joseayram / oauth2-lichess
Lichess OAuth 2.0 support for the PHP League's OAuth 2.0 Client
Requires
- php: ^7.4|^8.0
- league/oauth2-client: ^2.0
Requires (Dev)
- mockery/mockery: ^1.5
- phpunit/phpunit: ^9
- squizlabs/php_codesniffer: ^3.6.2
README
This package provides Lichess OAuth 2.0 support for the PHP League's OAuth 2.0 Client.
Installation
To install, use composer:
$ composer require joseayram/oauth2-lichess
Usage
Usage is just the same as The League's OAuth client, using \CrudSys\OAuth2\Client\Provider\Lichess as the provider.
Authorization Code Flow
require_once 'oauth2-lichess/vendor/autoload.php'; session_start(); use CrudSys\OAuth2\Client\Provider\Lichess; $clientId = 'api-lichess-test'; $clientSecret = '{your-secret-client}'; $redirectUri = '{your-redirect-uri}'; if (!isset($_SESSION['codeVerifier'])) { $verifier = createVerifier(); $_SESSION['codeVerifier'] = $verifier; } else { $verifier = $_SESSION['codeVerifier']; } $provider = new Lichess([ 'clientId' => $clientId, 'clientSecret' => $clientSecret, 'redirectUri' => $redirectUri, ]); if (!isset($_GET['code']) && !isset($_GET['error'])) { $challenge = createChallenge($verifier); // If we don't have an authorization code then get one $authUrl = $provider->getAuthorizationUrl([ 'code_challenge' => $challenge, ]); $_SESSION['oauth2state'] = $provider->getState(); echo "<a href='{$authUrl}'>Login with Lichess</a>"; } elseif ((isset($_GET['error']) && !empty($_GET['error']) ) && (isset($_GET['error_description']) && !empty($_GET['error_description']) ) ) { unset($_SESSION['oauth2state']); exit($_GET['error'].': '.$_GET['error_description']); } elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) { unset($_SESSION['oauth2state']); exit('Invalid state, make sure HTTP sessions are enabled.'); } else { // Try to get an access token (using the authorization code grant) try { $token = $provider->getAccessToken('authorization_code', [ 'code' => $_GET['code'], 'code_verifier' => $_SESSION['codeVerifier'], ]); } catch (\Exception $e) { exit('Failed to get access token: '.$e->getMessage()); } // Optional: Now you have a token you can look up a users profile data try { // We got an access token, let's now get the user's details $user = $provider->getResourceOwner($token); // Use these details to create a new profile printf('Hello %s!\n<br>', $user->getUsername()); echo "<pre>" . print_r($user, true) . "</pre>"; } catch (\Exception $e) { exit('Failed to get resource owner: '.$e->getMessage()); } // Use this to interact with an API on the users behalf echo $token->getToken(); }
Managing Scopes
You can add extra scopes by passing them to the getAuthorizationUrl() method
$options = [ 'scope' => [Lichess::SCOPE_EMAIL, Lichess::SCOPE_PREFERENCE_READ] ]; $authorizationUrl = $provider->getAuthorizationUrl($options);
If no scopes are passed, only public is used
At the time of authoring this documentation, the following scopes are available.
PREFERENCE_READRead your preferences.PREFERENCE_WRITEWrite your preferences.EMAILRead your email address.CHALLENGE_READRead incoming challenges.CHALLENGE_WRITECreate, accept, decline challenges.CHALLENGE_BULKCreate, delete, query bulk pairings.
Testing
$ ./vendor/bin/phpunit
Changelog
Please see our changelog file for details.
Credits
Special thanks to all creators of the others oauth2 client's third-party packages I learnt a lot of them.
Contributing
Please see our contributing guidelines for details.
License
The MIT License (MIT). Please see License File for more information.