the class name:
```php
$config = [
'foo' => [
'provider' => MyCustomProvider::class, // <-- class name
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$socialite = new SocialiteManager($config);
$app = $socialite->create('foo');
```
## Platform
Different platforms have different configuration methods, so please check the platform Settings you are using.
### [Alipay](https://opendocs.alipay.com/open/200/105310#s2)
You must have the following configuration.
```php
$config = [
'alipay' => [
// This can also be named as 'app_id' like the official documentation.
'client_id' => 'your-app-id',
// Please refer to the official documentation, in the official management background configuration RSA2.
// Note: This is your own private key.
// Note: Do not allow the private key content to have extra characters.
// Recommendation: For security, you can read directly from the file. But here as long as the value, please remember to remove the head and tail of the decoration.
'rsa_private_key' => 'your-rsa-private-key',
// Be sure to set this value and make sure that it is the same address value as set in the official admin system.
// This can also be named as 'redirect_url' like the official documentation.
'redirect' => 'http://localhost/socialite/callback.php',
]
...
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('alipay')->userFromCode('here is auth code');
// See this documents "User interface"
$user->getId(); // 1472352
$user->getNickname(); // "overtrue"
$user->getUsername(); // "overtrue"
$user->getName(); // "安正超"
...
```
Only RSA2 personal private keys are supported, so stay tuned if you want to log in with a certificate.
### [DingTalk](https://ding-doc.dingtalk.com/doc#/serverapi3/mrugr3)
Follow the documentation and configure it like following.
> Note: It only supported QR code access to third-part websites. i.e exchange for user information(opendid, unionid and nickname)
```php
$config = [
'dingtalk' => [
// or 'app_id'
'client_id' => 'your app id',
// or 'app_secret'
'client_secret' => 'your app secret',
// or 'redirect_url'
'redirect' => 'redirect URL'
]
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('dingtalk')->userFromCode('here is auth code');
// See this documents "User interface"
$user->getId(); // 1472352
$user->getNickname(); // "overtrue"
$user->getUsername(); // "overtrue"
$user->getName(); // "安正超"
...
```
### [Douyin](https://open.douyin.com/platform/doc/OpenAPI-oauth2)
> Note using the Douyin create that if you get user information directly using access token, set up the openid first. the openid can be obtained by code when access is obtained, so call `userFromCode()` automatically configured for you openid, if call `userFromToken()` first call `withOpenId()`
```php
$config = [
'douyin' => [
'client_id' => 'your app id',
'client_secret' => 'your app secret',
'redirect' => 'redirect URL'
]
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('douyin')->userFromCode('here is auth code');
$user = $socialite->create('douyin')->withOpenId('openId')->userFromToken('here is the access token');
```
### [TouTiao](https://open.douyin.com/platform/resource/docs/develop/permission/toutiao-or-xigua/OAuth2.0/)
> Note using the `toutiao` create that if you get user information directly using access token, set up the openid first. the openid can be obtained by code when access is obtained, so call `userFromCode()` automatically configured for you openid, if call `userFromToken()` first call `withOpenId()`
```php
$config = [
'toutiao' => [
'client_id' => 'your app id',
'client_secret' => 'your app secret',
'redirect' => 'redirect URL'
]
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('toutiao')->userFromCode('here is auth code');
$user = $socialite->create('toutiao')->withOpenId('openId')->userFromToken('here is the access token');
```
### [XiGua](https://open.douyin.com/platform/resource/docs/develop/permission/toutiao-or-xigua/OAuth2.0/)
> Note using the `xigua` create that if you get user information directly using access token, set up the openid first. the openid can be obtained by code when access is obtained, so call `userFromCode()` automatically configured for you openid, if call `userFromToken()` first call `withOpenId()`
```php
$config = [
'xigua' => [
'client_id' => 'your app id',
'client_secret' => 'your app secret',
'redirect' => 'redirect URL'
]
];
$socialite = new SocialiteManager($config);
$user = $socialite->create('xigua')->userFromCode('here is auth code');
$user = $socialite->create('xigua')->withOpenId('openId')->userFromToken('here is the access token');
```
### [Baidu](https://developer.baidu.com/wiki/index.php?title=docs/oauth)
You can choose the form you want display by using `withDisplay()`.
- **page**
- **popup**
- **dialog**
- **mobile**
- **tv**
- **pad**
```php
$authUrl = $socialite->create('baidu')->withDisplay('mobile')->redirect();
```
`popup` mode is the default setting with display. `basic` is the default with scopes.
### [Feishu](https://open.feishu.cn/document/ukTMukTMukTM/uITNz4iM1MjLyUzM)
Some simple way to use by internal app mode and config app_ticket.
```php
$config = [
'feishu' => [
// or 'app_id'
'client_id' => 'your app id',
// or 'app_secret'
'client_secret' => 'your app secret',
// or 'redirect_url'
'redirect' => 'redirect URL',
// if you want to use internal way to get app_access_token
// set this key by 'internal' then you already turn on the internal app mode
'app_mode' => 'internal'
]
];
$socialite = new SocialiteManager($config);
$feishuDriver = $socialite->create('feishu');
$feishuDriver->withInternalAppMode()->userFromCode('here is code');
$feishuDriver->withDefaultMode()->withAppTicket('app_ticket')->userFromCode('here is code');
```
### [Lark](https://open.larksuite.com/document/ukTMukTMukTM/uITNz4iM1MjLyUzM)
Some simple way to use by internal app mode and config app_ticket.
```php
$config = [
'lark' => [
// or 'app_id'
'client_id' => 'your app id',
// or 'app_secret'
'client_secret' => 'your app secret',
// or 'redirect_url'
'redirect' => 'redirect URL',
// if you want to use internal way to get app_access_token
// set this key by 'internal' then you already turn on the internal app mode
'app_mode' => 'internal'
]
];
$socialite = new SocialiteManager($config);
$larkDriver = $socialite->create('lark');
$larkDriver->withInternalAppMode()->userFromCode('here is code');
$larkDriver->withDefaultMode()->withAppTicket('app_ticket')->userFromCode('here is code');
```
### [Taobao](https://open.taobao.com/doc.htm?docId=102635&docType=1&source=search)
You can choose the form you want display by using `withView()`.
```php
$authUrl = $socialite->create('taobao')->withView('wap')->redirect();
```
`web` mode is the default setting with display. `user_info` is the default with scopes.
### [WeChat](https://developers.weixin.qq.com/doc/oplatform/Third-party_Platforms/Official_Accounts/official_account_website_authorization.html)
We support Open Platform Third-party Platform webpage authorizations on behalf of Official Account.
You just need input your config like below config. Official Accounts authorizations only doesn't need.
```php
...
[
'wechat' =>
[
'client_id' => 'client_id',
'client_secret' => 'client_secret',
'redirect' => 'redirect-url',
// Open Platform - Third-party Platform Need
'component' => [
'id' => 'component-app-id',
'token' => 'component-access-token', // or Using a callable as value.
]
]
],
...
```
### [Coding](https://coding.net/help/openapi#oauth)
Please add the `team_url` parameter to the configuration file to specify the team domain name as follows:
```php
$config = [
'coding' => [
'team_url' => 'https://{your-team}.coding.net',
'client_id' => 'your app id',
'client_secret' => 'your app secret',
'redirect' => 'redirect URL',
]
];
```
## Some Skill
### Scopes
Before redirecting the user, you may also set "scopes" on the request using the `scopes()` method. This method will overwrite all existing scopes:
```php
$response = $socialite->create('github')
->scopes(['scope1', 'scope2'])->redirect();
```
### Redirect URL
You may also want to dynamically set `redirect_uri`you can use the following methods to change the `redirect_uri` URL:
```php
$url = 'your callback url.';
$socialite->redirect($url);
// or
$socialite->withRedirectUrl($url)->redirect();
```
### State
Your app can use a state parameter for making sure the response belongs to a request initiated by the same user, therefore preventing cross-site request forgery (CSFR) attacks. A CSFR attack occurs when a malicious attacker tricks the user into performing unwanted actions that only the user is authorized to perform on a trusted web application, and all will be done without involving or alerting the user.
Here's the simplest example of how providing the state can make your app more secure. in this example, we use the session ID as the state parameter, but you can use whatever logic you want to create value for the state.
### Redirect with `state` parameter
```php
<?php
session_start();
$config = [
//...
];
// Assign to state the hashing of the session ID
$state = hash('sha256', session_id());
$socialite = new SocialiteManager($config);
$url = $socialite->create('github')->withState($state)->redirect();
return redirect($url);
```
### Validate the callback `state`
Once the user has authorized your app, the user will be redirected back to your app's redirect_uri. The OAuth server will return the state parameter unchanged. Check if the state provided in the redirect_uri matches the state generated by your app:
```php
<?php
session_start();
$state = request()->query('state');
$code = request()->query('code');
// Check the state received with current session id
if ($state != hash('sha256', session_id())) {
exit('State does not match!');
}
$user = $socialite->create('github')->userFromCode($code);
// authorized
```
[Read more about `state` parameter](https://auth0.com/docs/protocols/oauth2/oauth-state)
### Additional parameters
To include any optional parameters in the request, call the `with()` method with an associative array:
```php
$response = $socialite->create('google')
->with(['hd' => 'example.com'])->redirect();
```
## User interface
### Standard user api:
```php
$user = $socialite->create('github')->userFromCode($code);
```
```json
{
"id": 1472352,
"nickname": "overtrue",
"name": "安正超",
"email": "anzhengchao@gmail.com",
"avatar": "https://avatars.githubusercontent.com/u/1472352?v=3",
"raw": {
"login": "overtrue",
"id": 1472352,
"avatar_url": "https://avatars.githubusercontent.com/u/1472352?v=3",
"gravatar_id": "",
"url": "https://api.github.com/users/overtrue",
"html_url": "https://github.com/overtrue",
...
},
"token_response": {
"access_token": "5b1dc56d64fffbd052359f032716cc4e0a1cb9a0",
"token_type": "bearer",
"scope": "user:email"
}
}
```
You can fetch the user attribute as a array keys like these:
```php
$user['id']; // 1472352
$user['nickname']; // "overtrue"
$user['name']; // "安正超"
$user['email']; // "anzhengchao@gmail.com"
...
```
Or using the method:
```php
mixed $user->getId();
?string $user->getNickname();
?string $user->getName();
?string $user->getEmail();
?string $user->getAvatar();
?string $user->getRaw();
?string $user->getAccessToken();
?string $user->getRefreshToken();
?int $user->getExpiresIn();
?array $user->getTokenResponse();
```
### Get raw response from OAuth API
The `$user->getRaw()` method will return an **array** of the API raw response.
### Get the token response when you use userFromCode()
The `$user->getTokenResponse()` method will return an **array** of the get token(access token) API response.
> Note: This method only return a **valid array** when you use `userFromCode()`, else will return **null** because use `userFromToken()` have no token response.
### Get user with access token
```php
$accessToken = 'xxxxxxxxxxx';
$user = $socialite->userFromToken($accessToken);
```
# Enjoy it! :heart:
# Reference
- [Alipay - 用户信息授权](https://opendocs.alipay.com/open/289/105656)
- [DingTalk - 扫码登录第三方网站](https://ding-doc.dingtalk.com/doc#/serverapi3/mrugr3)
- [Google - OpenID Connect](https://developers.google.com/identity/protocols/OpenIDConnect)
- [GitHub - Authorizing OAuth Apps](https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/)
- [Figma - OAuth 2](https://www.figma.com/developers/api#auth-oauth2)
- [Facebook - Graph API](https://developers.facebook.com/docs/graph-api)
- [Linkedin - Authenticating with OAuth 2.0](https://developer.linkedin.com/docs/oauth2)
- [微博 - OAuth 2.0 授权机制说明](http://open.weibo.com/wiki/%E6%8E%88%E6%9D%83%E6%9C%BA%E5%88%B6%E8%AF%B4%E6%98%8E)
- [QQ - OAuth 2.0 登录 QQ](http://wiki.connect.qq.com/oauth2-0%E7%AE%80%E4%BB%8B)
- [腾讯云 - OAuth2.0](https://cloud.tencent.com/document/product/306/37730#.E6.8E.A5.E5.85.A5.E8.85.BE.E8.AE.AF.E4.BA.91-oauth)
- [微信公众平台 - OAuth 文档](http://mp.weixin.qq.com/wiki/9/01f711493b5a02f24b04365ac5d8fd95.html)
- [微信开放平台 - 网站应用微信登录开发指南](https://open.weixin.qq.com/cgi-bin/showdocument?action=dir_list&t=resource/res_list&verify=1&id=open1419316505&token=&lang=zh_CN)
- [微信开放平台 - 代公众号发起网页授权](https://open.weixin.qq.com/cgi-bin/showdocument?action=dir_list&t=resource/res_list&verify=1&id=open1419318590&token=&lang=zh_CN)
- [企业微信 - OAuth 文档](https://open.work.weixin.qq.com/api/doc/90000/90135/91020)
- [企业微信第三方应用 - OAuth 文档](https://open.work.weixin.qq.com/api/doc/90001/90143/91118)
- [豆瓣 - OAuth 2.0 授权机制说明](http://developers.douban.com/wiki/?title=oauth2)
- [抖音 - 网站应用开发指南](http://open.douyin.com/platform/doc)
- [飞书 - 授权说明](https://open.feishu.cn/document/ukTMukTMukTM/uMTNz4yM1MjLzUzM)
- [Lark - 授权说明](https://open.larksuite.com/document/ukTMukTMukTM/uMTNz4yM1MjLzUzM)
- [Tapd - 用户授权说明](https://www.tapd.cn/help/show#1120003271001000093)
- [Line - OAuth 2.0](https://developers.line.biz/en/docs/line-login/integrate-line-login/)
- [Gitee - OAuth文档](https://gitee.com/api/v5/oauth_doc#/)
[![Sponsor me](https://github.com/overtrue/overtrue/blob/master/sponsor-me.svg?raw=true)](https://github.com/sponsors/overtrue)
## Project supported by JetBrains
Many thanks to Jetbrains for kindly providing a license for me to work on this and other open-source projects.
[![](https://resources.jetbrains.com/storage/products/company/brand/logos/jb_beam.svg)](https://www.jetbrains.com/?from=https://github.com/overtrue)
# PHP 扩展包开发
> 想知道如何从零开始构建 PHP 扩展包?
>
> 请关注我的实战课程,我会在此课程中分享一些扩展开发经验 —— [《PHP 扩展包实战教程 - 从入门到发布》](https://learnku.com/courses/creating-package)
# License
MIT

52
vendor/overtrue/socialite/composer.json vendored Normal file
View File

@ -0,0 +1,52 @@
{
"name": "overtrue/socialite",
"description": "A collection of OAuth 2 packages.",
"keywords": [
"oauth",
"social",
"login",
"weibo",
"wechat",
"qq",
"feishu",
"qcloud"
],
"autoload": {
"files": [
"src/Contracts/FactoryInterface.php",
"src/Contracts/UserInterface.php",
"src/Contracts/ProviderInterface.php"
],
"psr-4": {
"Overtrue\\Socialite\\": "src/"
}
},
"require": {
"php": ">=8.0.2",
"ext-json": "*",
"ext-openssl": "*",
"guzzlehttp/guzzle": "^7.0",
"symfony/http-foundation": "^6.0",
"symfony/psr-http-message-bridge": "^2.1"
},
"require-dev": {
"mockery/mockery": "^1.3",
"phpunit/phpunit": "^9.0",
"jetbrains/phpstorm-attributes": "^1.0",
"phpstan/phpstan": "^1.7",
"laravel/pint": "^1.2"
},
"license": "MIT",
"authors": [
{
"name": "overtrue",
"email": "anzhengchao@gmail.com"
}
],
"scripts": {
"check-style": "@php vendor/bin/pint --test",
"fix-style": "@php vendor/bin/pint",
"test": "@php vendor/bin/phpunit --colors=always",
"phpstan": "@php vendor/bin/phpstan analyse src"
}
}

6
vendor/overtrue/socialite/phpstan.neon.dist vendored Normal file
View File

@ -0,0 +1,6 @@
parameters:
checkMissingIterableValueType: false
checkGenericClassInNonGenericObjectType: false
level: 8
paths:
- src

17
vendor/overtrue/socialite/phpunit.xml vendored Normal file
View File

@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit backupGlobals="false"
backupStaticAttributes="false"
bootstrap="vendor/autoload.php"
colors="true"
convertErrorsToExceptions="true"
convertNoticesToExceptions="true"
convertWarningsToExceptions="true"
processIsolation="false"
stopOnFailure="false"
>
<testsuites>
<testsuite name="Package Test Suite">
<directory suffix=".php">./tests/</directory>
</testsuite>
</testsuites>
</phpunit>

