startz/oauth2-etsy

Etsy OAuth2 Client Provider for The PHP League OAuth2-Client

Fund package maintenance!
cdburgess

0.0.2 2022-09-15 04:22 UTC

This package is auto-updated.

Last update: 2022-11-16 03:15:38 UTC


README

GitHub tag GitHub license build codecov Packagist Downloads

This package provides Etsy OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

Requirements

The following versions of PHP are supported.

  • PHP 7.3
  • PHP 7.4
  • PHP 8.0

Installation

To install, use composer:

composer require startz/oauth2-etsy

Usage

Usage is the same as The League's OAuth client, using \StartZ\OAuth2\Client\Provider\Etsy as the provider.

Please refer to your Etsy Developer Account for the necessary settings.

Authorization Code Flow

<?php

session_start();

require_once __DIR__ . '/vendor/autoload.php';

$provider = new Startz\OAuth2\Client\Provider\Etsy([
    'clientId'     => '{etsy-apikey-keystring}',
    'clientSecret' => '{etsy-apikey-shared-secret}',
    'redirectUri'  => 'https://example.com/callback-url',
]);

if ( ! isset($_GET['code'])) 
{
    // If we don't have an authorization code then get one
    $preChallenge = $provider->getPreChallenge();
    $authUrl = $provider->getAuthorizationUrl([
        'code_challenge' => $provider->getPKCE($preChallenge),
        'code_challenge_method' => 'S256'
    ]);
    $_SESSION['oauth2state'] = $provider->getState();
    $_SESSION['oauth2code'] = $preChallenge;
    header('Location: ' . $authUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    unset($_SESSION['oauth2state']);
    unset($_SESSION['oauth2code']);
    exit('Invalid state');

} else {
    
    $preChallenge = $_SESSION['oauth2code'];
    $authParams = [
        'code' => $_GET['code'],
        'code_verifier' => $preChallenge,
    ];
    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', $authParams);

    // Optional: Now you have a token you can look up a users profile data
    try {

        // We got an access token, let's now get the user's details
        $user = $provider->getResourceOwner($token);
        printf('Hello %s!', $user->getName());

    } catch (Exception $e) {

        // Failed to get user details
        exit('Error...');
    }

    // Use this to interact with an API on the users behalf
    echo $token->getToken();
}

Testing

Unit Tests

$ ./vendor/bin/phpunit

Code Sniff

$ ./vendor/bin/phpcs src --standard=psr2 -sp