solocla/trf_certest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vendor and env first commit

Browse Source
This commit is contained in:
Claudio
2025-03-28 08:52:46 +01:00
parent f8388bc81b
commit 8f26283832
10976 changed files with 1349952 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
vendor/laravel/socialite/src/Two/AbstractProvider.php
Vendored
+587
View File
@@ -0,0 +1,587 @@
<?php
namespace Laravel\Socialite\Two;
use GuzzleHttp\Client;
use GuzzleHttp\RequestOptions;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;
use Illuminate\Support\Str;
use Laravel\Socialite\Contracts\Provider as ProviderContract;
abstract class AbstractProvider implements ProviderContract
{
/**
* The HTTP request instance.
*
* @var \Illuminate\Http\Request
*/
protected $request;
/**
* The HTTP Client instance.
*
* @var \GuzzleHttp\Client
*/
protected $httpClient;
/**
* The client ID.
*
* @var string
*/
protected $clientId;
/**
* The client secret.
*
* @var string
*/
protected $clientSecret;
/**
* The redirect URL.
*
* @var string
*/
protected $redirectUrl;
/**
* The custom parameters to be sent with the request.
*
* @var array
*/
protected $parameters = [];
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = [];
/**
* The separating character for the requested scopes.
*
* @var string
*/
protected $scopeSeparator = ',';
/**
* The type of the encoding in the query.
*
* @var int Can be either PHP_QUERY_RFC3986 or PHP_QUERY_RFC1738.
*/
protected $encodingType = PHP_QUERY_RFC1738;
/**
* Indicates if the session state should be utilized.
*
* @var bool
*/
protected $stateless = false;
/**
* Indicates if PKCE should be used.
*
* @var bool
*/
protected $usesPKCE = false;
/**
* The custom Guzzle configuration options.
*
* @var array
*/
protected $guzzle = [];
/**
* The cached user instance.
*
* @var \Laravel\Socialite\Two\User|null
*/
protected $user;
/**
* Create a new provider instance.
*
* @param \Illuminate\Http\Request $request
* @param string $clientId
* @param string $clientSecret
* @param string $redirectUrl
* @param array $guzzle
* @return void
*/
public function __construct(Request $request, $clientId, $clientSecret, $redirectUrl, $guzzle = [])
{
$this->guzzle = $guzzle;
$this->request = $request;
$this->clientId = $clientId;
$this->redirectUrl = $redirectUrl;
$this->clientSecret = $clientSecret;
}
/**
* Get the authentication URL for the provider.
*
* @param string $state
* @return string
*/
abstract protected function getAuthUrl($state);
/**
* Get the token URL for the provider.
*
* @return string
*/
abstract protected function getTokenUrl();
/**
* Get the raw user for the given access token.
*
* @param string $token
* @return array
*/
abstract protected function getUserByToken($token);
/**
* Map the raw user array to a Socialite User instance.
*
* @param array $user
* @return \Laravel\Socialite\Two\User
*/
abstract protected function mapUserToObject(array $user);
/**
* Redirect the user of the application to the provider's authentication screen.
*
* @return \Illuminate\Http\RedirectResponse
*/
public function redirect()
{
$state = null;
if ($this->usesState()) {
$this->request->session()->put('state', $state = $this->getState());
}
if ($this->usesPKCE()) {
$this->request->session()->put('code_verifier', $this->getCodeVerifier());
}
return new RedirectResponse($this->getAuthUrl($state));
}
/**
* Build the authentication URL for the provider from the given base URL.
*
* @param string $url
* @param string $state
* @return string
*/
protected function buildAuthUrlFromBase($url, $state)
{
return $url.'?'.http_build_query($this->getCodeFields($state), '', '&', $this->encodingType);
}
/**
* Get the GET parameters for the code request.