98
vendor/overtrue/socialite/src/Config.php vendored Normal file
View File

@ -0,0 +1,98 @@
<?php
namespace Overtrue\Socialite;
use ArrayAccess;
use JsonSerializable;
class Config implements ArrayAccess, JsonSerializable
{
protected array $config;
/**
* @param array $config
*/
public function __construct(array $config)
{
$this->config = $config;
}
public function get(string $key, mixed $default = null): mixed
{
$config = $this->config;
if (isset($config[$key])) {
return $config[$key];
}
foreach (\explode('.', $key) as $segment) {
if (! \is_array($config) || ! \array_key_exists($segment, $config)) {
return $default;
}
$config = $config[$segment];
}
return $config;
}
public function set(string $key, mixed $value): array
{
$keys = \explode('.', $key);
$config = &$this->config;
while (\count($keys) > 1) {
$key = \array_shift($keys);
if (! isset($config[$key]) || ! \is_array($config[$key])) {
$config[$key] = [];
}
$config = &$config[$key];
}
$config[\array_shift($keys)] = $value;
return $config;
}
public function has(string $key): bool
{
return (bool) $this->get($key);
}
public function offsetExists(mixed $offset): bool
{
\is_string($offset) || throw new Exceptions\InvalidArgumentException('The $offset must be type of string here.');
return \array_key_exists($offset, $this->config);
}
public function offsetGet(mixed $offset): mixed
{
\is_string($offset) || throw new Exceptions\InvalidArgumentException('The $offset must be type of string here.');
return $this->get($offset);
}
public function offsetSet(mixed $offset, mixed $value): void
{
\is_string($offset) || throw new Exceptions\InvalidArgumentException('The $offset must be type of string here.');
$this->set($offset, $value);
}
public function offsetUnset(mixed $offset): void
{
\is_string($offset) || throw new Exceptions\InvalidArgumentException('The $offset must be type of string here.');
$this->set($offset, null);
}
public function jsonSerialize(): array
{
return $this->config;
}
public function __toString(): string
{
return \json_encode($this, \JSON_UNESCAPED_UNICODE) ?: '';
}
}

19
vendor/overtrue/socialite/src/Contracts/FactoryInterface.php vendored Normal file
View File

@ -0,0 +1,19 @@
<?php
namespace Overtrue\Socialite\Contracts;
const ABNF_APP_ID = 'app_id';
const ABNF_APP_SECRET = 'app_secret';
const ABNF_OPEN_ID = 'open_id';
const ABNF_TOKEN = 'token';
interface FactoryInterface
{
public function config(\Overtrue\Socialite\Config $config): self;
public function create(string $name): ProviderInterface;
public function getResolvedProviders(): array;
public function buildProvider(string $provider, array $config): ProviderInterface;
}

68
vendor/overtrue/socialite/src/Contracts/ProviderInterface.php vendored Normal file
View File

@ -0,0 +1,68 @@
<?php
namespace Overtrue\Socialite\Contracts;
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.1 */
const RFC6749_ABNF_CLIENT_ID = 'client_id';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.2 */
const RFC6749_ABNF_CLIENT_SECRET = 'client_secret';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.3 */
const RFC6749_ABNF_RESPONSE_TYPE = 'response_type';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.4 */
const RFC6749_ABNF_SCOPE = 'scope';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.5 */
const RFC6749_ABNF_STATE = 'state';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.6 */
const RFC6749_ABNF_REDIRECT_URI = 'redirect_uri';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.7 */
const RFC6749_ABNF_ERROR = 'error';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.8 */
const RFC6749_ABNF_ERROR_DESCRIPTION = 'error_description';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.9 */
const RFC6749_ABNF_ERROR_URI = 'error_uri';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.10 */
const RFC6749_ABNF_GRANT_TYPE = 'grant_type';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.11 */
const RFC6749_ABNF_CODE = 'code';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.12 */
const RFC6749_ABNF_ACCESS_TOKEN = 'access_token';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.13 */
const RFC6749_ABNF_TOKEN_TYPE = 'token_type';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.14 */
const RFC6749_ABNF_EXPIRES_IN = 'expires_in';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.15 */
const RFC6749_ABNF_USERNAME = 'username';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.16 */
const RFC6749_ABNF_PASSWORD = 'password';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.17 */
const RFC6749_ABNF_REFRESH_TOKEN = 'refresh_token';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.3 */
const RFC6749_ABNF_AUTHORATION_CODE = 'authorization_code';
/** @see https://datatracker.ietf.org/doc/html/rfc6749#section-4.4.2 */
const RFC6749_ABNF_CLIENT_CREDENTIALS = 'client_credentials';
interface ProviderInterface
{
public function redirect(?string $redirectUrl = null): string;
public function userFromCode(string $code): UserInterface;
public function userFromToken(string $token): UserInterface;
public function withRedirectUrl(string $redirectUrl): self;
public function withState(string $state): self;
/**
* @param string[] $scopes
*/
public function scopes(array $scopes): self;
public function with(array $parameters): self;
public function withScopeSeparator(string $scopeSeparator): self;
public function getClientId(): ?string;
public function getClientSecret(): ?string;
}

46
vendor/overtrue/socialite/src/Contracts/UserInterface.php vendored Normal file
View File

@ -0,0 +1,46 @@
<?php
namespace Overtrue\Socialite\Contracts;
const ABNF_ID = 'id';
const ABNF_NAME = 'name';
const ABNF_NICKNAME = 'nickname';
const ABNF_EMAIL = 'email';
const ABNF_AVATAR = 'avatar';
interface UserInterface
{
public function getId(): mixed;
public function getNickname(): ?string;
public function getName(): ?string;
public function getEmail(): ?string;
public function getAvatar(): ?string;
public function getAccessToken(): ?string;
public function getRefreshToken(): ?string;
public function getExpiresIn(): ?int;
public function getProvider(): ProviderInterface;
public function setRefreshToken(?string $refreshToken): self;
public function setExpiresIn(int $expiresIn): self;
public function setTokenResponse(array $response): self;
public function getTokenResponse(): mixed;
public function setProvider(ProviderInterface $provider): self;
public function getRaw(): array;
public function setRaw(array $user): self;
public function setAccessToken(string $token): self;
}

18
vendor/overtrue/socialite/src/Exceptions/AuthorizeFailedException.php vendored Normal file
View File

@ -0,0 +1,18 @@
<?php
namespace Overtrue\Socialite\Exceptions;
use JetBrains\PhpStorm\Pure;
class AuthorizeFailedException extends Exception
{
public array $body;
#[Pure]
public function __construct(string $message, mixed $body)
{
parent::__construct($message, -1);
$this->body = (array) $body;
}
}

7
vendor/overtrue/socialite/src/Exceptions/BadRequestException.php vendored Normal file
View File

@ -0,0 +1,7 @@
<?php
namespace Overtrue\Socialite\Exceptions;
class BadRequestException extends Exception
{
}

8
vendor/overtrue/socialite/src/Exceptions/Exception.php vendored Normal file
View File

@ -0,0 +1,8 @@
<?php
namespace Overtrue\Socialite\Exceptions;
class Exception extends \Exception
{
//
}

9
vendor/overtrue/socialite/src/Exceptions/FeiShu/InvalidTicketException.php vendored Normal file
View File

@ -0,0 +1,9 @@
<?php
namespace Overtrue\Socialite\Exceptions\FeiShu;
use Overtrue\Socialite\Exceptions;
class InvalidTicketException extends Exceptions\Exception
{
}

8
vendor/overtrue/socialite/src/Exceptions/InvalidArgumentException.php vendored Normal file
View File

@ -0,0 +1,8 @@
<?php
namespace Overtrue\Socialite\Exceptions;
class InvalidArgumentException extends \InvalidArgumentException
{
//
}

18
vendor/overtrue/socialite/src/Exceptions/InvalidTokenException.php vendored Normal file
View File

@ -0,0 +1,18 @@
<?php
namespace Overtrue\Socialite\Exceptions;
use JetBrains\PhpStorm\Pure;
class InvalidTokenException extends Exception
{
public string $token;
#[Pure]
public function __construct(string $message, string $token)
{
parent::__construct($message, -1);
$this->token = $token;
}
}

8
vendor/overtrue/socialite/src/Exceptions/MethodDoesNotSupportException.php vendored Normal file
View File

@ -0,0 +1,8 @@
<?php
namespace Overtrue\Socialite\Exceptions;
class MethodDoesNotSupportException extends Exception
{
//
}

220
vendor/overtrue/socialite/src/Providers/Alipay.php vendored Normal file
View File

@ -0,0 +1,220 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\User;
/**
* @see https://opendocs.alipay.com/open/289/105656
*/
class Alipay extends Base
{
public const NAME = 'alipay';
protected string $baseUrl = 'https://openapi.alipay.com/gateway.do';
protected string $authUrl = 'https://openauth.alipay.com/oauth2/publicAppAuthorize.htm';
protected array $scopes = ['auth_user'];
protected string $apiVersion = '1.0';
protected string $signType = 'RSA2';
protected string $postCharset = 'UTF-8';
protected string $format = 'json';
protected bool $sandbox = false;
public function __construct(array $config)
{
parent::__construct($config);
$this->sandbox = (bool) $this->config->get('sandbox', false);
if ($this->sandbox) {
$this->baseUrl = 'https://openapi.alipaydev.com/gateway.do';
$this->authUrl = 'https://openauth.alipaydev.com/oauth2/publicAppAuthorize.htm';
}
}
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->authUrl);
}
protected function getTokenUrl(): string
{
return $this->baseUrl;
}
/**
* @throws Exceptions\BadRequestException
*/
protected function getUserByToken(string $token): array
{
$params = $this->getPublicFields('alipay.user.info.share');
$params += ['auth_token' => $token];
$params['sign'] = $this->generateSign($params);
$responseInstance = $this->getHttpClient()->post(
$this->baseUrl,
[
'form_params' => $params,
'headers' => [
'Content-Type' => 'application/x-www-form-urlencoded;charset=utf-8',
],
]
);
$response = $this->fromJsonBody($responseInstance);
if (! empty($response['error_response'] ?? null) || empty($response['alipay_user_info_share_response'] ?? [])) {
throw new Exceptions\BadRequestException((string) $responseInstance->getBody());
}
return $response['alipay_user_info_share_response'];
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user['user_id'] ?? null,
Contracts\ABNF_NAME => $user['nick_name'] ?? null,
Contracts\ABNF_AVATAR => $user[Contracts\ABNF_AVATAR] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
]);
}
/**
* @throws Exceptions\BadRequestException
*/
public function tokenFromCode(string $code): array
{
$responseInstance = $this->getHttpClient()->post(
$this->getTokenUrl(),
[
'form_params' => $this->getTokenFields($code),
'headers' => [
'Content-Type' => 'application/x-www-form-urlencoded;charset=utf-8',
],
]
);
$response = $this->fromJsonBody($responseInstance);
if (! empty($response['error_response'])) {
throw new Exceptions\BadRequestException((string) $responseInstance->getBody());
}
return $this->normalizeAccessTokenResponse($response['alipay_system_oauth_token_response']);
}
/**
* @throws Exceptions\InvalidArgumentException
*/
protected function getCodeFields(): array
{
if (empty($this->redirectUrl)) {
throw new Exceptions\InvalidArgumentException('Please set the correct redirect URL refer which was on the Alipay Official Admin pannel.');
}
$fields = \array_merge(
[
Contracts\ABNF_APP_ID => $this->getConfig()->get(Contracts\RFC6749_ABNF_CLIENT_ID) ?? $this->getConfig()->get(Contracts\ABNF_APP_ID),
Contracts\RFC6749_ABNF_SCOPE => $this->formatScopes($this->scopes, $this->scopeSeparator),
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
],
$this->parameters
);
return $fields;
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
$params = $this->getPublicFields('alipay.system.oauth.token');
$params += [
Contracts\RFC6749_ABNF_CODE => $code,
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
];
$params['sign'] = $this->generateSign($params);
return $params;
}
#[ArrayShape([
Contracts\ABNF_APP_ID => 'string',
'format' => 'string',
'charset' => 'string',
'sign_type' => 'string',
'method' => 'string',
'timestamp' => 'string',
'version' => 'string',
])]
public function getPublicFields(string $method): array
{
return [
Contracts\ABNF_APP_ID => $this->getConfig()->get(Contracts\RFC6749_ABNF_CLIENT_ID) ?? $this->getConfig()->get(Contracts\ABNF_APP_ID),
'format' => $this->format,
'charset' => $this->postCharset,
'sign_type' => $this->signType,
'method' => $method,
'timestamp' => (new \DateTime('now', new \DateTimeZone('Asia/Shanghai')))->format('Y-m-d H:i:s'),
'version' => $this->apiVersion,
];
}
/**
* @see https://opendocs.alipay.com/open/289/105656
*/
protected function generateSign(array $params): string
{
\ksort($params);
return $this->signWithSHA256RSA($this->buildParams($params), $this->getConfig()->get('rsa_private_key'));
}
/**
* @throws Exceptions\InvalidArgumentException
*/
protected function signWithSHA256RSA(string $signContent, string $key): string
{
if (empty($key)) {
throw new Exceptions\InvalidArgumentException('no RSA private key set.');
}
$key = "-----BEGIN RSA PRIVATE KEY-----\n".
\chunk_split($key, 64, "\n").
'-----END RSA PRIVATE KEY-----';
\openssl_sign($signContent, $signValue, $key, \OPENSSL_ALGO_SHA256);
return \base64_encode($signValue);
}
public static function buildParams(array $params, bool $urlencode = false, array $except = ['sign']): string
{
$param_str = '';
foreach ($params as $k => $v) {
if (\in_array($k, $except)) {
continue;
}
$param_str .= $k.'=';
$param_str .= $urlencode ? \rawurlencode($v) : $v;
$param_str .= '&';
}
return \rtrim($param_str, '&');
}
}

72
vendor/overtrue/socialite/src/Providers/Azure.php vendored Normal file
View File

@ -0,0 +1,72 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
class Azure extends Base
{
public const NAME = 'azure';
protected array $scopes = ['User.Read'];
protected string $scopeSeparator = ' ';
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->getBaseUrl().'/oauth2/v2.0/authorize');
}
protected function getBaseUrl(): string
{
return 'https://login.microsoftonline.com/'.$this->config['tenant'];
}
protected function getTokenUrl(): string
{
return $this->getBaseUrl().'/oauth2/v2.0/token';
}
protected function getUserByToken(string $token, ?array $query = []): array
{
$response = $this->getHttpClient()->get(
'https://graph.microsoft.com/v1.0/me',
['headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
]
);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => null,
Contracts\ABNF_NAME => $user['displayName'] ?? null,
Contracts\ABNF_EMAIL => $user['userPrincipalName'] ?? null,
Contracts\ABNF_AVATAR => null,
]);
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
];
}
}

102
vendor/overtrue/socialite/src/Providers/Baidu.php vendored Normal file
View File

@ -0,0 +1,102 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see https://developer.baidu.com/wiki/index.php?title=docs/oauth [OAuth 2.0 授权机制说明]
*/
class Baidu extends Base
{
public const NAME = 'baidu';
protected string $baseUrl = 'https://openapi.baidu.com';
protected string $version = '2.0';
protected array $scopes = ['basic'];
protected string $display = 'popup';
public function withDisplay(string $display): self
{
$this->display = $display;
return $this;
}
public function withScopes(array $scopes): self
{
$this->scopes = $scopes;
return $this;
}
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->baseUrl.'/oauth/'.$this->version.'/authorize');
}
protected function getCodeFields(): array
{
return [
Contracts\RFC6749_ABNF_RESPONSE_TYPE => Contracts\RFC6749_ABNF_CODE,
Contracts\RFC6749_ABNF_CLIENT_ID => $this->getClientId(),
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_SCOPE => $this->formatScopes($this->scopes, $this->scopeSeparator),
'display' => $this->display,
] + $this->parameters;
}
protected function getTokenUrl(): string
{
return $this->baseUrl.'/oauth/'.$this->version.'/token';
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
];
}
protected function getUserByToken(string $token): array
{
$response = $this->getHttpClient()->get(
$this->baseUrl.'/rest/'.$this->version.'/passport/users/getInfo',
[
'query' => [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
],
'headers' => [
'Accept' => 'application/json',
],
]
);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user['userid'] ?? null,
Contracts\ABNF_NICKNAME => $user['realname'] ?? null,
Contracts\ABNF_NAME => $user['username'] ?? null,
Contracts\ABNF_EMAIL => '',
Contracts\ABNF_AVATAR => $user['portrait'] ? 'http://tb.himg.baidu.com/sys/portraitn/item/'.$user['portrait'] : null,
]);
}
}

284
vendor/overtrue/socialite/src/Providers/Base.php vendored Normal file
View File

