OAuth2Client

Constructs an OAuth client object for the given provider name

Determines whether debug output is enabled or not

Determines whether the dialog with the remote Web server should also be logged or not.

Determine if the current script should be exited.

Call this function after calling the authenticate function and exit your script immediately if this function returns true.

Returns the obtained access token upon successful OAuth authentication.

Call this function to get the obtained access token upon successful OAuth authorization.

Returns the access token secret obtained from the OAuth provider.

If the OAuth protocol version is 1.0 or 1.0a, check this variable to get the obtained access token secret upon successful OAuth authorization.

Returns the timestamp of the expiry of the access token obtained from the OAuth provider.

Check this variable to get the obtained access token expiry time upon successful OAuth authorization. If this variable is empty, that means no expiry time was set.

Returns the type of access token obtained from the OAuth provider.

Check this variable to get the obtained access token type upon successful OAuth authorization.

Returns the original response for the access token request

Check this variable if the OAuth provider returns custom parameters in the request to obtain the access token.

Returns the obtained refresh token upon successful OAuth authentication.

Call this function to get the obtained refresh token upon successful OAuth authorization.

Returns the obtained ID token upon successful OpenID authentication.

Call this function if the OAuth provider returns id_token values.

Returns the HTTP response status returned by the server when calling an API.

Check this variable after calling the callAPI function if the API calls and you need to process the error depending the response status. 200 means no error. 0 means the server response was not retrieved.

Returns the HTTP response headers returned by the server when calling an API.

Check this variable after calling the callAPI function if the API calls and you need to process the error depending the response headers.

Returns the HTTP response header value returned by the server when calling an API for a given header name.

Returns the HTTP response body returned by the server when calling an API.

Check this variable after calling the callAPI function if the API calls and you need to process the error depending the response headers.

Returns the User-Agent used in HTTP requests.

Returns the time of the response of the HTTP request.

Returns the current instance of the OAuthProvider class.

Returns the current instance of the OAuthClientStrategy class.

Enables or disables the debug mode.

Set this variable to true if you need to check what is going on during calls to the class. When enabled, the debug output goes either to the variable debugOutput and the PHP error log.

Enables or disables logging of the dialog with the remote Web server.

Set this variable to true if you want to inspect the data exchange with the OAuth provider.

Sets the name of the file to store log messages.

Set this variable to the path of a file to which log messages will be appended instead of sending to PHP error log when the debug variable is set to true.

Determines if the current script should be exited.

Sets the URL of the current script page that is calling this class.

Sets the identifier of your application registered with the OAuth provider.

Sets the secret value assigned to your application.

Sets access token obtained from the OAuth provider

Sets the access token secret obtained from the OAuth 1.0 or 1.0a provider

Sets the timestamp of the expiry of the access token obtained from the OAuth provider.

Sets the type of access token obtained from the OAuth provider.

Sets the original response for the access token request.

Sets the refresh token obtained from the OAuth provider.

Sets the id_token object from OAuth providers compatible with OpenID Connect.

Sets the HTTP response status returned by the server when calling an API.

Sets the HTTP response headers returned by the server when calling an API.

Sets the HTTP response body returned by the server when calling an API.

Changes the User-Agent used in HTTP requests.

Sets the time of the response of the HTTP request.

Writes a message to the log output if debugging is enabled.

Replaces the placeholders in the URL of the authorization endpoint and returns it.

Replaces the placeholders in the URL of the token endpoint and returns it.

Replaces the placeholders in the URL of the revocation endpoint and returns it.

Returns the value of the state parameter returned by the OAuth provider.

Returns the value of the code returned by the authorization endpoint of the OAuth provider.

Returns the error returned by the OAuth provider.

Returns the denied access token returned by the OAuth provider, if any.

Returns the request token received from the OAuth 1.0(a) provider

Returns the verification code received from the OAuth 1.0(a) provider

Redirect the user browser to a given page.