*
* @param string|null $state
* @return array
*/
protected function getCodeFields($state = null)
{
$fields = [
'client_id' => $this->clientId,
'redirect_uri' => $this->redirectUrl,
'scope' => $this->formatScopes($this->getScopes(), $this->scopeSeparator),
'response_type' => 'code',
];
if ($this->usesState()) {
$fields['state'] = $state;
}
if ($this->usesPKCE()) {
$fields['code_challenge'] = $this->getCodeChallenge();
$fields['code_challenge_method'] = $this->getCodeChallengeMethod();
}
return array_merge($fields, $this->parameters);
}
/**
* Format the given scopes.
*
* @param array $scopes
* @param string $scopeSeparator
* @return string
*/
protected function formatScopes(array $scopes, $scopeSeparator)
{
return implode($scopeSeparator, $scopes);
}
/**
* {@inheritdoc}
*/
public function user()
{
if ($this->user) {
return $this->user;
}
if ($this->hasInvalidState()) {
throw new InvalidStateException;
}
$response = $this->getAccessTokenResponse($this->getCode());
$user = $this->getUserByToken(Arr::get($response, 'access_token'));
return $this->userInstance($response, $user);
}
/**
* Create a user instance from the given data.
*
* @param array $response
* @param array $user
* @return \Laravel\Socialite\Two\User
*/
protected function userInstance(array $response, array $user)
{
$this->user = $this->mapUserToObject($user);
return $this->user->setToken(Arr::get($response, 'access_token'))
->setRefreshToken(Arr::get($response, 'refresh_token'))
->setExpiresIn(Arr::get($response, 'expires_in'))
->setApprovedScopes(explode($this->scopeSeparator, Arr::get($response, 'scope', '')));
}
/**
* Get a Social User instance from a known access token.
*
* @param string $token
* @return \Laravel\Socialite\Two\User
*/
public function userFromToken($token)
{
$user = $this->mapUserToObject($this->getUserByToken($token));
return $user->setToken($token);
}
/**
* Determine if the current request / session has a mismatching "state".
*
* @return bool
*/
protected function hasInvalidState()
{
if ($this->isStateless()) {
return false;
}
$state = $this->request->session()->pull('state');
return empty($state) || $this->request->input('state') !== $state;
}
/**
* Get the access token response for the given code.
*
* @param string $code
* @return array
*/
public function getAccessTokenResponse($code)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::HEADERS => $this->getTokenHeaders($code),
RequestOptions::FORM_PARAMS => $this->getTokenFields($code),
]);
return json_decode($response->getBody(), true);
}
/**
* Get the headers for the access token request.
*
* @param string $code
* @return array
*/
protected function getTokenHeaders($code)
{
return ['Accept' => 'application/json'];
}
/**
* Get the POST fields for the token request.
*
* @param string $code
* @return array
*/
protected function getTokenFields($code)
{
$fields = [
'grant_type' => 'authorization_code',
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'code' => $code,
'redirect_uri' => $this->redirectUrl,
];
if ($this->usesPKCE()) {
$fields['code_verifier'] = $this->request->session()->pull('code_verifier');
}
return array_merge($fields, $this->parameters);
}
/**
* Refresh a user's access token with a refresh token.
*
* @param string $refreshToken
* @return \Laravel\Socialite\Two\Token
*/
public function refreshToken($refreshToken)
{
$response = $this->getRefreshTokenResponse($refreshToken);
return new Token(
Arr::get($response, 'access_token'),
Arr::get($response, 'refresh_token'),
Arr::get($response, 'expires_in'),
explode($this->scopeSeparator, Arr::get($response, 'scope', ''))
);
}
/**
* Get the refresh token response for the given refresh token.
*
* @param string $refreshToken
* @return array
*/
protected function getRefreshTokenResponse($refreshToken)
{
return json_decode($this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::HEADERS => ['Accept' => 'application/json'],
RequestOptions::FORM_PARAMS => [
'grant_type' => 'refresh_token',
'refresh_token' => $refreshToken,
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
],
])->getBody(), true);
}
/**
* Get the code from the request.
*
* @return string
*/
protected function getCode()
{
return $this->request->input('code');
}
/**
* Merge the scopes of the requested access.
*
* @param array|string $scopes
* @return $this
*/
public function scopes($scopes)
{
$this->scopes = array_unique(array_merge($this->scopes, (array) $scopes));
return $this;
}
/**
* Set the scopes of the requested access.