@ -0,0 +1,284 @@
<?php
namespace Overtrue\Socialite\Providers;
use GuzzleHttp\Client as GuzzleClient;
use GuzzleHttp\Utils;
use JetBrains\PhpStorm\ArrayShape;
use Overtrue\Socialite\Config;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Psr\Http\Message\MessageInterface;
use Psr\Http\Message\StreamInterface;
abstract class Base implements Contracts\ProviderInterface
{
public const NAME = null;
protected ?string $state = null;
protected Config $config;
protected ?string $redirectUrl;
protected array $parameters = [];
protected array $scopes = [];
protected string $scopeSeparator = ',';
protected GuzzleClient $httpClient;
protected array $guzzleOptions = [];
protected int $encodingType = PHP_QUERY_RFC1738;
protected string $expiresInKey = Contracts\RFC6749_ABNF_EXPIRES_IN;
protected string $accessTokenKey = Contracts\RFC6749_ABNF_ACCESS_TOKEN;
protected string $refreshTokenKey = Contracts\RFC6749_ABNF_REFRESH_TOKEN;
public function __construct(array $config)
{
$this->config = new Config($config);
// set scopes
if ($this->config->has('scopes') && is_array($this->config->get('scopes'))) {
$this->scopes = $this->getConfig()->get('scopes');
} elseif ($this->config->has(Contracts\RFC6749_ABNF_SCOPE) && is_string($this->getConfig()->get(Contracts\RFC6749_ABNF_SCOPE))) {
$this->scopes = [$this->getConfig()->get(Contracts\RFC6749_ABNF_SCOPE)];
}
// normalize Contracts\RFC6749_ABNF_CLIENT_ID
if (! $this->config->has(Contracts\RFC6749_ABNF_CLIENT_ID)) {
$id = $this->config->get(Contracts\ABNF_APP_ID);
if (null != $id) {
$this->config->set(Contracts\RFC6749_ABNF_CLIENT_ID, $id);
}
}
// normalize Contracts\RFC6749_ABNF_CLIENT_SECRET
if (! $this->config->has(Contracts\RFC6749_ABNF_CLIENT_SECRET)) {
$secret = $this->config->get(Contracts\ABNF_APP_SECRET);
if (null != $secret) {
$this->config->set(Contracts\RFC6749_ABNF_CLIENT_SECRET, $secret);
}
}
// normalize 'redirect_url'
if (! $this->config->has('redirect_url')) {
$this->config->set('redirect_url', $this->config->get('redirect'));
}
$this->redirectUrl = $this->config->get('redirect_url');
}
abstract protected function getAuthUrl(): string;
abstract protected function getTokenUrl(): string;
abstract protected function getUserByToken(string $token): array;
abstract protected function mapUserToObject(array $user): Contracts\UserInterface;
public function redirect(?string $redirectUrl = null): string
{
if (! empty($redirectUrl)) {
$this->withRedirectUrl($redirectUrl);
}
return $this->getAuthUrl();
}
public function userFromCode(string $code): Contracts\UserInterface
{
$tokenResponse = $this->tokenFromCode($code);
$user = $this->userFromToken($tokenResponse[$this->accessTokenKey]);
return $user->setRefreshToken($tokenResponse[$this->refreshTokenKey] ?? null)
->setExpiresIn($tokenResponse[$this->expiresInKey] ?? null)
->setTokenResponse($tokenResponse);
}
public function userFromToken(string $token): Contracts\UserInterface
{
$user = $this->getUserByToken($token);
return $this->mapUserToObject($user)->setProvider($this)->setRaw($user)->setAccessToken($token);
}
public function tokenFromCode(string $code): array
{
$response = $this->getHttpClient()->post(
$this->getTokenUrl(),
[
'form_params' => $this->getTokenFields($code),
'headers' => [
'Accept' => 'application/json',
],
]
);
return $this->normalizeAccessTokenResponse((string) $response->getBody());
}
/**
* @throws Exceptions\MethodDoesNotSupportException
*/
public function refreshToken(string $refreshToken): mixed
{
throw new Exceptions\MethodDoesNotSupportException('refreshToken does not support.');
}
public function withRedirectUrl(string $redirectUrl): Contracts\ProviderInterface
{
$this->redirectUrl = $redirectUrl;
return $this;
}
public function withState(string $state): Contracts\ProviderInterface
{
$this->state = $state;
return $this;
}
public function scopes(array $scopes): Contracts\ProviderInterface
{
$this->scopes = $scopes;
return $this;
}
public function with(array $parameters): Contracts\ProviderInterface
{
$this->parameters = $parameters;
return $this;
}
public function getConfig(): Config
{
return $this->config;
}
public function withScopeSeparator(string $scopeSeparator): Contracts\ProviderInterface
{
$this->scopeSeparator = $scopeSeparator;
return $this;
}
public function getClientId(): ?string
{
return $this->config->get(Contracts\RFC6749_ABNF_CLIENT_ID);
}
public function getClientSecret(): ?string
{
return $this->config->get(Contracts\RFC6749_ABNF_CLIENT_SECRET);
}
public function getHttpClient(): GuzzleClient
{
return $this->httpClient ?? new GuzzleClient($this->guzzleOptions);
}
public function setGuzzleOptions(array $config): Contracts\ProviderInterface
{
$this->guzzleOptions = $config;
return $this;
}
public function getGuzzleOptions(): array
{
return $this->guzzleOptions;
}
protected function formatScopes(array $scopes, string $scopeSeparator): string
{
return \implode($scopeSeparator, $scopes);
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
])]
protected function getTokenFields(string $code): array
{
return [
Contracts\RFC6749_ABNF_CLIENT_ID => $this->getClientId(),
Contracts\RFC6749_ABNF_CLIENT_SECRET => $this->getClientSecret(),
Contracts\RFC6749_ABNF_CODE => $code,
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
];
}
protected function buildAuthUrlFromBase(string $url): string
{
$query = $this->getCodeFields() + ($this->state ? [Contracts\RFC6749_ABNF_STATE => $this->state] : []);
return $url.'?'.\http_build_query($query, '', '&', $this->encodingType);
}
protected function getCodeFields(): array
{
$fields = \array_merge(
[
Contracts\RFC6749_ABNF_CLIENT_ID => $this->getClientId(),
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_SCOPE => $this->formatScopes($this->scopes, $this->scopeSeparator),
Contracts\RFC6749_ABNF_RESPONSE_TYPE => Contracts\RFC6749_ABNF_CODE,
],
$this->parameters
);
if ($this->state) {
$fields[Contracts\RFC6749_ABNF_STATE] = $this->state;
}
return $fields;
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
protected function normalizeAccessTokenResponse(mixed $response): array
{
if ($response instanceof StreamInterface) {
$response->tell() && $response->rewind();
$response = (string) $response;
}
if (\is_string($response)) {
$response = Utils::jsonDecode($response, true);
}
if (! \is_array($response)) {
throw new Exceptions\AuthorizeFailedException('Invalid token response', [$response]);
}
if (empty($response[$this->accessTokenKey])) {
throw new Exceptions\AuthorizeFailedException('Authorize Failed: '.Utils::jsonEncode($response, \JSON_UNESCAPED_UNICODE), $response);
}
return $response + [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $response[$this->accessTokenKey],
Contracts\RFC6749_ABNF_REFRESH_TOKEN => $response[$this->refreshTokenKey] ?? null,
Contracts\RFC6749_ABNF_EXPIRES_IN => \intval($response[$this->expiresInKey] ?? 0),
];
}
protected function fromJsonBody(MessageInterface $response): array
{
$result = Utils::jsonDecode((string) $response->getBody(), true);
\is_array($result) || throw new Exceptions\InvalidArgumentException('Decoded the given response payload failed.');
return $result;
}
}

103
vendor/overtrue/socialite/src/Providers/Coding.php vendored Normal file
View File

@ -0,0 +1,103 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\Exceptions\InvalidArgumentException;
use Overtrue\Socialite\User;
class Coding extends Base
{
public const NAME = 'coding';
// example: https://{your-team}.coding.net
protected string $teamUrl;
protected array $scopes = ['user', 'user:email'];
protected string $scopeSeparator = ',';
public function __construct(array $config)
{
parent::__construct($config);
// https://{your-team}.coding.net
$teamUrl = $this->config->get('team_url');
if (! $teamUrl) {
throw new InvalidArgumentException('Missing required config [team_url]');
}
// validate team_url
if (filter_var($teamUrl, FILTER_VALIDATE_URL) === false) {
throw new InvalidArgumentException('Invalid team_url');
}
$this->teamUrl = rtrim($teamUrl, '/');
}
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase("$this->teamUrl/oauth_authorize.html");
}
protected function getTokenUrl(): string
{
return "$this->teamUrl/api/oauth/access_token";
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'null|string',
])]
protected function getTokenFields(string $code): array
{
return [
Contracts\RFC6749_ABNF_CLIENT_ID => $this->getClientId(),
Contracts\RFC6749_ABNF_CLIENT_SECRET => $this->getClientSecret(),
Contracts\RFC6749_ABNF_CODE => $code,
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
];
}
/**
* @throws \GuzzleHttp\Exception\GuzzleException
* @throws \Overtrue\Socialite\Exceptions\BadRequestException
*/
protected function getUserByToken(string $token): array
{
$responseInstance = $this->getHttpClient()->get(
"$this->teamUrl/api/me",
[
'query' => [
'access_token' => $token,
],
]
);
$response = $this->fromJsonBody($responseInstance);
if (empty($response[Contracts\ABNF_ID])) {
throw new Exceptions\BadRequestException((string) $responseInstance->getBody());
}
return $response;
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_AVATAR => $user[Contracts\ABNF_AVATAR] ?? null,
]);
}
}

123
vendor/overtrue/socialite/src/Providers/DingTalk.php vendored Normal file
View File

@ -0,0 +1,123 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\User;
/**
* “第三方个人应用”获取用户信息
*
* @see https://ding-doc.dingtalk.com/doc#/serverapi3/mrugr3
*
* 暂不支持“第三方企业应用”获取用户信息
* @see https://ding-doc.dingtalk.com/doc#/serverapi3/hv357q
*/
class DingTalk extends Base
{
public const NAME = 'dingtalk';
protected string $getUserByCode = 'https://oapi.dingtalk.com/sns/getuserinfo_bycode';
protected array $scopes = ['snsapi_login'];
protected string $scopeSeparator = ' ';
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://oapi.dingtalk.com/connect/qrconnect');
}
/**
* @throws Exceptions\InvalidArgumentException
*/
protected function getTokenUrl(): string
{
throw new Exceptions\InvalidArgumentException('not supported to get access token.');
}
/**
* @throws Exceptions\InvalidArgumentException
*/
protected function getUserByToken(string $token): array
{
throw new Exceptions\InvalidArgumentException('Unable to use token get User.');
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_NAME => $user['nick'] ?? null,
Contracts\ABNF_NICKNAME => $user['nick'] ?? null,
Contracts\ABNF_ID => $user[Contracts\ABNF_OPEN_ID] ?? null,
Contracts\ABNF_EMAIL => null,
Contracts\ABNF_AVATAR => null,
]);
}
protected function getCodeFields(): array
{
return array_merge(
[
'appid' => $this->getClientId(),
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
Contracts\RFC6749_ABNF_CODE => $this->formatScopes($this->scopes, $this->scopeSeparator),
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
],
$this->parameters
);
}
public function getClientId(): ?string
{
return $this->getConfig()->get(Contracts\ABNF_APP_ID)
?? $this->getConfig()->get('appid')
?? $this->getConfig()->get('appId')
?? $this->getConfig()->get(Contracts\RFC6749_ABNF_CLIENT_ID);
}
public function getClientSecret(): ?string
{
return $this->getConfig()->get(Contracts\ABNF_APP_SECRET)
?? $this->getConfig()->get('appSecret')
?? $this->getConfig()->get(Contracts\RFC6749_ABNF_CLIENT_SECRET);
}
protected function createSignature(int $time): string
{
return \base64_encode(\hash_hmac('sha256', (string) $time, (string) $this->getClientSecret(), true));
}
/**
* @see https://ding-doc.dingtalk.com/doc#/personnal/tmudue
*
* @throws Exceptions\BadRequestException
*/
public function userFromCode(string $code): Contracts\UserInterface
{
$time = (int) \microtime(true) * 1000;
$responseInstance = $this->getHttpClient()->post($this->getUserByCode, [
'query' => [
'accessKey' => $this->getClientId(),
'timestamp' => $time,
'signature' => $this->createSignature($time),
],
'json' => ['tmp_auth_code' => $code],
]);
$response = $this->fromJsonBody($responseInstance);
if (0 != ($response['errcode'] ?? 1)) {
throw new Exceptions\BadRequestException((string) $responseInstance->getBody());
}
return new User([
Contracts\ABNF_NAME => $response['user_info']['nick'],
Contracts\ABNF_NICKNAME => $response['user_info']['nick'],
Contracts\ABNF_ID => $response['user_info'][Contracts\ABNF_OPEN_ID],
]);
}
}

134
vendor/overtrue/socialite/src/Providers/DouYin.php vendored Normal file
View File

@ -0,0 +1,134 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\User;
/**
* @see http://open.douyin.com/platform
* @see https://open.douyin.com/platform/doc/OpenAPI-overview
*/
class DouYin extends Base
{
public const NAME = 'douyin';
protected string $baseUrl = 'https://open.douyin.com';
protected array $scopes = ['user_info'];
protected ?string $openId;
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->baseUrl.'/platform/oauth/connect/');
}
#[ArrayShape([
'client_key' => 'null|string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_SCOPE => 'string',
Contracts\RFC6749_ABNF_RESPONSE_TYPE => 'string',
])]
public function getCodeFields(): array
{
return [
'client_key' => $this->getClientId(),
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_SCOPE => $this->formatScopes($this->scopes, $this->scopeSeparator),
Contracts\RFC6749_ABNF_RESPONSE_TYPE => Contracts\RFC6749_ABNF_CODE,
];
}
protected function getTokenUrl(): string
{
return $this->baseUrl.'/oauth/access_token/';
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
public function tokenFromCode(string $code): array
{
$response = $this->getHttpClient()->get(
$this->getTokenUrl(),
[
'query' => $this->getTokenFields($code),
]
);
$body = $this->fromJsonBody($response);
if (empty($body['data'] ?? null) || ($body['data']['error_code'] ?? -1) != 0) {
throw new Exceptions\AuthorizeFailedException('Invalid token response', $body);
}
$this->withOpenId($body['data'][Contracts\ABNF_OPEN_ID]);
return $this->normalizeAccessTokenResponse($body['data']);
}
#[ArrayShape([
'client_key' => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return [
'client_key' => $this->getClientId(),
Contracts\RFC6749_ABNF_CLIENT_SECRET => $this->getClientSecret(),
Contracts\RFC6749_ABNF_CODE => $code,
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
];
}
/**
* @throws Exceptions\InvalidArgumentException
*/
protected function getUserByToken(string $token): array
{
$userUrl = $this->baseUrl.'/oauth/userinfo/';
if (empty($this->openId)) {
throw new Exceptions\InvalidArgumentException('please set the `open_id` before issue the API request.');
}
$response = $this->getHttpClient()->get(
$userUrl,
[
'query' => [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
Contracts\ABNF_OPEN_ID => $this->openId,
],
]
);
$body = $this->fromJsonBody($response);
return $body['data'] ?? [];
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_OPEN_ID] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NICKNAME] ?? null,
Contracts\ABNF_NICKNAME => $user[Contracts\ABNF_NICKNAME] ?? null,
Contracts\ABNF_AVATAR => $user[Contracts\ABNF_AVATAR] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
]);
}
public function withOpenId(string $openId): self
{
$this->openId = $openId;
return $this;
}
}

74
vendor/overtrue/socialite/src/Providers/Douban.php vendored Normal file
View File

@ -0,0 +1,74 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see http://developers.douban.com/wiki/?title=oauth2 [使用 OAuth 2.0 访问豆瓣 API]
*/
class Douban extends Base
{
public const NAME = 'douban';
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://www.douban.com/service/auth2/auth');
}
protected function getTokenUrl(): string
{
return 'https://www.douban.com/service/auth2/token';
}
/**
* @param string $token
* @param ?array $query
*/
protected function getUserByToken(string $token, ?array $query = []): array
{
$response = $this->getHttpClient()->get('https://api.douban.com/v2/user/~me', [
'headers' => [
'Authorization' => 'Bearer '.$token,
],
]);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_AVATAR => $user[Contracts\ABNF_AVATAR] ?? null,
Contracts\ABNF_EMAIL => null,
]);
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE];
}
public function tokenFromCode(string $code): array
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
'form_params' => $this->getTokenFields($code),
]);
return $this->normalizeAccessTokenResponse($response->getBody());
}
}

106
vendor/overtrue/socialite/src/Providers/Facebook.php vendored Normal file
View File