This function is meant to be only be called from inside the class. By default it issues HTTP 302 response status and sets the redirection location to a given URL. Sub-classes may override this function to implement a different way to redirect the user browser.

Sign the request data in PLAINTEXT, HMAC_SHA1 or RSA_SHA1 using a key composed from the secret client registered with the provider and the oauth token secret returned by the token request endpoint.

For OAuth 1.0 an Oauth 1.0a only.

Sends a HTTP request to the OAuth provider.

Composes a OAuth request to be sent to the OAuth provider.

Sends a OAuth request to the OAuth provider.

Converts the response body of an OAuth request based on the options in the provided argument.

Checks if there is a stored access token

Checks if the stored access token is valid

Send a HTTP request to the Web services API using a previously obtained access token via OAuth.

This function can be used to call an API after having previously obtained an access token through the OAuth protocol using the authenticate function, or by directly setting the variables access_token, as well as access_token_secret in case of using OAuth 1.0 or 1.0a services. The response_status variable returns the HTTP response status of the request. The responseHeaders variable returns the HTTP response headers. The responseBody variable returns the HTTP response body.

Returns the information about the resource owner using a previously obtained access token via OAuth.

This function must be called after having previously obtained an access token through the OAuth protocol using the authenticate function, or by directly setting the variables access_token, as well as access_token_secret in case of using OAuth 1.0 or 1.0a services.

Returns the information about the resource owner.

This function is a high-level function that perform all the necessary actions (initalization, authentication, ...) before requesting the information about the resource owner.

Checks the access token state before calling an API.

Initialize the class variables and internal state. It must be called before calling other class functions.

Set the provider variable before calling this function to let it initialize the class variables to work with the specified provider. Alternatively, you can set other class variables manually to make it work with providers that are not yet built-in supported.

Merges two arrays recursively.

array_merge_recursive does indeed merge arrays, but it converts values with duplicate keys to arrays rather than overwriting the value in the first array with the duplicate value in the second array, as array_merge does. I.e., with array_merge_recursive, this happens

Initializes the options registered with the OAuth provider.

Sends a OAuth request to the discovery endpoint of the OpenID provider in order to obtain the configuration information, which is the list of all endpoints and the list of supported OAuth elements.

Checks that the authenticate method has not already been called

Checks if the user is authenticated with the current OAuth provider.

Call this function if you want to know if the user needs to log in to access the resources he owns without doing so.

Process the OAuth protocol interaction with the OAuth provider.

Call this function when you need to retrieve the OAuth access token. Check the access_token to determine if the access token was obtained successfully.

Check if the access token was retrieved and if it is valid.

Call this function when you need to check of an access token is valid without forcing to redirect the user to the OAuth provider authorization page.

If a previously retrieved access token has expired, this function may renew it automatically.

Reset the access token to a state back when the user has not yet authorized the access to the OAuth provider API.

Call this function if for some reason the token to access the API was revoked and you need to ask the user to authorize the access again.

By default the class stores and retrieves access tokens in a session variable named 'OAUTH_ACCESS_TOKEN'.

This function must be called when the user is accessing your site pages, so it can reset the information stored in session variables that cache the state of a previously retrieved access token.

Actual implementations should create a sub-class and override this function to reset the access token state when it is stored in other types of containers, like for instance databases.

Determines whether the revokeToken function can be called.

Revoke a previously obtained token so it becomes invalid.

Call this function when you need to invalidate a token that you no longer need to use, so it is not used by any other application.

Cleanup any resources that may have been used during the OAuth protocol processing or execution of API calls.

Always call this function as the last step after calling the functions authenticate() or callAPI(...).

Determines whether the logOut function can be called.

Calls the end-session endpoint to notify the provider that the end-user has logged out of the relying party site.

Verifies the claims of an ID token and return them if they are valid

Verifies the signature of an ID token

Prepares and initiates the request for an access or refresh token

Checks if an access token has expired