pizdata / oauth2-shopify
Shopify OAuth 2.0 Client Provider for The PHP League OAuth2-Client
Installs: 33 233
Dependents: 0
Suggesters: 0
Security: 0
Stars: 14
Watchers: 3
Forks: 4
Open Issues: 0
Requires
- php: ~5.6|~7.0
- league/oauth2-client: ^2.0
Requires (Dev)
- mockery/mockery: ^0.9.9
- phpunit/phpunit: ~4.0||~5.0
- squizlabs/php_codesniffer: ^2.3
This package is not auto-updated.
Last update: 2024-12-22 04:06:45 UTC
README
Shopify OAuth 2.0 Client Provider.
Install
Via Composer
$ composer require pizdata/oauth2-shopify
Usage
$provider = new Pizdata\OAuth2\Client\Provider\Shopify([ 'clientId' => '{shopify-client-id}', // The client ID assigned to you by the Shopify 'clientSecret' => '{shopify-client-secret}', // The client password assigned to you by the Shopify 'redirectUri' => 'http://localhost/callback', // The redirect URI assigned to you 'shop' => 'pizdata.myshopify.com', // The Shop name ]); // If we don't have an authorization code then get one if (!isset($_GET['code'])) { // Setting up scope $options = [ 'scope' => [ 'read_content', 'write_content', 'read_themes', 'write_themes', 'read_products', 'write_products', 'read_customers', 'write_customers', 'read_orders', 'write_orders', 'read_draft_orders', 'write_draft_orders', 'read_script_tags', 'write_script_tags', 'read_fulfillments', 'write_fulfillments', 'read_shipping', 'write_shipping', 'read_analytics', ] ]; // Fetch the authorization URL from the provider; this returns the // urlAuthorize option and generates and applies any necessary parameters // (e.g. state). $authorizationUrl = $provider->getAuthorizationUrl($options); // Get the state generated for you and store it to the session. $_SESSION['oauth2state'] = $provider->getState(); // Redirect the user to the authorization URL. header('Location: ' . $authorizationUrl); exit; // Check given state against previously stored one to mitigate CSRF attack } elseif (empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])) { if (isset($_SESSION['oauth2state'])) { unset($_SESSION['oauth2state']); } exit('Invalid state'); } else { try { // Try to get an access token using the authorization code grant. $accessToken = $provider->getAccessToken('authorization_code', [ 'code' => $_GET['code'] ]); $store = $provider->getResourceOwner($accessToken); // Access to Store base information echo $store->getName(); echo $store->getEmail(); echo $store->getDomain(); // Use this to interact with an API on the users behalf echo $token->getToken(); } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { // Failed to get the access token or user details. exit($e->getMessage()); } }
Change log
Please see CHANGELOG for more information on what has changed recently.
Testing
$ composer test
Contributing
Please see CONTRIBUTING and CONDUCT for details.
Security
If you discover any security related issues, please email roman+gh@sevastyanov.io instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.