@ -0,0 +1,106 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see https://developers.facebook.com/docs/graph-api [Facebook - Graph API]
*/
class Facebook extends Base
{
public const NAME = 'facebook';
protected string $graphUrl = 'https://graph.facebook.com';
protected string $version = 'v3.3';
protected array $fields = ['first_name', 'last_name', 'email', 'gender', 'verified'];
protected array $scopes = ['email'];
protected bool $popup = false;
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://www.facebook.com/'.$this->version.'/dialog/oauth');
}
protected function getTokenUrl(): string
{
return $this->graphUrl.'/oauth/access_token';
}
public function tokenFromCode(string $code): array
{
$response = $this->getHttpClient()->get($this->getTokenUrl(), [
'query' => $this->getTokenFields($code),
]);
return $this->normalizeAccessTokenResponse($response->getBody());
}
protected function getUserByToken(string $token, ?array $query = []): array
{
$appSecretProof = \hash_hmac('sha256', $token, $this->getConfig()->get(Contracts\RFC6749_ABNF_CLIENT_SECRET));
$response = $this->getHttpClient()->get($this->graphUrl.'/'.$this->version.'/me', [
'query' => [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
'appsecret_proof' => $appSecretProof,
'fields' => $this->formatScopes($this->fields, $this->scopeSeparator),
],
'headers' => [
'Accept' => 'application/json',
],
]);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
$userId = $user[Contracts\ABNF_ID] ?? null;
$avatarUrl = $this->graphUrl.'/'.$this->version.'/'.$userId.'/picture';
$firstName = $user['first_name'] ?? null;
$lastName = $user['last_name'] ?? null;
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => null,
Contracts\ABNF_NAME => $firstName.' '.$lastName,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_AVATAR => $userId ? $avatarUrl.'?type=normal' : null,
'avatar_original' => $userId ? $avatarUrl.'?width=1920' : null,
]);
}
protected function getCodeFields(): array
{
$fields = parent::getCodeFields();
if ($this->popup) {
$fields['display'] = 'popup';
}
return $fields;
}
public function fields(array $fields): self
{
$this->fields = $fields;
return $this;
}
public function asPopup(): self
{
$this->popup = true;
return $this;
}
}

255
vendor/overtrue/socialite/src/Providers/FeiShu.php vendored Normal file
View File

@ -0,0 +1,255 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\User;
/**
* @see https://open.feishu.cn/document/uQjL04CN/ucDOz4yN4MjL3gzM
*/
class FeiShu extends Base
{
public const NAME = 'feishu';
private const APP_TICKET = 'app_ticket';
protected string $baseUrl = 'https://open.feishu.cn/open-apis';
protected string $expiresInKey = 'refresh_expires_in';
protected bool $isInternalApp = false;
public function __construct(array $config)
{
parent::__construct($config);
$this->isInternalApp = ($this->config->get('app_mode') ?? $this->config->get('mode')) == 'internal';
}
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->baseUrl.'/authen/v1/index');
}
#[ArrayShape([Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string', Contracts\ABNF_APP_ID => 'null|string'])]
protected function getCodeFields(): array
{
return [
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\ABNF_APP_ID => $this->getClientId(),
];
}
protected function getTokenUrl(): string
{
return $this->baseUrl.'/authen/v1/access_token';
}
public function tokenFromCode(string $code): array
{
return $this->normalizeAccessTokenResponse($this->getTokenFromCode($code));
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
protected function getTokenFromCode(string $code): array
{
$this->configAppAccessToken();
$responseInstance = $this->getHttpClient()->post($this->getTokenUrl(), [
'json' => [
'app_access_token' => $this->config->get('app_access_token'),
Contracts\RFC6749_ABNF_CODE => $code,
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
],
]);
$response = $this->fromJsonBody($responseInstance);
if (empty($response['data'] ?? null)) {
throw new Exceptions\AuthorizeFailedException('Invalid token response', $response);
}
return $this->normalizeAccessTokenResponse($response['data']);
}
protected function getRefreshTokenUrl(): string
{
return $this->baseUrl.'/authen/v1/refresh_access_token';
}
/**
* @see https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/reference/authen-v1/authen/refresh_access_token
*/
public function refreshToken(string $refreshToken): array
{
$this->configAppAccessToken();
$responseInstance = $this->getHttpClient()->post($this->getRefreshTokenUrl(), [
'json' => [
'app_access_token' => $this->config->get('app_access_token'),
Contracts\RFC6749_ABNF_REFRESH_TOKEN => $refreshToken,
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_REFRESH_TOKEN,
],
]);
$response = $this->fromJsonBody($responseInstance);
if (empty($response['data'] ?? null)) {
throw new Exceptions\AuthorizeFailedException('Invalid token response', $response);
}
return $this->normalizeAccessTokenResponse($response['data']);
}
/**
* @throws Exceptions\BadRequestException
*/
protected function getUserByToken(string $token): array
{
$responseInstance = $this->getHttpClient()->get($this->baseUrl.'/authen/v1/user_info', [
'headers' => [
'Content-Type' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
'query' => \array_filter(
[
'user_access_token' => $token,
]
),
]);
$response = $this->fromJsonBody($responseInstance);
if (empty($response['data'] ?? null)) {
throw new Exceptions\BadRequestException((string) $responseInstance->getBody());
}
return $response['data'];
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user['user_id'] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_NICKNAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_AVATAR => $user['avatar_url'] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
]);
}
public function withInternalAppMode(): self
{
$this->isInternalApp = true;
return $this;
}
public function withDefaultMode(): self
{
$this->isInternalApp = false;
return $this;
}
/**
* set self::APP_TICKET in config attribute
*/
public function withAppTicket(string $appTicket): self
{
$this->config->set(self::APP_TICKET, $appTicket);
return $this;
}
/**
* 设置 app_access_token config 设置中
* 应用维度授权凭证,开放平台可据此识别调用方的应用身份
* 分内建和自建
*
* @throws Exceptions\FeiShu\InvalidTicketException
* @throws Exceptions\InvalidTokenException
*/
protected function configAppAccessToken(): self
{
$url = $this->baseUrl.'/auth/v3/app_access_token/';
$params = [
'json' => [
Contracts\ABNF_APP_ID => $this->config->get(Contracts\RFC6749_ABNF_CLIENT_ID),
Contracts\ABNF_APP_SECRET => $this->config->get(Contracts\RFC6749_ABNF_CLIENT_SECRET),
self::APP_TICKET => $this->config->get(self::APP_TICKET),
],
];
if ($this->isInternalApp) {
$url = $this->baseUrl.'/auth/v3/app_access_token/internal/';
$params = [
'json' => [
Contracts\ABNF_APP_ID => $this->config->get(Contracts\RFC6749_ABNF_CLIENT_ID),
Contracts\ABNF_APP_SECRET => $this->config->get(Contracts\RFC6749_ABNF_CLIENT_SECRET),
],
];
}
if (! $this->isInternalApp && ! $this->config->has(self::APP_TICKET)) {
throw new Exceptions\FeiShu\InvalidTicketException('You are using default mode, please config \'app_ticket\' first');
}
$responseInstance = $this->getHttpClient()->post($url, $params);
$response = $this->fromJsonBody($responseInstance);
if (empty($response['app_access_token'] ?? null)) {
throw new Exceptions\InvalidTokenException('Invalid \'app_access_token\' response', (string) $responseInstance->getBody());
}
$this->config->set('app_access_token', $response['app_access_token']);
return $this;
}
/**
* 设置 tenant_access_token config 属性中
* 应用的企业授权凭证,开放平台据此识别调用方的应用身份和企业身份
* 分内建和自建
*
* @throws Exceptions\BadRequestException
* @throws Exceptions\AuthorizeFailedException
*/
protected function configTenantAccessToken(): self
{
$url = $this->baseUrl.'/auth/v3/tenant_access_token/';
$params = [
'json' => [
Contracts\ABNF_APP_ID => $this->config->get(Contracts\RFC6749_ABNF_CLIENT_ID),
Contracts\ABNF_APP_SECRET => $this->config->get(Contracts\RFC6749_ABNF_CLIENT_SECRET),
self::APP_TICKET => $this->config->get(self::APP_TICKET),
],
];
if ($this->isInternalApp) {
$url = $this->baseUrl.'/auth/v3/tenant_access_token/internal/';
$params = [
'json' => [
Contracts\ABNF_APP_ID => $this->config->get(Contracts\RFC6749_ABNF_CLIENT_ID),
Contracts\ABNF_APP_SECRET => $this->config->get(Contracts\RFC6749_ABNF_CLIENT_SECRET),
],
];
}
if (! $this->isInternalApp && ! $this->config->has(self::APP_TICKET)) {
throw new Exceptions\BadRequestException('You are using default mode, please config \'app_ticket\' first');
}
$response = $this->getHttpClient()->post($url, $params);
$response = $this->fromJsonBody($response);
if (empty($response['tenant_access_token'])) {
throw new Exceptions\AuthorizeFailedException('Invalid tenant_access_token response', $response);
}
$this->config->set('tenant_access_token', $response['tenant_access_token']);
return $this;
}
}

81
vendor/overtrue/socialite/src/Providers/Figma.php vendored Normal file
View File

@ -0,0 +1,81 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see https://www.figma.com/developers/api#oauth2
*/
class Figma extends Base
{
public const NAME = 'figma';
protected string $scopeSeparator = '';
protected array $scopes = ['file_read'];
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://www.figma.com/oauth');
}
protected function getTokenUrl(): string
{
return 'https://www.figma.com/api/oauth/token';
}
public function tokenFromCode(string $code): array
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
'form_params' => $this->getTokenFields($code),
]);
return $this->normalizeAccessTokenResponse($response->getBody());
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE];
}
protected function getCodeFields(): array
{
return parent::getCodeFields() + [Contracts\RFC6749_ABNF_STATE => \md5(\uniqid('state_', true))];
}
protected function getUserByToken(string $token, ?array $query = []): array
{
$response = $this->getHttpClient()->get('https://api.figma.com/v1/me', [
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
]);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
'username' => $user[Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_NICKNAME => $user['handle'] ?? null,
Contracts\ABNF_NAME => $user['handle'] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_AVATAR => $user['img_url'] ?? null,
]);
}
}

90
vendor/overtrue/socialite/src/Providers/GitHub.php vendored Normal file
View File

@ -0,0 +1,90 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
class GitHub extends Base
{
public const NAME = 'github';
protected array $scopes = ['read:user'];
protected string $scopeSeparator = ' ';
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://github.com/login/oauth/authorize');
}
protected function getTokenUrl(): string
{
return 'https://github.com/login/oauth/access_token';
}
protected function getUserByToken(string $token): array
{
$userUrl = 'https://api.github.com/user';
$response = $this->getHttpClient()->get(
$userUrl,
$this->createAuthorizationHeaders($token)
);
$user = $this->fromJsonBody($response);
if (\in_array('user:email', $this->scopes)) {
$user[Contracts\ABNF_EMAIL] = $this->getEmailByToken($token);
}
return $user;
}
protected function getEmailByToken(string $token): string
{
$emailsUrl = 'https://api.github.com/user/emails';
try {
$response = $this->getHttpClient()->get(
$emailsUrl,
$this->createAuthorizationHeaders($token)
);
} catch (\Throwable $e) {
return '';
}
foreach ($this->fromJsonBody($response) as $email) {
if ($email['primary'] && $email['verified']) {
return $email[Contracts\ABNF_EMAIL];
}
}
return '';
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => $user['login'] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_AVATAR => $user['avatar_url'] ?? null,
]);
}
#[ArrayShape(['headers' => 'array'])]
protected function createAuthorizationHeaders(string $token): array
{
return [
'headers' => [
'Accept' => 'application/vnd.github.v3+json',
'Authorization' => \sprintf('token %s', $token),
],
];
}
}

67
vendor/overtrue/socialite/src/Providers/Gitee.php vendored Normal file
View File

@ -0,0 +1,67 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
class Gitee extends Base
{
public const NAME = 'gitee';
protected array $scopes = ['user_info'];
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://gitee.com/oauth/authorize');
}
protected function getTokenUrl(): string
{
return 'https://gitee.com/oauth/token';
}
protected function getUserByToken(string $token): array
{
$userUrl = 'https://gitee.com/api/v5/user';
$response = $this->getHttpClient()->get($userUrl, [
'query' => [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
],
]);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => $user['login'] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_AVATAR => $user['avatar_url'] ?? null,
]);
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return [
Contracts\RFC6749_ABNF_CLIENT_ID => $this->getClientId(),
Contracts\RFC6749_ABNF_CLIENT_SECRET => $this->getClientSecret(),
Contracts\RFC6749_ABNF_CODE => $code,
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
];
}
}

79
vendor/overtrue/socialite/src/Providers/Google.php vendored Normal file
View File

@ -0,0 +1,79 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see https://developers.google.com/identity/protocols/OpenIDConnect [OpenID Connect]
*/
class Google extends Base
{
public const NAME = 'google';
protected string $scopeSeparator = ' ';
protected array $scopes = [
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile',
];
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://accounts.google.com/o/oauth2/v2/auth');
}
protected function getTokenUrl(): string
{
return 'https://www.googleapis.com/oauth2/v4/token';
}
public function tokenFromCode(string $code): array
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
'form_params' => $this->getTokenFields($code),
]);
return $this->normalizeAccessTokenResponse($response->getBody());
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE];
}
protected function getUserByToken(string $token, ?array $query = []): array
{
$response = $this->getHttpClient()->get('https://www.googleapis.com/userinfo/v2/me', [
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
]);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
'username' => $user[Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_NICKNAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_AVATAR => $user['picture'] ?? null,
]);
}
}

13
vendor/overtrue/socialite/src/Providers/Lark.php vendored Normal file
View File

@ -0,0 +1,13 @@
<?php
namespace Overtrue\Socialite\Providers;
/**
* @see https://open.larksuite.com/document/ukTMukTMukTM/uITNz4iM1MjLyUzM
*/
class Lark extends FeiShu
{
public const NAME = 'lark';
protected string $baseUrl = 'https://open.larksuite.com/open-apis';
}

73
vendor/overtrue/socialite/src/Providers/Line.php vendored Normal file
View File

@ -0,0 +1,73 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see https://developers.line.biz/en/docs/line-login/integrate-line-login/ [Integrating LINE Login with your web app]
*/
class Line extends Base
{
public const NAME = 'line';
protected string $baseUrl = 'https://api.line.me/oauth2/';
protected string $version = 'v2.1';
protected array $scopes = ['profile'];
protected function getAuthUrl(): string
{
$this->state = $this->state ?: \md5(\uniqid(Contracts\RFC6749_ABNF_STATE, true));
return $this->buildAuthUrlFromBase('https://access.line.me/oauth2/'.$this->version.'/authorize');
}
protected function getTokenUrl(): string
{
return $this->baseUrl.$this->version.'/token';
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE];
}
protected function getUserByToken(string $token): array
{
$response = $this->getHttpClient()->get(
'https://api.line.me/v2/profile',
[
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
]
);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user['userId'] ?? null,
Contracts\ABNF_NAME => $user['displayName'] ?? null,
Contracts\ABNF_NICKNAME => $user['displayName'] ?? null,
Contracts\ABNF_AVATAR => $user['pictureUrl'] ?? null,
Contracts\ABNF_EMAIL => null,
]);
}
}

98
vendor/overtrue/socialite/src/Providers/Linkedin.php vendored Normal file
View File

@ -0,0 +1,98 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see https://developer.linkedin.com/docs/oauth2 [Authenticating with OAuth 2.0]
*/
class Linkedin extends Base
{
public const NAME = 'linkedin';
protected array $scopes = ['r_liteprofile', 'r_emailaddress'];
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://www.linkedin.com/oauth/v2/authorization');
}
protected function getTokenUrl(): string
{
return 'https://www.linkedin.com/oauth/v2/accessToken';
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE];
}
protected function getUserByToken(string $token, ?array $query = []): array
{
$basicProfile = $this->getBasicProfile($token);
$emailAddress = $this->getEmailAddress($token);
return \array_merge($basicProfile, $emailAddress);
}
protected function getBasicProfile(string $token): array
{
$url = 'https://api.linkedin.com/v2/me?projection=(id,firstName,lastName,profilePicture(displayImage~:playableStreams))';
$response = $this->getHttpClient()->get($url, [
'headers' => [
'Authorization' => 'Bearer '.$token,
'X-RestLi-Protocol-Version' => '2.0.0',
],
]);
return $this->fromJsonBody($response);
}
protected function getEmailAddress(string $token): array
{
$url = 'https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))';
$response = $this->getHttpClient()->get($url, [
'headers' => [
'Authorization' => 'Bearer '.$token,
'X-RestLi-Protocol-Version' => '2.0.0',
],
]);
return $this->fromJsonBody($response)['elements.0.handle~'] ?? [];
}
protected function mapUserToObject(array $user): Contracts\UserInterface
{
$preferredLocale = ($user['firstName.preferredLocale.language'] ?? null).'_'.($user['firstName.preferredLocale.country'] ?? null);
$firstName = $user['firstName.localized.'.$preferredLocale] ?? null;
$lastName = $user['lastName.localized.'.$preferredLocale] ?? null;
$name = $firstName.' '.$lastName;
$images = $user['profilePicture.displayImage~.elements'] ?? [];
$avatars = \array_filter($images, static fn ($image) => ($image['data']['com.linkedin.digitalmedia.mediaartifact.StillImage']['storageSize']['width'] ?? 0) === 100);
$avatar = \array_shift($avatars);
$originalAvatars = \array_filter($images, static fn ($image) => ($image['data']['com.linkedin.digitalmedia.mediaartifact.StillImage']['storageSize']['width'] ?? 0) === 800);
$originalAvatar = \array_shift($originalAvatars);
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => $name,
Contracts\ABNF_NAME => $name,
Contracts\ABNF_EMAIL => $user['emailAddress'] ?? null,
Contracts\ABNF_AVATAR => $avatar['identifiers.0.identifier'] ?? null,
'avatar_original' => $originalAvatar['identifiers.0.identifier'] ?? null,
]);
}
}