*
* @param array|string $scopes
* @return $this
*/
public function setScopes($scopes)
{
$this->scopes = array_unique((array) $scopes);
return $this;
}
/**
* Get the current scopes.
*
* @return array
*/
public function getScopes()
{
return $this->scopes;
}
/**
* Set the redirect URL.
*
* @param string $url
* @return $this
*/
public function redirectUrl($url)
{
$this->redirectUrl = $url;
return $this;
}
/**
* Get a instance of the Guzzle HTTP client.
*
* @return \GuzzleHttp\Client
*/
protected function getHttpClient()
{
if (is_null($this->httpClient)) {
$this->httpClient = new Client($this->guzzle);
}
return $this->httpClient;
}
/**
* Set the Guzzle HTTP client instance.
*
* @param \GuzzleHttp\Client $client
* @return $this
*/
public function setHttpClient(Client $client)
{
$this->httpClient = $client;
return $this;
}
/**
* Set the request instance.
*
* @param \Illuminate\Http\Request $request
* @return $this
*/
public function setRequest(Request $request)
{
$this->request = $request;
return $this;
}
/**
* Determine if the provider is operating with state.
*
* @return bool
*/
protected function usesState()
{
return ! $this->stateless;
}
/**
* Determine if the provider is operating as stateless.
*
* @return bool
*/
protected function isStateless()
{
return $this->stateless;
}
/**
* Indicates that the provider should operate as stateless.
*
* @return $this
*/
public function stateless()
{
$this->stateless = true;
return $this;
}
/**
* Get the string used for session state.
*
* @return string
*/
protected function getState()
{
return Str::random(40);
}
/**
* Determine if the provider uses PKCE.
*
* @return bool
*/
protected function usesPKCE()
{
return $this->usesPKCE;
}
/**
* Enables PKCE for the provider.
*
* @return $this
*/
public function enablePKCE()
{
$this->usesPKCE = true;
return $this;
}
/**
* Generates a random string of the right length for the PKCE code verifier.
*
* @return string
*/
protected function getCodeVerifier()
{
return Str::random(96);
}
/**
* Generates the PKCE code challenge based on the PKCE code verifier in the session.
*
* @return string
*/
protected function getCodeChallenge()
{
$hashed = hash('sha256', $this->request->session()->get('code_verifier'), true);
return rtrim(strtr(base64_encode($hashed), '+/', '-_'), '=');
}
/**
* Returns the hash method used to calculate the PKCE code challenge.
*
* @return string
*/
protected function getCodeChallengeMethod()
{
return 'S256';
}
/**
* Set the custom parameters of the request.
*
* @param array $parameters
* @return $this
*/
public function with(array $parameters)
{
$this->parameters = $parameters;
return $this;
}
}
vendor/laravel/socialite/src/Two/BitbucketProvider.php
Vendored
+114
View File
@@ -0,0 +1,114 @@
<?php
namespace Laravel\Socialite\Two;
use Exception;
use GuzzleHttp\RequestOptions;
use Illuminate\Support\Arr;
class BitbucketProvider extends AbstractProvider implements ProviderInterface
{
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['email'];
/**
* The separating character for the requested scopes.
*
* @var string
*/
protected $scopeSeparator = ' ';
/**
* {@inheritdoc}
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://bitbucket.org/site/oauth2/authorize', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return 'https://bitbucket.org/site/oauth2/access_token';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$response = $this->getHttpClient()->get('https://api.bitbucket.org/2.0/user', [
RequestOptions::QUERY => ['access_token' => $token],
]);
$user = json_decode($response->getBody(), true);
if (in_array('email', $this->scopes, true)) {
$user['email'] = $this->getEmailByToken($token);
}
return $user;
}
/**
* Get the email for the given access token.
