teampanfu/oauth2-discord

Discord OAuth 2.0 Client Provider for The PHP League OAuth2-Client

Maintainers

Details

github.com/teampanfu/oauth2-discord

Homepage

Source

Issues

Installs: 48

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 0

v1.0.3 2023-10-17 23:17 UTC

Requires

Requires (Dev)

MIT a4db005997d19a186860949af7db44b45b990484

  • Robin <robin.woop@panfu.us>

authorizationAuthenticationclientoauthoauth2discord

This package is auto-updated.

Last update: 2024-10-18 01:44:17 UTC

README

Latest Version Total Downloads Software License

This package provides Discord OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

Installation

To install, use Composer:

composer require teampanfu/oauth2-discord

Usage

The first step in implementing OAuth2 is registering a developer application and retrieving your client ID and client secret.

Authorization Code Flow

<?php

require __DIR__.'/vendor/autoload.php';

use Panfu\OAuth2\Client\Provider\Discord;

session_start();

$provider = new Discord([
    'clientId' => 'YOUR_CLIENT_ID',
    'clientSecret' => 'YOUR_CLIENT_SECRET',
    'redirectUri' => 'http://localhost/callback-url',
]);

if (!empty($_GET['error'])) {
    // Got an error, probably user denied access
    exit('Got error: '.htmlspecialchars($_GET['error'], ENT_QUOTES, 'UTF-8'));
} else if (empty($_GET['code'])) {
    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: '.$authUrl);
    exit;
} else if (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
    // State is invalid, possible CSRF attack in progress
    unset($_SESSION['oauth2state']);
    exit('Invalid state');
} else {
    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code'],
    ]);

    // Now that you have a token, you can retrieve a user's data
    try {
        $user = $provider->getResourceOwner($token);

        // Depending on which scope you use, you now have access to the user data
        printf('Hello %s#%s!', $user->getUsername(), $user->getDiscriminator());
    } catch (Exception $e) {
        // Failed to get user data
        exit('Something went wrong:'.$e->getMessage());
    }
}

Retrieving User Data

When using the getResourceOwner() method to obtain the user node, it will be returned as a DiscordUser entity.

$user = $provider->getResourceOwner($token);

$id = $user->getId();
var_dump($id);
# string(17) "80351110224678912"

$username = $user->getUsername();
var_dump($username);
# string(5) "Nelly"

$discriminator = $user->getDiscriminator();
var_dump($discriminator);
# string(4) "1337"

$avatar = $user->getAvatar();
var_dump($avatar);
# string(32) "8342729096ea3675442027381ff50dfe"

$isBot = $user->getBot();
var_dump($isBot);
# boolean false

$isSystem = $user->getSystem();
var_dump($isSystem);
# boolean false

$isMfaEnabled = $user->getMfaEnabled();
var_dump($isMfaEnabled);
# boolean true

$banner = $user->getBanner();
var_dump($banner);
# string(32) "06c16474723fe537c283b8efa61a30c8"

$accentColor = $user->getAccentColor();
var_dump($accentColor);
# int 16711680

$locale = $user->getLocale();
var_dump($locale);
# string(5) "en-GB"

$verified = $user->getVerified();
var_dump($verified);
# boolean true

$email = $user->getEmail();
var_dump($email);
# string(17) "nelly@discord.com"

$flags = $user->getFlags();
var_dump($flags);
# int 64

$premiumType = $user->getPremiumType();
var_dump($premiumType);
# int 1

$publicFlags = $user->getPublicFlags();
var_dump($publicFlags);
# int 64

You can also get all the data from the user node as a plain-old PHP array with toArray().

$userData = $user->toArray();

Managing Scopes

When creating the authorization URL, you can specify different scopes.

$options = [
    'scope' => ['identify', 'email', 'guilds.join'],
];

$authUrl = $provider->getAuthorizationUrl($options);

A list of all available scopes can be found in the Discord API documentation.

Client Credentials Grant

Discord provides a client credentials flow for bot developers to get their own bearer tokens for testing purposes. This returns an access token for the bot owner:

$provider = new Discord(...);

try {
    $accessToken = $provider->getAccessToken('client_credentials');
} catch (Exception $e) {
    exit('Something went wrong: '.$e->getMessage());
}

Bot Authorization

To authorize a bot, specify the bot scope and set permissions appropriately:

$provider = new Discord(...);

$options = [
    'scope' => ['bot'],
    'permissions' => 1,
];

$authUrl = $provider->getAuthorizationUrl($options);

header('Location: '.$authUrl);

Testing

$ ./vendor/bin/phpunit

Contribute

If you find a bug or have a suggestion for a feature, feel free to create a new issue or open a pull request.

We are happy about every contribution!

License

This package is open-source software licensed under the MIT License.