253
vendor/overtrue/socialite/src/Providers/OpenWeWork.php vendored Normal file
View File

@ -0,0 +1,253 @@
<?php
namespace Overtrue\Socialite\Providers;
use GuzzleHttp\Exception\GuzzleException;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\Exceptions\AuthorizeFailedException;
use Overtrue\Socialite\User;
/**
* @link https://open.work.weixin.qq.com/api/doc/90001/90143/91120
*/
class OpenWeWork extends Base
{
public const NAME = 'open-wework';
protected bool $detailed = false;
protected bool $asQrcode = false;
protected string $userType = 'member';
protected string $lang = 'zh';
protected ?string $suiteTicket = null;
protected ?int $agentId = null;
protected ?string $suiteAccessToken = null;
protected string $baseUrl = 'https://qyapi.weixin.qq.com';
public function __construct(array $config)
{
parent::__construct($config);
if ($this->getConfig()->has('base_url')) {
$this->baseUrl = $this->getConfig()->get('base_url');
}
}
public function withAgentId(int $agentId): self
{
$this->agentId = $agentId;
return $this;
}
public function detailed(): self
{
$this->detailed = true;
return $this;
}
public function asQrcode(): self
{
$this->asQrcode = true;
return $this;
}
public function withUserType(string $userType): self
{
$this->userType = $userType;
return $this;
}
public function withLang(string $lang): self
{
$this->lang = $lang;
return $this;
}
/**
* @throws GuzzleException
* @throws AuthorizeFailedException
*/
public function userFromCode(string $code): Contracts\UserInterface
{
$user = $this->getUser($this->getSuiteAccessToken(), $code);
if ($this->detailed) {
$user = \array_merge($user, $this->getUserByTicket($user['user_ticket']));
}
return $this->mapUserToObject($user)->setProvider($this)->setRaw($user);
}
public function withSuiteTicket(string $suiteTicket): self
{
$this->suiteTicket = $suiteTicket;
return $this;
}
public function withSuiteAccessToken(string $suiteAccessToken): self
{
$this->suiteAccessToken = $suiteAccessToken;
return $this;
}
/**
* @throws Exceptions\InvalidArgumentException
*/
public function getAuthUrl(): string
{
$queries = \array_filter([
'appid' => $this->getClientId(),
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_RESPONSE_TYPE => Contracts\RFC6749_ABNF_CODE,
Contracts\RFC6749_ABNF_SCOPE => $this->formatScopes($this->scopes, $this->scopeSeparator),
Contracts\RFC6749_ABNF_STATE => $this->state,
'agentid' => $this->agentId,
]);
if ($this->asQrcode) {
$queries = array_filter([
'appid' => $queries['appid'] ?? $this->getClientId(),
'redirect_uri' => $queries['redirect_uri'] ?? $this->redirectUrl,
'usertype' => $this->userType,
'lang' => $this->lang,
'state' => $this->state,
]);
return \sprintf('https://open.work.weixin.qq.com/wwopen/sso/3rd_qrConnect?%s', http_build_query($queries));
}
return \sprintf('https://open.weixin.qq.com/connect/oauth2/authorize?%s#wechat_redirect', \http_build_query($queries));
}
/**
* @throws Exceptions\MethodDoesNotSupportException
*/
protected function getUserByToken(string $token): array
{
throw new Exceptions\MethodDoesNotSupportException('Open WeWork doesn\'t support access_token mode');
}
protected function getSuiteAccessToken(): string
{
return $this->suiteAccessToken ?? $this->suiteAccessToken = $this->requestSuiteAccessToken();
}
/**
* @throws Exceptions\AuthorizeFailedException|GuzzleException
*/
protected function getUser(string $token, string $code): array
{
$responseInstance = $this->getHttpClient()->get(
$this->baseUrl.'/cgi-bin/service/getuserinfo3rd',
[
'query' => \array_filter(
[
'suite_access_token' => $token,
Contracts\RFC6749_ABNF_CODE => $code,
]
),
]
);
$response = $this->fromJsonBody($responseInstance);
if (($response['errcode'] ?? 1) > 0 || (empty($response['UserId']) && empty($response['openid']))) {
throw new Exceptions\AuthorizeFailedException((string) $responseInstance->getBody(), $response);
} elseif (empty($response['user_ticket'])) {
$this->detailed = false;
}
return $response;
}
/**
* @throws Exceptions\AuthorizeFailedException
* @throws GuzzleException
*/
protected function getUserByTicket(string $userTicket): array
{
$responseInstance = $this->getHttpClient()->post(
$this->baseUrl.'/cgi-bin/service/auth/getuserdetail3rd',
[
'query' => [
'suite_access_token' => $this->getSuiteAccessToken(),
],
'json' => [
'user_ticket' => $userTicket,
],
],
);
$response = $this->fromJsonBody($responseInstance);
if (($response['errcode'] ?? 1) > 0 || empty($response['userid'])) {
throw new Exceptions\AuthorizeFailedException((string) $responseInstance->getBody(), $response);
}
return $response;
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User($this->detailed ? [
Contracts\ABNF_ID => $user['userid'] ?? $user['UserId'] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_AVATAR => $user[Contracts\ABNF_AVATAR] ?? null,
'gender' => $user['gender'] ?? null,
'corpid' => $user['corpid'] ?? $user['CorpId'] ?? null,
'open_userid' => $user['open_userid'] ?? null,
'qr_code' => $user['qr_code'] ?? null,
] : [
Contracts\ABNF_ID => $user['userid'] ?? $user['UserId'] ?? $user['OpenId'] ?? $user['openid'] ?? null,
'corpid' => $user['CorpId'] ?? null,
'open_userid' => $user['open_userid'] ?? null,
]);
}
/**
* @throws Exceptions\AuthorizeFailedException
* @throws GuzzleException
*/
protected function requestSuiteAccessToken(): string
{
$responseInstance = $this->getHttpClient()->post(
$this->baseUrl.'/cgi-bin/service/get_suite_token',
[
'json' => [
'suite_id' => $this->config->get('suite_id') ?? $this->config->get('client_id'),
'suite_secret' => $this->config->get('suite_secret') ?? $this->config->get('client_secret'),
'suite_ticket' => $this->suiteTicket,
],
]
);
$response = $this->fromJsonBody($responseInstance);
if (isset($response['errcode']) && $response['errcode'] > 0) {
throw new Exceptions\AuthorizeFailedException((string) $responseInstance->getBody(), $response);
}
return $response['suite_access_token'];
}
protected function getTokenUrl(): string
{
return '';
}
}

65
vendor/overtrue/socialite/src/Providers/Outlook.php vendored Normal file
View File

@ -0,0 +1,65 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
class Outlook extends Base
{
public const NAME = 'outlook';
protected array $scopes = ['User.Read'];
protected string $scopeSeparator = ' ';
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://login.microsoftonline.com/common/oauth2/v2.0/authorize');
}
protected function getTokenUrl(): string
{
return 'https://login.microsoftonline.com/common/oauth2/v2.0/token';
}
protected function getUserByToken(string $token, ?array $query = []): array
{
$response = $this->getHttpClient()->get(
'https://graph.microsoft.com/v1.0/me',
['headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
]
);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => null,
Contracts\ABNF_NAME => $user['displayName'] ?? null,
Contracts\ABNF_EMAIL => $user['userPrincipalName'] ?? null,
Contracts\ABNF_AVATAR => null,
]);
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE];
}
}

243
vendor/overtrue/socialite/src/Providers/QCloud.php vendored Normal file
View File

@ -0,0 +1,243 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\User;
class QCloud extends Base
{
public const NAME = 'qcloud';
protected array $scopes = ['login'];
protected string $accessTokenKey = 'UserAccessToken';
protected string $refreshTokenKey = 'UserRefreshToken';
protected string $expiresInKey = 'ExpiresAt';
protected ?string $openId;
protected ?string $unionId;
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase('https://cloud.tencent.com/open/authorize');
}
protected function getTokenUrl(): string
{
return '';
}
protected function getAppId(): string
{
return $this->config->get(Contracts\ABNF_APP_ID) ?? $this->getClientId();
}
protected function getSecretId(): string
{
return $this->config->get('secret_id');
}
protected function getSecretKey(): string
{
return $this->config->get('secret_key');
}
public function TokenFromCode(string $code): array
{
$response = $this->performRequest(
'GET',
'open.tencentcloudapi.com',
'GetUserAccessToken',
'2018-12-25',
[
'query' => [
'UserAuthCode' => $code,
],
]
);
return $this->parseAccessToken($response);
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
protected function getUserByToken(string $token): array
{
$secret = $this->getFederationToken($token);
return $this->performRequest(
'GET',
'open.tencentcloudapi.com',
'GetUserBaseInfo',
'2018-12-25',
[
'headers' => [
'X-TC-Token' => $secret['Token'],
],
],
$secret['TmpSecretId'],
$secret['TmpSecretKey'],
);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $this->openId ?? null,
Contracts\ABNF_NAME => $user['Nickname'] ?? null,
Contracts\ABNF_NICKNAME => $user['Nickname'] ?? null,
]);
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
public function performRequest(string $method, string $host, string $action, string $version, array $options = [], ?string $secretId = null, ?string $secretKey = null): array
{
$method = \strtoupper($method);
$timestamp = \time();
$credential = \sprintf('%s/%s/tc3_request', \gmdate('Y-m-d', $timestamp), $this->getServiceFromHost($host));
$options['headers'] = \array_merge(
$options['headers'] ?? [],
[
'X-TC-Action' => $action,
'X-TC-Timestamp' => $timestamp,
'X-TC-Version' => $version,
'Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8',
]
);
$signature = $this->sign($method, $host, $options['query'] ?? [], '', $options['headers'], $credential, $secretKey);
$options['headers']['Authorization'] =
\sprintf(
'TC3-HMAC-SHA256 Credential=%s/%s, SignedHeaders=content-type;host, Signature=%s',
$secretId ?? $this->getSecretId(),
$credential,
$signature
);
$response = $this->getHttpClient()->get("https://{$host}/", $options);
$response = $this->fromJsonBody($response);
if (! empty($response['Response']['Error'])) {
throw new Exceptions\AuthorizeFailedException(
\sprintf('%s: %s', $response['Response']['Error']['Code'], $response['Response']['Error']['Message']),
$response
);
}
return $response['Response'] ?? [];
}
protected function sign(string $requestMethod, string $host, array $query, string $payload, array $headers, string $credential, ?string $secretKey = null): bool|string
{
$canonicalRequestString = \implode(
"\n",
[
$requestMethod,
'/',
\http_build_query($query),
"content-type:{$headers['Content-Type']}\nhost:{$host}\n",
'content-type;host',
\hash('SHA256', $payload),
]
);
$signString = \implode(
"\n",
[
'TC3-HMAC-SHA256',
$headers['X-TC-Timestamp'],
$credential,
\hash('SHA256', $canonicalRequestString),
]
);
$secretKey = $secretKey ?? $this->getSecretKey();
$secretDate = \hash_hmac('SHA256', \gmdate('Y-m-d', $headers['X-TC-Timestamp']), "TC3{$secretKey}", true);
$secretService = \hash_hmac('SHA256', $this->getServiceFromHost($host), $secretDate, true);
$secretSigning = \hash_hmac('SHA256', 'tc3_request', $secretService, true);
return \hash_hmac('SHA256', $signString, $secretSigning);
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
protected function parseAccessToken(array|string $body): array
{
if (! \is_array($body)) {
$body = \json_decode($body, true);
}
if (empty($body['UserOpenId'] ?? null)) {
throw new Exceptions\AuthorizeFailedException('Authorize Failed: '.\json_encode($body, JSON_UNESCAPED_UNICODE), $body);
}
$this->openId = $body['UserOpenId'] ?? null;
$this->unionId = $body['UserUnionId'] ?? null;
return $body;
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
protected function getFederationToken(string $accessToken): array
{
$response = $this->performRequest(
'GET',
'sts.tencentcloudapi.com',
'GetThirdPartyFederationToken',
'2018-08-13',
[
'query' => [
'UserAccessToken' => $accessToken,
'Duration' => 7200,
'ApiAppId' => 0,
],
'headers' => [
'X-TC-Region' => 'ap-guangzhou', // 官方人员说写死
],
]
);
if (empty($response['Credentials'] ?? null)) {
throw new Exceptions\AuthorizeFailedException('Get Federation Token failed.', $response);
}
return $response['Credentials'];
}
protected function getCodeFields(): array
{
$fields = \array_merge(
[
Contracts\ABNF_APP_ID => $this->getAppId(),
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_SCOPE => $this->formatScopes($this->scopes, $this->scopeSeparator),
Contracts\RFC6749_ABNF_RESPONSE_TYPE => Contracts\RFC6749_ABNF_CODE,
],
$this->parameters
);
if ($this->state) {
$fields[Contracts\RFC6749_ABNF_STATE] = $this->state;
}
return $fields;
}
protected function getServiceFromHost(string $host): string
{
return \explode('.', $host)[0] ?? '';
}
}

112
vendor/overtrue/socialite/src/Providers/QQ.php vendored Normal file
View File

@ -0,0 +1,112 @@
<?php
namespace Overtrue\Socialite\Providers;
use GuzzleHttp\Utils;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions\AuthorizeFailedException;
use Overtrue\Socialite\User;
/**
* @see http://wiki.connect.qq.com/oauth2-0%E7%AE%80%E4%BB%8B [QQ - OAuth 2.0 登录QQ]
*/
class QQ extends Base
{
public const NAME = 'qq';
protected string $baseUrl = 'https://graph.qq.com';
protected array $scopes = ['get_user_info'];
protected bool $withUnionId = false;
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->baseUrl.'/oauth2.0/authorize');
}
protected function getTokenUrl(): string
{
return $this->baseUrl.'/oauth2.0/token';
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE];
}
public function tokenFromCode(string $code): array
{
$response = $this->getHttpClient()->get($this->getTokenUrl(), [
'query' => $this->getTokenFields($code),
]);
\parse_str((string) $response->getBody(), $token);
return $this->normalizeAccessTokenResponse($token);
}
public function withUnionId(): self
{
$this->withUnionId = true;
return $this;
}
/**
* @throws \GuzzleHttp\Exception\GuzzleException
* @throws \Overtrue\Socialite\Exceptions\AuthorizeFailedException
*/
protected function getUserByToken(string $token): array
{
$response = $this->getHttpClient()->get($this->baseUrl.'/oauth2.0/me', [
'query' => [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
'fmt' => 'json',
] + ($this->withUnionId ? ['unionid' => 1] : []),
]);
$me = $this->fromJsonBody($response);
$response = $this->getHttpClient()->get($this->baseUrl.'/user/get_user_info', [
'query' => [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
'fmt' => 'json',
'openid' => $me['openid'],
'oauth_consumer_key' => $this->getClientId(),
],
]);
$user = $this->fromJsonBody($response);
if (! array_key_exists('ret', $user) || $user['ret'] !== 0) {
throw new AuthorizeFailedException('Authorize Failed: '.Utils::jsonEncode($user, \JSON_UNESCAPED_UNICODE), $user);
}
return $user + [
'unionid' => $me['unionid'] ?? null,
'openid' => $me['openid'] ?? null,
];
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user['openid'] ?? null,
Contracts\ABNF_NAME => $user['nickname'] ?? null,
Contracts\ABNF_NICKNAME => $user['nickname'] ?? null,
Contracts\ABNF_EMAIL => $user['email'] ?? null,
Contracts\ABNF_AVATAR => $user['figureurl_qq_2'] ?? null,
]);
}
}

144
vendor/overtrue/socialite/src/Providers/Taobao.php vendored Normal file
View File