*
* @param string $token
* @return string|null
*/
protected function getEmailByToken($token)
{
$emailsUrl = 'https://api.bitbucket.org/2.0/user/emails?access_token='.$token;
try {
$response = $this->getHttpClient()->get($emailsUrl);
} catch (Exception $e) {
return;
}
$emails = json_decode($response->getBody(), true);
foreach ($emails['values'] as $email) {
if ($email['type'] === 'email' && $email['is_primary'] && $email['is_confirmed']) {
return $email['email'];
}
}
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => $user['uuid'],
'nickname' => $user['username'],
'name' => Arr::get($user, 'display_name'),
'email' => Arr::get($user, 'email'),
'avatar' => Arr::get($user, 'links.avatar.href'),
]);
}
/**
* Get the access token for the given code.
*
* @param string $code
* @return string
*/
public function getAccessToken($code)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::AUTH => [$this->clientId, $this->clientSecret],
RequestOptions::HEADERS => ['Accept' => 'application/json'],
RequestOptions::FORM_PARAMS => $this->getTokenFields($code),
]);
return json_decode($response->getBody(), true)['access_token'];
}
}
vendor/laravel/socialite/src/Two/FacebookProvider.php
Vendored
+283
View File
@@ -0,0 +1,283 @@
<?php
namespace Laravel\Socialite\Two;
use Exception;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use GuzzleHttp\RequestOptions;
use Illuminate\Support\Arr;
use phpseclib3\Crypt\RSA;
use phpseclib3\Math\BigInteger;
class FacebookProvider extends AbstractProvider implements ProviderInterface
{
/**
* The base Facebook Graph URL.
*
* @var string
*/
protected $graphUrl = 'https://graph.facebook.com';
/**
* The Graph API version for the request.
*
* @var string
*/
protected $version = 'v3.3';
/**
* The user fields being requested.
*
* @var array
*/
protected $fields = ['name', 'email', 'gender', 'verified', 'link'];
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['email'];
/**
* Display the dialog in a popup view.
*
* @var bool
*/
protected $popup = false;
/**
* Re-request a declined permission.
*
* @var bool
*/
protected $reRequest = false;
/**
* The access token that was last used to retrieve a user.
*
* @var string|null
*/
protected $lastToken;
/**
* {@inheritdoc}
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://www.facebook.com/'.$this->version.'/dialog/oauth', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return $this->graphUrl.'/'.$this->version.'/oauth/access_token';
}
/**
* {@inheritdoc}
*/
public function getAccessTokenResponse($code)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::FORM_PARAMS => $this->getTokenFields($code),
]);
$data = json_decode($response->getBody(), true);
return Arr::add($data, 'expires_in', Arr::pull($data, 'expires'));
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$this->lastToken = $token;
return $this->getUserByOIDCToken($token) ??
$this->getUserFromAccessToken($token);
}
/**
* Get user based on the OIDC token.
*
* @param string $token
* @return array
*/
protected function getUserByOIDCToken($token)
{
$kid = json_decode(base64_decode(explode('.', $token)[0]), true)['kid'] ?? null;
if ($kid === null) {
return null;
}
$data = (array) JWT::decode($token, $this->getPublicKeyOfOIDCToken($kid));
throw_if($data['aud'] !== $this->clientId, new Exception('Token has incorrect audience.'));
throw_if($data['iss'] !== 'https://www.facebook.com', new Exception('Token has incorrect issuer.'));
$data['id'] = $data['sub'];
if (isset($data['given_name'])) {
$data['first_name'] = $data['given_name'];
}
if (isset($data['family_name'])) {
$data['last_name'] = $data['family_name'];
}
return $data;
}
/**
* Get the public key to verify the signature of OIDC token.
*
* @param string $id
* @return \Firebase\JWT\Key
*/
protected function getPublicKeyOfOIDCToken(string $kid)
{
$response = $this->getHttpClient()->get('https://limited.facebook.com/.well-known/oauth/openid/jwks/');
$key = Arr::first(json_decode($response->getBody()->getContents(), true)['keys'], function ($key) use ($kid) {
return $key['kid'] === $kid;
});
$key['n'] = new BigInteger(JWT::urlsafeB64Decode($key['n']), 256);
$key['e'] = new BigInteger(JWT::urlsafeB64Decode($key['e']), 256);
return new Key((string) RSA::load($key), 'RS256');
}
/**
* Get user based on the access token.