@ -0,0 +1,144 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see https://open.taobao.com/doc.htm?docId=102635&docType=1&source=search [Taobao - OAuth 2.0 授权登录]
*/
class Taobao extends Base
{
public const NAME = 'taobao';
protected string $baseUrl = 'https://oauth.taobao.com';
protected string $gatewayUrl = 'https://eco.taobao.com/router/rest';
protected string $view = 'web';
protected array $scopes = ['user_info'];
public function withView(string $view): self
{
$this->view = $view;
return $this;
}
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->baseUrl.'/authorize');
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
'view' => 'string',
Contracts\RFC6749_ABNF_RESPONSE_TYPE => 'string',
])]
public function getCodeFields(): array
{
return [
Contracts\RFC6749_ABNF_CLIENT_ID => $this->getClientId(),
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
'view' => $this->view,
Contracts\RFC6749_ABNF_RESPONSE_TYPE => Contracts\RFC6749_ABNF_CODE,
];
}
protected function getTokenUrl(): string
{
return $this->baseUrl.'/token';
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
'view' => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
'view' => $this->view,
];
}
public function tokenFromCode(string $code): array
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
'query' => $this->getTokenFields($code),
]);
return $this->normalizeAccessTokenResponse($response->getBody());
}
protected function getUserByToken(string $token, ?array $query = []): array
{
$response = $this->getHttpClient()->post($this->getUserInfoUrl($this->gatewayUrl, $token));
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_OPEN_ID] ?? null,
Contracts\ABNF_NICKNAME => $user['nick'] ?? null,
Contracts\ABNF_NAME => $user['nick'] ?? null,
Contracts\ABNF_AVATAR => $user[Contracts\ABNF_AVATAR] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
]);
}
protected function generateSign(array $params): string
{
\ksort($params);
$stringToBeSigned = $this->getConfig()->get(Contracts\RFC6749_ABNF_CLIENT_SECRET);
foreach ($params as $k => $v) {
if (! \is_array($v) && ! \str_starts_with($v, '@')) {
$stringToBeSigned .= "$k$v";
}
}
$stringToBeSigned .= $this->getConfig()->get(Contracts\RFC6749_ABNF_CLIENT_SECRET);
return \strtoupper(\md5($stringToBeSigned));
}
protected function getPublicFields(string $token, array $apiFields = []): array
{
$fields = [
'app_key' => $this->getClientId(),
'sign_method' => 'md5',
'session' => $token,
'timestamp' => (new \DateTime('now', new \DateTimeZone('Asia/Shanghai')))->format('Y-m-d H:i:s'),
'v' => '2.0',
'format' => 'json',
];
$fields = \array_merge($apiFields, $fields);
$fields['sign'] = $this->generateSign($fields);
return $fields;
}
protected function getUserInfoUrl(string $url, string $token): string
{
$apiFields = ['method' => 'taobao.miniapp.userInfo.get'];
$query = \http_build_query($this->getPublicFields($token, $apiFields), '', '&', $this->encodingType);
return $url.'?'.$query;
}
}

147
vendor/overtrue/socialite/src/Providers/Tapd.php vendored Normal file
View File

@ -0,0 +1,147 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\User;
use Psr\Http\Message\StreamInterface;
/**
* @see https://www.tapd.cn/help/show#1120003271001000708
*/
class Tapd extends Base
{
public const NAME = 'tapd';
protected string $baseUrl = 'https://api.tapd.cn';
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->baseUrl.'/quickstart/testauth');
}
protected function getTokenUrl(): string
{
return $this->baseUrl.'/tokens/request_token';
}
protected function getRefreshTokenUrl(): string
{
return $this->baseUrl.'/tokens/refresh_token';
}
public function tokenFromCode(string $code): array
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Basic '.\base64_encode(\sprintf('%s:%s', $this->getClientId(), $this->getClientSecret())),
],
'form_params' => $this->getTokenFields($code),
]);
return $this->normalizeAccessTokenResponse($response->getBody());
}
#[ArrayShape([
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
])]
protected function getTokenFields(string $code): array
{
return [
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_CODE => $code,
];
}
#[ArrayShape([
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_REFRESH_TOKEN => 'string',
])]
protected function getRefreshTokenFields(string $refreshToken): array
{
return [
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_REFRESH_TOKEN,
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_REFRESH_TOKEN => $refreshToken,
];
}
public function tokenFromRefreshToken(string $refreshToken): array
{
$response = $this->getHttpClient()->post($this->getRefreshTokenUrl(), [
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Basic '.\base64_encode(\sprintf('%s:%s', $this->getClientId(), $this->getClientSecret())),
],
'form_params' => $this->getRefreshTokenFields($refreshToken),
]);
return $this->normalizeAccessTokenResponse((string) $response->getBody());
}
protected function getUserByToken(string $token): array
{
$response = $this->getHttpClient()->get($this->baseUrl.'/users/info', [
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
]);
return $this->fromJsonBody($response);
}
/**
* @throws Exceptions\BadRequestException
*/
protected function mapUserToObject(array $user): Contracts\UserInterface
{
if (! isset($user['status']) && $user['status'] != 1) {
throw new Exceptions\BadRequestException('用户信息获取失败');
}
return new User([
Contracts\ABNF_ID => $user['data'][Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => $user['data']['nick'] ?? null,
Contracts\ABNF_NAME => $user['data'][Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_EMAIL => $user['data'][Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_AVATAR => $user['data'][Contracts\ABNF_AVATAR] ?? null,
]);
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
protected function normalizeAccessTokenResponse(mixed $response): array
{
if ($response instanceof StreamInterface) {
$response->rewind();
$response = (string) $response;
}
if (\is_string($response)) {
$response = \json_decode($response, true) ?? [];
}
if (! \is_array($response)) {
throw new Exceptions\AuthorizeFailedException('Invalid token response', [$response]);
}
if (empty($response['data'][$this->accessTokenKey] ?? null)) {
throw new Exceptions\AuthorizeFailedException('Authorize Failed: '.\json_encode($response, JSON_UNESCAPED_UNICODE), $response);
}
return $response + [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $response['data'][$this->accessTokenKey],
Contracts\RFC6749_ABNF_REFRESH_TOKEN => $response['data'][$this->refreshTokenKey] ?? null,
Contracts\RFC6749_ABNF_EXPIRES_IN => \intval($response['data'][$this->expiresInKey] ?? 0),
];
}
}

33
vendor/overtrue/socialite/src/Providers/TouTiao.php vendored Normal file
View File

@ -0,0 +1,33 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see https://open.douyin.com/platform/resource/docs/openapi/account-permission/toutiao-get-permission-code
*/
class TouTiao extends DouYin
{
public const NAME = 'toutiao';
protected string $baseUrl = 'https://open.snssdk.com';
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->baseUrl.'/oauth/authorize/');
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_OPEN_ID] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NICKNAME] ?? null,
Contracts\ABNF_NICKNAME => $user[Contracts\ABNF_NICKNAME] ?? null,
Contracts\ABNF_AVATAR => $user[Contracts\ABNF_AVATAR] ?? null,
]);
}
}

218
vendor/overtrue/socialite/src/Providers/WeChat.php vendored Normal file
View File

@ -0,0 +1,218 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\User;
use Psr\Http\Message\ResponseInterface;
/**
* @see http://mp.weixin.qq.com/wiki/9/01f711493b5a02f24b04365ac5d8fd95.html [WeChat - 公众平台OAuth文档]
* @see https://open.weixin.qq.com/cgi-bin/showdocument?action=dir_list&t=resource/res_list&verify=1&id=open1419316505&token=&lang=zh_CN
* [网站应用微信登录开发指南]
*/
class WeChat extends Base
{
public const NAME = 'wechat';
protected string $baseUrl = 'https://api.weixin.qq.com/sns';
protected array $scopes = ['snsapi_login'];
protected bool $withCountryCode = false;
protected ?array $component = null;
protected ?string $openid = null;
public function __construct(array $config)
{
parent::__construct($config);
if ($this->getConfig()->has('component')) {
$this->prepareForComponent((array) $this->getConfig()->get('component'));
}
}
public function withOpenid(string $openid): self
{
$this->openid = $openid;
return $this;
}
public function withCountryCode(): self
{
$this->withCountryCode = true;
return $this;
}
public function tokenFromCode(string $code): array
{
$response = $this->getTokenFromCode($code);
return $this->normalizeAccessTokenResponse($response->getBody());
}
/**
* @param array<string,string> $componentConfig [Contracts\ABNF_ID => xxx, Contracts\ABNF_TOKEN => xxx]
*/
public function withComponent(array $componentConfig): self
{
$this->prepareForComponent($componentConfig);
return $this;
}
public function getComponent(): ?array
{
return $this->component;
}
protected function getAuthUrl(): string
{
$path = 'oauth2/authorize';
if (\in_array('snsapi_login', $this->scopes)) {
$path = 'qrconnect';
}
return $this->buildAuthUrlFromBase("https://open.weixin.qq.com/connect/{$path}");
}
protected function buildAuthUrlFromBase(string $url): string
{
$query = \http_build_query($this->getCodeFields(), '', '&', $this->encodingType);
return $url.'?'.$query.'#wechat_redirect';
}
protected function getCodeFields(): array
{
if (! empty($this->component)) {
$this->with(\array_merge($this->parameters, ['component_appid' => $this->component[Contracts\ABNF_ID]]));
}
return \array_merge([
'appid' => $this->getClientId(),
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_RESPONSE_TYPE => Contracts\RFC6749_ABNF_CODE,
Contracts\RFC6749_ABNF_SCOPE => $this->formatScopes($this->scopes, $this->scopeSeparator),
Contracts\RFC6749_ABNF_STATE => $this->state ?: \md5(\uniqid(Contracts\RFC6749_ABNF_STATE, true)),
'connect_redirect' => 1,
], $this->parameters);
}
protected function getTokenUrl(): string
{
return \sprintf($this->baseUrl.'/oauth2%s/access_token', empty($this->component) ? '' : '/component');
}
public function userFromCode(string $code): Contracts\UserInterface
{
if (\in_array('snsapi_base', $this->scopes)) {
return $this->mapUserToObject($this->fromJsonBody($this->getTokenFromCode($code)));
}
$token = $this->tokenFromCode($code);
$this->withOpenid($token['openid']);
$user = $this->userFromToken($token[$this->accessTokenKey]);
return $user->setRefreshToken($token[Contracts\RFC6749_ABNF_REFRESH_TOKEN])
->setExpiresIn($token[Contracts\RFC6749_ABNF_EXPIRES_IN])
->setTokenResponse($token);
}
protected function getUserByToken(string $token): array
{
$language = $this->withCountryCode ? null : (isset($this->parameters['lang']) ? $this->parameters['lang'] : 'zh_CN');
$response = $this->getHttpClient()->get($this->baseUrl.'/userinfo', [
'query' => \array_filter([
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
'openid' => $this->openid,
'lang' => $language,
]),
]);
return $this->fromJsonBody($response);
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user['openid'] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NICKNAME] ?? null,
Contracts\ABNF_NICKNAME => $user[Contracts\ABNF_NICKNAME] ?? null,
Contracts\ABNF_AVATAR => $user['headimgurl'] ?? null,
Contracts\ABNF_EMAIL => null,
]);
}
protected function getTokenFields(string $code): array
{
return empty($this->component) ? [
'appid' => $this->getClientId(),
'secret' => $this->getClientSecret(),
Contracts\RFC6749_ABNF_CODE => $code,
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
] : [
'appid' => $this->getClientId(),
'component_appid' => $this->component[Contracts\ABNF_ID],
'component_access_token' => $this->component[Contracts\ABNF_TOKEN],
Contracts\RFC6749_ABNF_CODE => $code,
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
];
}
protected function getTokenFromCode(string $code): ResponseInterface
{
return $this->getHttpClient()->get($this->getTokenUrl(), [
'headers' => ['Accept' => 'application/json'],
'query' => $this->getTokenFields($code),
]);
}
/**
* @throws Exceptions\InvalidArgumentException
*/
protected function prepareForComponent(array $component): void
{
$config = [];
foreach ($component as $key => $value) {
if (\is_callable($value)) {
$value = \call_user_func($value, $this);
}
switch ($key) {
case Contracts\ABNF_ID:
case Contracts\ABNF_APP_ID:
case 'component_app_id':
$config[Contracts\ABNF_ID] = $value;
break;
case Contracts\ABNF_TOKEN:
case Contracts\RFC6749_ABNF_ACCESS_TOKEN:
case 'app_token':
case 'component_access_token':
$config[Contracts\ABNF_TOKEN] = $value;
break;
}
}
if (2 !== \count($config)) {
throw new Exceptions\InvalidArgumentException('Please check your config arguments were available.');
}
if (1 === \count($this->scopes) && \in_array('snsapi_login', $this->scopes)) {
$this->scopes = ['snsapi_base'];
}
$this->component = $config;
}
}

213
vendor/overtrue/socialite/src/Providers/WeWork.php vendored Normal file
View File

@ -0,0 +1,213 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\User;
/**
* @link https://developer.work.weixin.qq.com/document/path/91022
*/
class WeWork extends Base
{
public const NAME = 'wework';
protected bool $detailed = false;
protected ?int $agentId = null;
protected ?string $apiAccessToken;
protected bool $asQrcode = false;
protected string $baseUrl = 'https://qyapi.weixin.qq.com';
public function __construct(array $config)
{
parent::__construct($config);
if ($this->getConfig()->has('base_url')) {
$this->baseUrl = $this->getConfig()->get('base_url');
}
if ($this->getConfig()->has('agent_id')) {
$this->agentId = $this->getConfig()->get('agent_id');
}
}
public function getBaseUrl(): ?string
{
return $this->baseUrl;
}
public function userFromCode(string $code): Contracts\UserInterface
{
$token = $this->getApiAccessToken();
$user = $this->getUser($token, $code);
if ($this->detailed) {
$user = $this->getUserById($user['UserId']);
}
return $this->mapUserToObject($user)->setProvider($this)->setRaw($user);
}
public function withAgentId(int $agentId): self
{
$this->agentId = $agentId;
return $this;
}
public function detailed(): self
{
$this->detailed = true;
return $this;
}
public function asQrcode(): self
{
$this->asQrcode = true;
return $this;
}
public function withApiAccessToken(string $apiAccessToken): self
{
$this->apiAccessToken = $apiAccessToken;
return $this;
}
public function getAuthUrl(): string
{
$scopes = $this->formatScopes($this->scopes, $this->scopeSeparator);
$queries = array_filter([
'appid' => $this->getClientId(),
'agentid' => $this->agentId,
Contracts\RFC6749_ABNF_REDIRECT_URI => $this->redirectUrl,
Contracts\RFC6749_ABNF_RESPONSE_TYPE => Contracts\RFC6749_ABNF_CODE,
Contracts\RFC6749_ABNF_SCOPE => $scopes,
Contracts\RFC6749_ABNF_STATE => $this->state,
]);
if (! $this->agentId && (str_contains($scopes, 'snsapi_privateinfo') || $this->asQrcode)) {
throw new Exceptions\InvalidArgumentException("agent_id is require when qrcode mode or scopes is 'snsapi_privateinfo'");
}
if ($this->asQrcode) {
unset($queries[Contracts\RFC6749_ABNF_SCOPE]);
return \sprintf('https://open.work.weixin.qq.com/wwopen/sso/qrConnect?%s', http_build_query($queries));
}
return \sprintf('https://open.weixin.qq.com/connect/oauth2/authorize?%s#wechat_redirect', \http_build_query($queries));
}
/**
* @throws Exceptions\MethodDoesNotSupportException
*/
protected function getUserByToken(string $token): array
{
throw new Exceptions\MethodDoesNotSupportException('WeWork doesn\'t support access_token mode');
}
protected function getApiAccessToken(): string
{
return $this->apiAccessToken ?? $this->apiAccessToken = $this->requestApiAccessToken();
}
protected function getUser(string $token, string $code): array
{
$responseInstance = $this->getHttpClient()->get(
$this->baseUrl.'/cgi-bin/user/getuserinfo',
[
'query' => \array_filter(
[
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
Contracts\RFC6749_ABNF_CODE => $code,
]
),
]
);
$response = $this->fromJsonBody($responseInstance);
if (($response['errcode'] ?? 1) > 0 || (empty($response['UserId']) && empty($response['OpenId']))) {
throw new Exceptions\AuthorizeFailedException((string) $responseInstance->getBody(), $response);
} elseif (empty($response['UserId'])) {
$this->detailed = false;
}
return $response;
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
protected function getUserById(string $userId): array
{
$responseInstance = $this->getHttpClient()->post($this->baseUrl.'/cgi-bin/user/get', [
'query' => [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $this->getApiAccessToken(),
'userid' => $userId,
],
]);
$response = $this->fromJsonBody($responseInstance);
if (($response['errcode'] ?? 1) > 0 || empty($response['userid'])) {
throw new Exceptions\AuthorizeFailedException((string) $responseInstance->getBody(), $response);
}
return $response;
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User($this->detailed ? [
Contracts\ABNF_ID => $user['userid'] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_AVATAR => $user[Contracts\ABNF_AVATAR] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
] : [
Contracts\ABNF_ID => $user['UserId'] ?? null ?: $user['OpenId'] ?? null,
]);
}
/**
* @throws Exceptions\AuthorizeFailedException
*/
protected function requestApiAccessToken(): string
{
$responseInstance = $this->getHttpClient()->get($this->baseUrl.'/cgi-bin/gettoken', [
'query' => \array_filter(
[
'corpid' => $this->config->get('corp_id')
?? $this->config->get('corpid')
?? $this->config->get(Contracts\RFC6749_ABNF_CLIENT_ID),
'corpsecret' => $this->config->get('corp_secret')
?? $this->config->get('corpsecret')
?? $this->config->get(Contracts\RFC6749_ABNF_CLIENT_SECRET),
]
),
]);
$response = $this->fromJsonBody($responseInstance);
if (($response['errcode'] ?? 1) > 0) {
throw new Exceptions\AuthorizeFailedException((string) $responseInstance->getBody(), $response);
}
return $response[Contracts\RFC6749_ABNF_ACCESS_TOKEN];
}
protected function getTokenUrl(): string
{
return '';
}
}

104
vendor/overtrue/socialite/src/Providers/Weibo.php vendored Normal file
View File