*
* @param string $token
* @return array
*/
protected function getUserFromAccessToken($token)
{
$params = [
'access_token' => $token,
'fields' => implode(',', $this->fields),
];
if (! empty($this->clientSecret)) {
$params['appsecret_proof'] = hash_hmac('sha256', $token, $this->clientSecret);
}
$response = $this->getHttpClient()->get($this->graphUrl.'/'.$this->version.'/me', [
RequestOptions::HEADERS => [
'Accept' => 'application/json',
],
RequestOptions::QUERY => $params,
]);
return json_decode($response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
if (! isset($user['sub'])) {
$avatarUrl = $this->graphUrl.'/'.$this->version.'/'.$user['id'].'/picture';
$avatarOriginalUrl = $avatarUrl.'?width=1920';
}
return (new User)->setRaw($user)->map([
'id' => $user['id'],
'nickname' => null,
'name' => $user['name'] ?? null,
'email' => $user['email'] ?? null,
'avatar' => $avatarUrl ?? $user['picture'] ?? null,
'avatar_original' => $avatarOriginalUrl ?? $user['picture'] ?? null,
'profileUrl' => $user['link'] ?? null,
]);
}
/**
* {@inheritdoc}
*/
protected function getCodeFields($state = null)
{
$fields = parent::getCodeFields($state);
if ($this->popup) {
$fields['display'] = 'popup';
}
if ($this->reRequest) {
$fields['auth_type'] = 'rerequest';
}
return $fields;
}
/**
* Set the user fields to request from Facebook.
*
* @param array $fields
* @return $this
*/
public function fields(array $fields)
{
$this->fields = $fields;
return $this;
}
/**
* Set the dialog to be displayed as a popup.
*
* @return $this
*/
public function asPopup()
{
$this->popup = true;
return $this;
}
/**
* Re-request permissions which were previously declined.
*
* @return $this
*/
public function reRequest()
{
$this->reRequest = true;
return $this;
}
/**
* Get the last access token used.
*
* @return string|null
*/
public function lastToken()
{
return $this->lastToken;
}
/**
* Specify which graph version should be used.
*
* @param string $version
* @return $this
*/
public function usingGraphVersion(string $version)
{
$this->version = $version;
return $this;
}
}
vendor/laravel/socialite/src/Two/GithubProvider.php
Vendored
+109
View File
@@ -0,0 +1,109 @@
<?php
namespace Laravel\Socialite\Two;
use Exception;
use GuzzleHttp\RequestOptions;
use Illuminate\Support\Arr;
class GithubProvider extends AbstractProvider implements ProviderInterface
{
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['user:email'];
/**
* {@inheritdoc}
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://github.com/login/oauth/authorize', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return 'https://github.com/login/oauth/access_token';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$userUrl = 'https://api.github.com/user';
$response = $this->getHttpClient()->get(
$userUrl, $this->getRequestOptions($token)
);
$user = json_decode($response->getBody(), true);
if (in_array('user:email', $this->scopes, true)) {
$user['email'] = $this->getEmailByToken($token);
}
return $user;
}
/**
* Get the email for the given access token.
*
* @param string $token
* @return string|null
*/
protected function getEmailByToken($token)
{
$emailsUrl = 'https://api.github.com/user/emails';
try {
$response = $this->getHttpClient()->get(
$emailsUrl, $this->getRequestOptions($token)
);
} catch (Exception $e) {
return;
}
foreach (json_decode($response->getBody(), true) as $email) {
if ($email['primary'] && $email['verified']) {
return $email['email'];
}
}
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => $user['id'],
'nodeId' => $user['node_id'],
'nickname' => $user['login'],
'name' => Arr::get($user, 'name'),
'email' => Arr::get($user, 'email'),
'avatar' => $user['avatar_url'],
]);
}
/**
* Get the default options for an HTTP request.
*
* @param string $token
* @return array
*/
protected function getRequestOptions($token)
{
return [
RequestOptions::HEADERS => [
'Accept' => 'application/vnd.github.v3+json',
'Authorization' => 'token '.$token,
],
];
}
}
vendor/laravel/socialite/src/Two/GitlabProvider.php
Vendored
+86
View File
@@ -0,0 +1,86 @@
<?php
namespace Laravel\Socialite\Two;
use GuzzleHttp\RequestOptions;
class GitlabProvider extends AbstractProvider implements ProviderInterface
{
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['read_user'];
/**
* The separating character for the requested scopes.
*
* @var string
*/
protected $scopeSeparator = ' ';
/**
* The Gitlab instance host.
*
* @var string
*/
protected $host = 'https://gitlab.com';
/**
* Set the Gitlab instance host.
*
* @param string|null $host
* @return $this
*/
public function setHost($host)
{
if (! empty($host)) {
$this->host = rtrim($host, '/');
}
return $this;
}
/**
* {@inheritdoc}
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase($this->host.'/oauth/authorize', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return $this->host.'/oauth/token';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$response = $this->getHttpClient()->get($this->host.'/api/v3/user', [
RequestOptions::QUERY => ['access_token' => $token],
]);
return json_decode($response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => $user['id'],
'nickname' => $user['username'],
'name' => $user['name'],
'email' => $user['email'],
'avatar' => $user['avatar_url'],
]);
}
}
vendor/laravel/socialite/src/Two/GoogleProvider.php
Vendored
+96
View File
@@ -0,0 +1,96 @@
<?php
namespace Laravel\Socialite\Two;
use GuzzleHttp\RequestOptions;
use Illuminate\Support\Arr;
class GoogleProvider extends AbstractProvider implements ProviderInterface
{
/**
* The separating character for the requested scopes.
*
* @var string
*/
protected $scopeSeparator = ' ';
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = [
'openid',
'profile',
'email',
];
/**
* {@inheritdoc}
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://accounts.google.com/o/oauth2/auth', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return 'https://www.googleapis.com/oauth2/v4/token';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$response = $this->getHttpClient()->get('https://www.googleapis.com/oauth2/v3/userinfo', [
RequestOptions::QUERY => [
'prettyPrint' => 'false',
],
RequestOptions::HEADERS => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
]);
return json_decode((string) $response->getBody(), true);
}
/**
* {@inheritdoc}
*/
public function refreshToken($refreshToken)
{
$response = $this->getRefreshTokenResponse($refreshToken);
return new Token(
Arr::get($response, 'access_token'),
Arr::get($response, 'refresh_token', $refreshToken),
Arr::get($response, 'expires_in'),
explode($this->scopeSeparator, Arr::get($response, 'scope', ''))
);
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
// Deprecated: Fields added to keep backwards compatibility in 4.0. These will be removed in 5.0
$user['id'] = Arr::get($user, 'sub');
$user['verified_email'] = Arr::get($user, 'email_verified');
$user['link'] = Arr::get($user, 'profile');
return (new User)->setRaw($user)->map([
'id' => Arr::get($user, 'sub'),
'nickname' => Arr::get($user, 'nickname'),
'name' => Arr::get($user, 'name'),
'email' => Arr::get($user, 'email'),
'avatar' => $avatarUrl = Arr::get($user, 'picture'),
'avatar_original' => $avatarUrl,
]);
}
}
vendor/laravel/socialite/src/Two/InvalidStateException.php
Vendored
+10
View File
@@ -0,0 +1,10 @@
<?php
namespace Laravel\Socialite\Two;
use InvalidArgumentException;
class InvalidStateException extends InvalidArgumentException
{
//
}
vendor/laravel/socialite/src/Two/LinkedInOpenIdProvider.php
Vendored
+84
View File
@@ -0,0 +1,84 @@
<?php
namespace Laravel\Socialite\Two;
use GuzzleHttp\RequestOptions;
class LinkedInOpenIdProvider extends AbstractProvider implements ProviderInterface
{
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['openid', 'profile', 'email'];
/**
* The separating character for the requested scopes.