@ -0,0 +1,104 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\ArrayShape;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\Exceptions;
use Overtrue\Socialite\User;
/**
* @see http://open.weibo.com/wiki/%E6%8E%88%E6%9D%83%E6%9C%BA%E5%88%B6%E8%AF%B4%E6%98%8E [OAuth 2.0 授权机制说明]
*/
class Weibo extends Base
{
public const NAME = 'weibo';
protected string $baseUrl = 'https://api.weibo.com';
protected array $scopes = [Contracts\ABNF_EMAIL];
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->baseUrl.'/oauth2/authorize');
}
protected function getTokenUrl(): string
{
return $this->baseUrl.'/2/oauth2/access_token';
}
#[ArrayShape([
Contracts\RFC6749_ABNF_CLIENT_ID => 'null|string',
Contracts\RFC6749_ABNF_CLIENT_SECRET => 'null|string',
Contracts\RFC6749_ABNF_CODE => 'string',
Contracts\RFC6749_ABNF_REDIRECT_URI => 'null|string',
Contracts\RFC6749_ABNF_GRANT_TYPE => 'string',
])]
protected function getTokenFields(string $code): array
{
return parent::getTokenFields($code) + [
Contracts\RFC6749_ABNF_GRANT_TYPE => Contracts\RFC6749_ABNF_AUTHORATION_CODE,
];
}
/**
* @throws Exceptions\InvalidTokenException
*/
protected function getUserByToken(string $token): array
{
$uid = $this->getTokenPayload($token)['uid'] ?? null;
if (empty($uid)) {
throw new Exceptions\InvalidTokenException('Invalid token.', $token);
}
$response = $this->getHttpClient()->get($this->baseUrl.'/2/users/show.json', [
'query' => [
'uid' => $uid,
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
],
'headers' => [
'Accept' => 'application/json',
],
]);
return $this->fromJsonBody($response);
}
/**
* @throws Exceptions\InvalidTokenException
*/
protected function getTokenPayload(string $token): array
{
$response = $this->getHttpClient()->post($this->baseUrl.'/oauth2/get_token_info', [
'query' => [
Contracts\RFC6749_ABNF_ACCESS_TOKEN => $token,
],
'headers' => [
'Accept' => 'application/json',
],
]);
$response = $this->fromJsonBody($response);
if (empty($response['uid'] ?? null)) {
throw new Exceptions\InvalidTokenException(\sprintf('Invalid token %s', $token), $token);
}
return $response;
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_ID] ?? null,
Contracts\ABNF_NICKNAME => $user['screen_name'] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NAME] ?? null,
Contracts\ABNF_EMAIL => $user[Contracts\ABNF_EMAIL] ?? null,
Contracts\ABNF_AVATAR => $user['avatar_large'] ?? null,
]);
}
}

33
vendor/overtrue/socialite/src/Providers/XiGua.php vendored Normal file
View File

@ -0,0 +1,33 @@
<?php
namespace Overtrue\Socialite\Providers;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Contracts;
use Overtrue\Socialite\User;
/**
* @see https://open.douyin.com/platform/resource/docs/openapi/account-permission/xigua-get-permission-code
*/
class XiGua extends DouYin
{
public const NAME = 'xigua';
protected string $baseUrl = 'https://open-api.ixigua.com';
protected function getAuthUrl(): string
{
return $this->buildAuthUrlFromBase($this->baseUrl.'/oauth/connect');
}
#[Pure]
protected function mapUserToObject(array $user): Contracts\UserInterface
{
return new User([
Contracts\ABNF_ID => $user[Contracts\ABNF_OPEN_ID] ?? null,
Contracts\ABNF_NAME => $user[Contracts\ABNF_NICKNAME] ?? null,
Contracts\ABNF_NICKNAME => $user[Contracts\ABNF_NICKNAME] ?? null,
Contracts\ABNF_AVATAR => $user[Contracts\ABNF_AVATAR] ?? null,
]);
}
}

118
vendor/overtrue/socialite/src/SocialiteManager.php vendored Normal file
View File

@ -0,0 +1,118 @@
<?php
namespace Overtrue\Socialite;
use Closure;
use JetBrains\PhpStorm\Pure;
class SocialiteManager implements Contracts\FactoryInterface
{
protected Config $config;
protected array $resolved = [];
protected static array $customCreators = [];
protected const PROVIDERS = [
Providers\Alipay::NAME => Providers\Alipay::class,
Providers\Azure::NAME => Providers\Azure::class,
Providers\Coding::NAME => Providers\Coding::class,
Providers\DingTalk::NAME => Providers\DingTalk::class,
Providers\DouYin::NAME => Providers\DouYin::class,
Providers\Douban::NAME => Providers\Douban::class,
Providers\Facebook::NAME => Providers\Facebook::class,
Providers\FeiShu::NAME => Providers\FeiShu::class,
Providers\Figma::NAME => Providers\Figma::class,
Providers\GitHub::NAME => Providers\GitHub::class,
Providers\Gitee::NAME => Providers\Gitee::class,
Providers\Google::NAME => Providers\Google::class,
Providers\Lark::NAME => Providers\Lark::class,
Providers\Line::NAME => Providers\Line::class,
Providers\Linkedin::NAME => Providers\Linkedin::class,
Providers\OpenWeWork::NAME => Providers\OpenWeWork::class,
Providers\Outlook::NAME => Providers\Outlook::class,
Providers\QCloud::NAME => Providers\QCloud::class,
Providers\QQ::NAME => Providers\QQ::class,
Providers\Taobao::NAME => Providers\Taobao::class,
Providers\Tapd::NAME => Providers\Tapd::class,
Providers\TouTiao::NAME => Providers\TouTiao::class,
Providers\WeChat::NAME => Providers\WeChat::class,
Providers\WeWork::NAME => Providers\WeWork::class,
Providers\Weibo::NAME => Providers\Weibo::class,
Providers\XiGua::NAME => Providers\XiGua::class,
];
#[Pure]
public function __construct(array $config)
{
$this->config = new Config($config);
}
public function config(Config $config): self
{
$this->config = $config;
return $this;
}
public function create(string $name): Contracts\ProviderInterface
{
$name = \strtolower($name);
if (! isset($this->resolved[$name])) {
$this->resolved[$name] = $this->createProvider($name);
}
return $this->resolved[$name];
}
public function extend(string $name, Closure $callback): self
{
self::$customCreators[\strtolower($name)] = $callback;
return $this;
}
public function getResolvedProviders(): array
{
return $this->resolved;
}
public function buildProvider(string $provider, array $config): Contracts\ProviderInterface
{
$instance = new $provider($config);
$instance instanceof Contracts\ProviderInterface || throw new Exceptions\InvalidArgumentException("The {$provider} must be instanceof ProviderInterface.");
return $instance;
}
/**
* @throws Exceptions\InvalidArgumentException
*/
protected function createProvider(string $name): Contracts\ProviderInterface
{
$config = $this->config->get($name, []);
$provider = $config['provider'] ?? $name;
if (isset(self::$customCreators[$provider])) {
return $this->callCustomCreator($provider, $config);
}
if (! $this->isValidProvider($provider)) {
throw new Exceptions\InvalidArgumentException("Provider [{$name}] not supported.");
}
return $this->buildProvider(self::PROVIDERS[$provider] ?? $provider, $config);
}
protected function callCustomCreator(string $name, array $config): Contracts\ProviderInterface
{
return self::$customCreators[$name]($config);
}
protected function isValidProvider(string $provider): bool
{
return isset(self::PROVIDERS[$provider]) || \is_subclass_of($provider, Contracts\ProviderInterface::class);
}
}

75
vendor/overtrue/socialite/src/Traits/HasAttributes.php vendored Normal file
View File

@ -0,0 +1,75 @@
<?php
namespace Overtrue\Socialite\Traits;
use JetBrains\PhpStorm\Pure;
use Overtrue\Socialite\Exceptions;
trait HasAttributes
{
protected array $attributes = [];
public function getAttributes(): array
{
return $this->attributes;
}
public function getAttribute(string $name, mixed $default = null): mixed
{
return $this->attributes[$name] ?? $default;
}
public function setAttribute(string $name, mixed $value): self
{
$this->attributes[$name] = $value;
return $this;
}
public function merge(array $attributes): self
{
$this->attributes = \array_merge($this->attributes, $attributes);
return $this;
}
public function offsetExists(mixed $offset): bool
{
return \array_key_exists($offset, $this->attributes);
}
public function offsetGet(mixed $offset): mixed
{
return $this->getAttribute($offset);
}
public function offsetSet(mixed $offset, mixed $value): void
{
$this->setAttribute($offset, $value);
}
public function offsetUnset(mixed $offset): void
{
unset($this->attributes[$offset]);
}
public function __get(string $property): mixed
{
return $this->getAttribute($property);
}
#[Pure]
public function toArray(): array
{
return $this->getAttributes();
}
public function toJSON(): string
{
$result = \json_encode($this->getAttributes(), JSON_UNESCAPED_UNICODE);
false === $result && throw new Exceptions\Exception('Cannot Processing this instance as JSON stringify.');
return $result;
}
}

128
vendor/overtrue/socialite/src/User.php vendored Normal file
View File

@ -0,0 +1,128 @@
<?php
namespace Overtrue\Socialite;
use ArrayAccess;
use JsonSerializable;
class User implements ArrayAccess, Contracts\UserInterface, JsonSerializable
{
use Traits\HasAttributes;
public function __construct(array $attributes, protected ?Contracts\ProviderInterface $provider = null)
{
$this->attributes = $attributes;
}
public function getId(): mixed
{
return $this->getAttribute(Contracts\ABNF_ID) ?? $this->getEmail();
}
public function getNickname(): ?string
{
return $this->getAttribute(Contracts\ABNF_NICKNAME) ?? $this->getName();
}
public function getName(): ?string
{
return $this->getAttribute(Contracts\ABNF_NAME);
}
public function getEmail(): ?string
{
return $this->getAttribute(Contracts\ABNF_EMAIL);
}
public function getAvatar(): ?string
{
return $this->getAttribute(Contracts\ABNF_AVATAR);
}
public function setAccessToken(string $value): self
{
$this->setAttribute(Contracts\RFC6749_ABNF_ACCESS_TOKEN, $value);
return $this;
}
public function getAccessToken(): ?string
{
return $this->getAttribute(Contracts\RFC6749_ABNF_ACCESS_TOKEN);
}
public function setRefreshToken(?string $value): self
{
$this->setAttribute(Contracts\RFC6749_ABNF_REFRESH_TOKEN, $value);
return $this;
}
public function getRefreshToken(): ?string
{
return $this->getAttribute(Contracts\RFC6749_ABNF_REFRESH_TOKEN);
}
public function setExpiresIn(int $value): self
{
$this->setAttribute(Contracts\RFC6749_ABNF_EXPIRES_IN, $value);
return $this;
}
public function getExpiresIn(): ?int
{
return $this->getAttribute(Contracts\RFC6749_ABNF_EXPIRES_IN);
}
public function setRaw(array $user): self
{
$this->setAttribute('raw', $user);
return $this;
}
public function getRaw(): array
{
return $this->getAttribute('raw', []);
}
public function setTokenResponse(array $response): self
{
$this->setAttribute('token_response', $response);
return $this;
}
public function getTokenResponse(): mixed
{
return $this->getAttribute('token_response');
}
public function jsonSerialize(): array
{
return $this->attributes;
}
public function __serialize(): array
{
return $this->attributes;
}
public function __unserialize(array $serialized): void
{
$this->attributes = $serialized ?: [];
}
public function getProvider(): Contracts\ProviderInterface
{
return $this->provider ?? throw new Exceptions\Exception('The provider instance doesn\'t initialized correctly.');
}
public function setProvider(Contracts\ProviderInterface $provider): self
{
$this->provider = $provider;
return $this;
}
}

213
vendor/overtrue/socialite/tests/OAuthTest.php vendored Normal file
View File

@ -0,0 +1,213 @@
<?php
use Mockery as m;
use Overtrue\Socialite\Providers\Base;
use Overtrue\Socialite\User;
use PHPUnit\Framework\TestCase;
class OAuthTest extends TestCase
{
public function tearDown(): void
{
m::close();
}
public function test_it_can_get_auth_url_without_redirect()
{
$config = [
'client_id' => 'fake_client_id',
'client_secret' => 'fake_client_secret',
];
$provider = new OAuthTestProviderStub($config);
$this->assertSame('http://auth.url?client_id=fake_client_id&scope=info&response_type=code', $provider->redirect());
}
public function test_it_can_get_auth_url_with_redirect()
{
// 手动配置
$config = [
'client_id' => 'fake_client_id',
'client_secret' => 'fake_client_secret',
];
$provider = new OAuthTestProviderStub($config);
$this->assertSame('http://auth.url?client_id=fake_client_id&redirect_uri=fake_redirect&scope=info&response_type=code', $provider->redirect('fake_redirect'));
// 用配置属性配置
$config += ['redirect_url' => 'fake_redirect'];
$provider = new OAuthTestProviderStub($config);
$this->assertSame('http://auth.url?client_id=fake_client_id&redirect_uri=fake_redirect&scope=info&response_type=code', $provider->redirect('fake_redirect'));
}
public function test_it_can_get_auth_url_with_scopes()
{
$config = [
'client_id' => 'fake_client_id',
'client_secret' => 'fake_client_secret',
];
$provider = new OAuthTestProviderStub($config);
$url = $provider->scopes(['test_info', 'test_email'])->redirect();
$this->assertSame('http://auth.url?client_id=fake_client_id&scope=test_info%2Ctest_email&response_type=code', $url);
// 切换scope分割符
$url = $provider->scopes(['test_info', 'test_email'])->withScopeSeparator(' ')->redirect();
$this->assertSame('http://auth.url?client_id=fake_client_id&scope=test_info%20test_email&response_type=code', $url);
}
public function test_it_can_get_auth_url_with_state()
{
$config = [
'client_id' => 'fake_client_id',
'client_secret' => 'fake_client_secret',
];
$provider = new OAuthTestProviderStub($config);
$url = $provider->withState(123456)->redirect();
$this->assertSame('http://auth.url?client_id=fake_client_id&scope=info&response_type=code&state=123456', $url);
}
public function test_it_can_get_token()
{
$config = [
'client_id' => 'fake_client_id',
'client_secret' => 'fake_client_secret',
];
$provider = new OAuthTestProviderStub($config);
$response = m::mock(\Psr\Http\Message\ResponseInterface::class);
$response->shouldReceive('getBody')->andReturn($response);
$response->shouldReceive('__toString')->andReturn(\json_encode([
'access_token' => 'fake_access_token',
'refresh_token' => 'fake_refresh_token',
'expires_in' => 123456,
]));
$provider->getHttpClient()->shouldReceive('post')->with('http://token.url', [
'form_params' => [
'client_id' => 'fake_client_id',
'client_secret' => 'fake_client_secret',
'code' => 'fake_code',
'redirect_uri' => null,
],
'headers' => [
'Accept' => 'application/json',
],
])->andReturn($response);
$this->assertSame([
'access_token' => 'fake_access_token',
'refresh_token' => 'fake_refresh_token',
'expires_in' => 123456,
], $provider->tokenFromCode('fake_code'));
}
public function test_it_can_get_user_by_token()
{
$config = [
'client_id' => 'fake_client_id',
'client_secret' => 'fake_client_secret',
];
$provider = new OAuthTestProviderStub($config);
$user = $provider->userFromToken('fake_access_token');
$this->assertSame('foo', $user->getId());
$this->assertSame(['id' => 'foo'], $user->getRaw());
$this->assertSame('fake_access_token', $user->getAccessToken());
}
public function test_it_can_get_user_by_code()
{
$config = [
'client_id' => 'fake_client_id',
'client_secret' => 'fake_client_secret',
];
$provider = new OAuthTestProviderStub($config);
$response = m::mock(\Psr\Http\Message\ResponseInterface::class);
$response->shouldReceive('getBody')->andReturn($response);
$response->shouldReceive('__toString')->andReturn(\json_encode([
'access_token' => 'fake_access_token',
'refresh_token' => 'fake_refresh_token',
'expires_in' => 123456,
]));
$provider->getHttpClient()->shouldReceive('post')->with('http://token.url', [
'form_params' => [
'client_id' => 'fake_client_id',
'client_secret' => 'fake_client_secret',
'code' => 'fake_code',
'redirect_uri' => null,
],
'headers' => [
'Accept' => 'application/json',
],
])->andReturn($response);
$this->assertSame([
'access_token' => 'fake_access_token',
'refresh_token' => 'fake_refresh_token',
'expires_in' => 123456,
], $provider->tokenFromCode('fake_code'));
$user = $provider->userFromCode('fake_code');
$tokenResponse = [
'access_token' => 'fake_access_token',
'refresh_token' => 'fake_refresh_token',
'expires_in' => 123456,
];
$this->assertSame('foo', $user->getId());
$this->assertSame($tokenResponse, $user->getTokenResponse());
$this->assertSame('fake_access_token', $user->getAccessToken());
$this->assertSame('fake_refresh_token', $user->getRefreshToken());
}
}
class OAuthTestProviderStub extends Base
{
public $http;
protected array $scopes = ['info'];
protected int $encodingType = PHP_QUERY_RFC3986;
protected function getAuthUrl(): string
{
$url = 'http://auth.url';
return $this->buildAuthUrlFromBase($url);
}
protected function getTokenUrl(): string
{
return 'http://token.url';
}
protected function getUserByToken(string $token): array
{
return ['id' => 'foo'];
}
protected function mapUserToObject(array $user): User
{
return new User(['id' => $user['id']]);
}
/**
* Get a fresh instance of the Guzzle HTTP client.
*
* @return \GuzzleHttp\Client
*/
public function getHttpClient(): GuzzleHttp\Client
{
if ($this->http) {
return $this->http;
}
return $this->http = m::mock(\GuzzleHttp\Client::class);
}
}