*
* @var string
*/
protected $scopeSeparator = ' ';
/**
* {@inheritdoc}
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://www.linkedin.com/oauth/v2/authorization', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return 'https://www.linkedin.com/oauth/v2/accessToken';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
return $this->getBasicProfile($token);
}
/**
* Get the basic profile fields for the user.
*
* @param string $token
* @return array
*/
protected function getBasicProfile($token)
{
$response = $this->getHttpClient()->get('https://api.linkedin.com/v2/userinfo', [
RequestOptions::HEADERS => [
'Authorization' => 'Bearer '.$token,
'X-RestLi-Protocol-Version' => '2.0.0',
],
RequestOptions::QUERY => [
'projection' => '(sub,email,name,given_name,family_name,picture)',
],
]);
return (array) json_decode($response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => $user['sub'],
'nickname' => null,
'name' => $user['name'],
'first_name' => $user['given_name'],
'last_name' => $user['family_name'],
'email' => $user['email'] ?? null,
'avatar' => $user['picture'] ?? null,
'avatar_original' => $user['picture'] ?? null,
]);
}
}
vendor/laravel/socialite/src/Two/LinkedInProvider.php
Vendored
+134
View File
@@ -0,0 +1,134 @@
<?php
namespace Laravel\Socialite\Two;
use GuzzleHttp\RequestOptions;
use Illuminate\Support\Arr;
class LinkedInProvider extends AbstractProvider implements ProviderInterface
{
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['r_liteprofile', 'r_emailaddress'];
/**
* The separating character for the requested scopes.
*
* @var string
*/
protected $scopeSeparator = ' ';
/**
* {@inheritdoc}
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://www.linkedin.com/oauth/v2/authorization', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return 'https://www.linkedin.com/oauth/v2/accessToken';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$basicProfile = $this->getBasicProfile($token);
$emailAddress = $this->getEmailAddress($token);
return array_merge($basicProfile, $emailAddress);
}
/**
* Get the basic profile fields for the user.
*
* @param string $token
* @return array
*/
protected function getBasicProfile($token)
{
$fields = ['id', 'firstName', 'lastName', 'profilePicture(displayImage~:playableStreams)'];
if (in_array('r_liteprofile', $this->getScopes())) {
array_push($fields, 'vanityName');
}
$response = $this->getHttpClient()->get('https://api.linkedin.com/v2/me', [
RequestOptions::HEADERS => [
'Authorization' => 'Bearer '.$token,
'X-RestLi-Protocol-Version' => '2.0.0',
],
RequestOptions::QUERY => [
'projection' => '('.implode(',', $fields).')',
],
]);
return (array) json_decode($response->getBody(), true);
}
/**
* Get the email address for the user.
*
* @param string $token
* @return array
*/
protected function getEmailAddress($token)
{
$response = $this->getHttpClient()->get('https://api.linkedin.com/v2/emailAddress', [
RequestOptions::HEADERS => [
'Authorization' => 'Bearer '.$token,
'X-RestLi-Protocol-Version' => '2.0.0',
],
RequestOptions::QUERY => [
'q' => 'members',
'projection' => '(elements*(handle~))',
],
]);
return (array) Arr::get((array) json_decode($response->getBody(), true), 'elements.0.handle~');
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
$preferredLocale = Arr::get($user, 'firstName.preferredLocale.language').'_'.Arr::get($user, 'firstName.preferredLocale.country');
$firstName = Arr::get($user, 'firstName.localized.'.$preferredLocale);
$lastName = Arr::get($user, 'lastName.localized.'.$preferredLocale);
$images = (array) Arr::get($user, 'profilePicture.displayImage~.elements', []);
$avatar = Arr::first($images, function ($image) {
return (
$image['data']['com.linkedin.digitalmedia.mediaartifact.StillImage']['storageSize']['width'] ??
$image['data']['com.linkedin.digitalmedia.mediaartifact.StillImage']['displaySize']['width']
) === 100;
});
$originalAvatar = Arr::first($images, function ($image) {
return (
$image['data']['com.linkedin.digitalmedia.mediaartifact.StillImage']['storageSize']['width'] ??