246
vendor/overtrue/socialite/tests/Providers/FeiShuTest.php vendored Normal file
View File

@ -0,0 +1,246 @@
<?php
namespace Providers;
use GuzzleHttp\Client;
use GuzzleHttp\Handler\MockHandler;
use GuzzleHttp\HandlerStack;
use GuzzleHttp\Psr7\Response;
use Overtrue\Socialite\Exceptions\FeiShu\InvalidTicketException;
use Overtrue\Socialite\Exceptions\InvalidTokenException;
use Overtrue\Socialite\Providers\FeiShu;
use PHPUnit\Framework\TestCase;
class FeiShuTest extends TestCase
{
public function testProviderCanCreateCorrect()
{
// one way
$config = [
'app_id' => 'xxxxx',
'app_secret' => 'yyyyy',
'app_mode' => 'internal',
];
$f = new FeiShu($config);
$rf = new \ReflectionObject($f);
$this->assertEquals('xxxxx', $f->getClientId());
$this->assertEquals('yyyyy', $f->getClientSecret());
$rfProperty = $rf->getProperty('isInternalApp');
$rfProperty->setAccessible(true);
$this->assertEquals(true, $rfProperty->getValue($f));
// diff filed way
$config = [
'client_id' => 'xxxxx',
'client_secret' => 'yyyyy',
'mode' => 'internal',
];
$f = new FeiShu($config);
$rf = new \ReflectionObject($f);
$this->assertEquals('xxxxx', $f->getClientId());
$this->assertEquals('yyyyy', $f->getClientSecret());
$rfProperty = $rf->getProperty('isInternalApp');
$rfProperty->setAccessible(true);
$this->assertEquals(true, $rfProperty->getValue($f));
// no mode config way
$config = [
'client_id' => 'xxxxx',
'client_secret' => 'yyyyy',
];
$f = new FeiShu($config);
$rf = new \ReflectionObject($f);
$this->assertEquals('xxxxx', $f->getClientId());
$this->assertEquals('yyyyy', $f->getClientSecret());
$rfProperty = $rf->getProperty('isInternalApp');
$rfProperty->setAccessible(true);
$this->assertEquals(false, $rfProperty->getValue($f));
}
public function testProviderWithInternalAppModeWork()
{
$config = [
'client_id' => 'xxxxx',
'client_secret' => 'yyyyy',
];
$f = new FeiShu($config);
$rf = new \ReflectionObject($f);
$rfProperty = $rf->getProperty('isInternalApp');
$rfProperty->setAccessible(true);
$f->withInternalAppMode();
$this->assertEquals(true, $rfProperty->getValue($f));
$f->withDefaultMode();
$this->assertEquals(false, $rfProperty->getValue($f));
}
public function testProviderWithAppTicketWork()
{
$config = [
'client_id' => 'xxxxx',
'client_secret' => 'yyyyy',
];
$f = new FeiShu($config);
$f->withAppTicket('app_ticket');
$this->assertEquals('app_ticket', $f->getConfig()->get('app_ticket'));
}
public function testConfigAppAccessTokenWithDefaultModeNoAppTicketWork()
{
$config = [
'client_id' => 'xxxxx',
'client_secret' => 'yyyyy',
];
$f = new FeiShu($config);
$fr = new \ReflectionObject($f);
$frClient = $fr->getProperty('httpClient');
$frClient->setAccessible(true);
$ff = new \ReflectionMethod(FeiShu::class, 'configAppAccessToken');
$mock = new MockHandler([
new Response(403, []),
new Response(200, [], \json_encode([
'app_access_token' => 'app_access_token',
])),
]);
$handler = HandlerStack::create($mock);
$client = new Client(['handler' => $handler]);
$frClient->setValue($f, $client);
$ff->setAccessible(true);
// 默认模式下没有 app_ticket
$this->expectException(InvalidTicketException::class);
$ff->invoke($f);
$ff->invoke($f);
$f->withAppTicket('app_ticket');
$this->assertEquals('app_access_token', $f->getConfig()->get('app_access_token'));
$this->expectException(InvalidTokenException::class);
$ff->invoke($f);
}
public function testConfigAppAccessTokenWithDefaultModeAndAppTicketWorkInBadResponse()
{
$config = [
'client_id' => 'xxxxx',
'client_secret' => 'yyyyy',
];
$f = new FeiShu($config);
$fr = new \ReflectionObject($f);
$frClient = $fr->getProperty('httpClient');
$frClient->setAccessible(true);
$ff = new \ReflectionMethod(FeiShu::class, 'configAppAccessToken');
$mock = new MockHandler([
new Response(200, [], '{}'),
]);
$handler = HandlerStack::create($mock);
$client = new Client(['handler' => $handler]);
$frClient->setValue($f, $client);
$ff->setAccessible(true);
$this->expectException(InvalidTokenException::class);
$ff->invoke($f->withAppTicket('app_ticket'));
}
public function testConfigAppAccessTokenWithDefaultModeAndAppTicketWorkInGoodResponse()
{
$config = [
'client_id' => 'xxxxx',
'client_secret' => 'yyyyy',
];
$f = new FeiShu($config);
$fr = new \ReflectionObject($f);
$frClient = $fr->getProperty('httpClient');
$frClient->setAccessible(true);
$ff = new \ReflectionMethod(FeiShu::class, 'configAppAccessToken');
$mock = new MockHandler([
new Response(200, [], \json_encode([
'app_access_token' => 'app_access_token',
])),
]);
$handler = HandlerStack::create($mock);
$client = new Client(['handler' => $handler]);
$frClient->setValue($f, $client);
$ff->setAccessible(true);
$this->assertEquals(null, $f->getConfig()->get('app_access_token'));
$ff->invoke($f->withAppTicket('app_ticket'));
$this->assertEquals('app_access_token', $f->getConfig()->get('app_access_token'));
}
public function testConfigAppAccessTokenWithInternalInBadResponse()
{
$config = [
'client_id' => 'xxxxx',
'client_secret' => 'yyyyy',
'mode' => 'internal',
];
$f = new FeiShu($config);
$fr = new \ReflectionObject($f);
$frClient = $fr->getProperty('httpClient');
$frClient->setAccessible(true);
$ff = new \ReflectionMethod(FeiShu::class, 'configAppAccessToken');
$mock = new MockHandler([
new Response(200, [], '{}'),
]);
$handler = HandlerStack::create($mock);
$client = new Client(['handler' => $handler]);
$frClient->setValue($f, $client);
$ff->setAccessible(true);
$this->expectException(InvalidTokenException::class);
$ff->invoke($f);
}
public function testConfigAppAccessTokenWithInternalInGoodResponse()
{
$config = [
'client_id' => 'xxxxx',
'client_secret' => 'yyyyy',
'mode' => 'internal',
];
$f = new FeiShu($config);
$fr = new \ReflectionObject($f);
$frClient = $fr->getProperty('httpClient');
$frClient->setAccessible(true);
$ff = new \ReflectionMethod(FeiShu::class, 'configAppAccessToken');
$mock = new MockHandler([
new Response(200, [], \json_encode([
'app_access_token' => 'app_access_token',
])),
]);
$handler = HandlerStack::create($mock);
$client = new Client(['handler' => $handler]);
$frClient->setValue($f, $client);
$ff->setAccessible(true);
$this->assertEquals(null, $f->getConfig()->get('app_access_token'));
$ff->invoke($f);
$this->assertEquals('app_access_token', $f->getConfig()->get('app_access_token'));
}
}

20
vendor/overtrue/socialite/tests/Providers/WeWorkTest.php vendored Normal file
View File

@ -0,0 +1,20 @@
<?php
use Overtrue\Socialite\Providers\WeWork;
use PHPUnit\Framework\TestCase;
class WeWorkTest extends TestCase
{
public function testOAuthUrl()
{
$response = (new WeWork([
'client_id' => 'CORPID',
'client_secret' => 'client_secret',
'redirect' => 'REDIRECT_URI',
]))
->scopes(['snsapi_base'])
->redirect();
$this->assertSame('https://open.weixin.qq.com/connect/oauth2/authorize?appid=CORPID&redirect_uri=REDIRECT_URI&response_type=code&scope=snsapi_base#wechat_redirect', $response);
}
}

120
vendor/overtrue/socialite/tests/Providers/WechatTest.php vendored Normal file
View File

@ -0,0 +1,120 @@
<?php
use Overtrue\Socialite\Providers\WeChat;
use PHPUnit\Framework\TestCase;
// here we need loaded the symbols first.
\class_exists(\Overtrue\Socialite\Contracts\FactoryInterface::class);
class WechatTest extends TestCase
{
public function testWeChatProviderHasCorrectlyRedirectResponse()
{
$response = (new WeChat([
'client_id' => 'client_id',
'client_secret' => 'client_secret',
'redirect_url' => 'http://localhost/socialite/callback.php',
]))->redirect();
$this->assertStringStartsWith('https://open.weixin.qq.com/connect/qrconnect', $response);
$this->assertMatchesRegularExpression('/redirect_uri=http%3A%2F%2Flocalhost%2Fsocialite%2Fcallback.php/', $response);
}
public function testWeChatProviderTokenUrlAndRequestFields()
{
$provider = new WeChat([
'client_id' => 'client_id',
'client_secret' => 'client_secret',
'redirect_url' => 'http://localhost/socialite/callback.php',
]);
$getTokenUrl = new ReflectionMethod(WeChat::class, 'getTokenUrl');
$getTokenUrl->setAccessible(true);
$getTokenFields = new ReflectionMethod(WeChat::class, 'getTokenFields');
$getTokenFields->setAccessible(true);
$getCodeFields = new ReflectionMethod(WeChat::class, 'getCodeFields');
$getCodeFields->setAccessible(true);
$this->assertSame('https://api.weixin.qq.com/sns/oauth2/access_token', $getTokenUrl->invoke($provider));
$this->assertSame([
'appid' => 'client_id',
'secret' => 'client_secret',
'code' => 'iloveyou',
'grant_type' => 'authorization_code',
], $getTokenFields->invoke($provider, 'iloveyou'));
$this->assertSame([
'appid' => 'client_id',
'redirect_uri' => 'http://localhost/socialite/callback.php',
'response_type' => 'code',
'scope' => 'snsapi_login',
'state' => 'wechat-state',
'connect_redirect' => 1,
], $getCodeFields->invoke($provider->withState('wechat-state')));
}
public function testOpenPlatformComponent()
{
$provider = new WeChat([
'client_id' => 'client_id',
'client_secret' => null,
'redirect' => 'redirect-url',
'component' => [
'id' => 'component-app-id',
'token' => 'token',
],
]);
$getTokenUrl = new ReflectionMethod(WeChat::class, 'getTokenUrl');
$getTokenUrl->setAccessible(true);
$getTokenFields = new ReflectionMethod(WeChat::class, 'getTokenFields');
$getTokenFields->setAccessible(true);
$getCodeFields = new ReflectionMethod(WeChat::class, 'getCodeFields');
$getCodeFields->setAccessible(true);
$this->assertSame([
'appid' => 'client_id',
'redirect_uri' => 'redirect-url',
'response_type' => 'code',
'scope' => 'snsapi_base',
'state' => 'state',
'connect_redirect' => 1,
'component_appid' => 'component-app-id',
], $getCodeFields->invoke($provider->withState('state')));
$this->assertSame([
'appid' => 'client_id',
'component_appid' => 'component-app-id',
'component_access_token' => 'token',
'code' => 'simcode',
'grant_type' => 'authorization_code',
], $getTokenFields->invoke($provider, 'simcode'));
$this->assertSame('https://api.weixin.qq.com/sns/oauth2/component/access_token', $getTokenUrl->invoke($provider));
}
public function testOpenPlatformComponentWithCustomParameters()
{
$provider = new WeChat([
'client_id' => 'client_id',
'client_secret' => null,
'redirect' => 'redirect-url',
'component' => [
'id' => 'component-app-id',
'token' => 'token',
],
]);
$getCodeFields = new ReflectionMethod(WeChat::class, 'getCodeFields');
$getCodeFields->setAccessible(true);
$provider->with(['foo' => 'bar']);
$fields = $getCodeFields->invoke($provider->withState('wechat-state'));
$this->assertArrayHasKey('foo', $fields);
$this->assertSame('bar', $fields['foo']);
}
}

109
vendor/overtrue/socialite/tests/SocialiteManagerTest.php vendored Normal file
View File

@ -0,0 +1,109 @@
<?php
use Overtrue\Socialite\Providers\Base;
use Overtrue\Socialite\Providers\GitHub;
use Overtrue\Socialite\SocialiteManager;
use Overtrue\Socialite\User;
use PHPUnit\Framework\TestCase;
class SocialiteManagerTest extends TestCase
{
public function test_it_can_create_from_config()
{
$config = [
'foo' => [
'provider' => 'github',
'client_id' => 'foo-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
'bar' => [
'provider' => 'github',
'client_id' => 'bar-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$manager = new SocialiteManager($config);
$this->assertInstanceOf(GitHub::class, $manager->create('foo'));
$this->assertSame('foo-app-id', $manager->create('foo')->getClientId());
$this->assertInstanceOf(GitHub::class, $manager->create('bar'));
$this->assertSame('bar-app-id', $manager->create('bar')->getClientId());
// from name
$config = [
'github' => [
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$manager = new SocialiteManager($config);
$this->assertInstanceOf(GitHub::class, $manager->create('github'));
$this->assertSame('your-app-id', $manager->create('github')->getClientId());
}
public function test_it_can_create_from_custom_creator()
{
$config = [
'foo' => [
'provider' => 'myprovider',
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$manager = new SocialiteManager($config);
$manager->extend('myprovider', function ($config) {
return new DummyProviderForCustomProviderTest($config);
});
$this->assertInstanceOf(DummyProviderForCustomProviderTest::class, $manager->create('foo'));
}
public function test_it_can_create_from_custom_provider_class()
{
$config = [
'foo' => [
'provider' => DummyProviderForCustomProviderTest::class,
'client_id' => 'your-app-id',
'client_secret' => 'your-app-secret',
'redirect' => 'http://localhost/socialite/callback.php',
],
];
$manager = new SocialiteManager($config);
$this->assertInstanceOf(DummyProviderForCustomProviderTest::class, $manager->create('foo'));
}
}
class DummyProviderForCustomProviderTest extends Base
{
protected function getAuthUrl(): string
{
return '';
}
protected function getTokenUrl(): string
{
return '';
}
protected function getUserByToken(string $token): array
{
return [];
}
protected function mapUserToObject(array $user): User
{
return new User([]);
}
}

51
vendor/overtrue/socialite/tests/UserTest.php vendored Normal file
View File

@ -0,0 +1,51 @@
<?php
use Overtrue\Socialite\User;
use PHPUnit\Framework\TestCase;
class UserTest extends TestCase
{
public function testJsonserialize()
{
$this->assertSame('[]', json_encode(new User([])));
$this->assertSame('{"access_token":"mock-token"}', json_encode(new User(['access_token' => 'mock-token'])));
}
public function test_it_can_get_refresh_token()
{
$user = new User([
'name' => 'fake_name',
'access_token' => 'mock-token',
'refresh_token' => 'fake_refresh',
]);
// 能通过用 User 对象获取 refresh token
$this->assertSame('fake_refresh', $user->getRefreshToken());
$this->assertSame('{"name":"fake_name","access_token":"mock-token","refresh_token":"fake_refresh"}', json_encode($user));
// 无 refresh_token 属性返回 null
$user = new User([]);
$this->assertSame(null, $user->getRefreshToken());
// 能通过 setRefreshToken() 设置
$user->setRefreshToken('fake_refreshToken');
$this->assertSame('fake_refreshToken', $user->getRefreshToken());
$this->assertSame('{"refresh_token":"fake_refreshToken"}', json_encode($user));
}
public function test_it_can_set_raw_data()
{
$user = new User([]);
$data = ['data' => 'raw'];
$user->setRaw($data);
$this->assertSame($data, $user->getRaw());
$this->assertSame(json_encode(['raw' => ['data' => 'raw']]), json_encode($user));
}
public function test_ie_can_get_attribute_by_magic_method()
{
$user = new User(['xx' => 'data']);
$this->assertSame('data', $user->xx);
}
}