$image['data']['com.linkedin.digitalmedia.mediaartifact.StillImage']['displaySize']['width']
) === 800;
});
return (new User)->setRaw($user)->map([
'id' => $user['id'],
'nickname' => null,
'name' => $firstName.' '.$lastName,
'first_name' => $firstName,
'last_name' => $lastName,
'email' => Arr::get($user, 'emailAddress'),
'avatar' => Arr::get($avatar, 'identifiers.0.identifier'),
'avatar_original' => Arr::get($originalAvatar, 'identifiers.0.identifier'),
]);
}
}
vendor/laravel/socialite/src/Two/ProviderInterface.php
Vendored
+20
View File
@@ -0,0 +1,20 @@
<?php
namespace Laravel\Socialite\Two;
interface ProviderInterface
{
/**
* Redirect the user to the authentication page for the provider.
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse
*/
public function redirect();
/**
* Get the User instance for the authenticated user.
*
* @return \Laravel\Socialite\Two\User
*/
public function user();
}
vendor/laravel/socialite/src/Two/SlackOpenIdProvider.php
Vendored
+66
View File
@@ -0,0 +1,66 @@
<?php
namespace Laravel\Socialite\Two;
use GuzzleHttp\RequestOptions;
use Illuminate\Support\Arr;
class SlackOpenIdProvider extends AbstractProvider implements ProviderInterface
{
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['openid', 'email', 'profile'];
/**
* The separating character for the requested scopes.
*
* @var string
*/
protected $scopeSeparator = ' ';
/**
* {@inheritdoc}
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://slack.com/openid/connect/authorize', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return 'https://slack.com/api/openid.connect.token';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$response = $this->getHttpClient()->get('https://slack.com/api/openid.connect.userInfo', [
RequestOptions::HEADERS => ['Authorization' => 'Bearer '.$token],
]);
return json_decode($response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => Arr::get($user, 'sub'),
'nickname' => null,
'name' => Arr::get($user, 'name'),
'email' => Arr::get($user, 'email'),
'avatar' => Arr::get($user, 'picture'),
'organization_id' => Arr::get($user, 'https://slack.com/team_id'),
]);
}
}
vendor/laravel/socialite/src/Two/SlackProvider.php
Vendored
+111
View File
@@ -0,0 +1,111 @@
<?php
namespace Laravel\Socialite\Two;
use GuzzleHttp\RequestOptions;
use Illuminate\Support\Arr;
class SlackProvider extends AbstractProvider implements ProviderInterface
{
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['identity.basic', 'identity.email', 'identity.team', 'identity.avatar'];
/**
* The key used for scopes.
*
* @var string
*/
protected $scopeKey = 'user_scope';
/**
* Indicate that the requested token should be for a bot user.
*
* @return $this
*/
public function asBotUser()
{
$this->scopeKey = 'scope';
return $this;
}
/**
* {@inheritdoc}
*/
public function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://slack.com/oauth/v2/authorize', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return 'https://slack.com/api/oauth.v2.access';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$response = $this->getHttpClient()->get('https://slack.com/api/users.identity', [
RequestOptions::HEADERS => ['Authorization' => 'Bearer '.$token],
]);
return json_decode($response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => Arr::get($user, 'user.id'),
'name' => Arr::get($user, 'user.name'),
'email' => Arr::get($user, 'user.email'),
'avatar' => Arr::get($user, 'user.image_512'),
'organization_id' => Arr::get($user, 'team.id'),
]);
}
/**
* {@inheritdoc}
*/
protected function getCodeFields($state = null)
{
$fields = parent::getCodeFields($state);
if ($this->scopeKey === 'user_scope') {
$fields['scope'] = '';
$fields['user_scope'] = $this->formatScopes($this->scopes, $this->scopeSeparator);
}
return $fields;
}
/**
* {@inheritdoc}
*/
public function getAccessTokenResponse($code)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::HEADERS => $this->getTokenHeaders($code),
RequestOptions::FORM_PARAMS => $this->getTokenFields($code),
]);
$result = json_decode($response->getBody(), true);
if ($this->scopeKey === 'user_scope') {
return $result['authed_user'];
}
return $result;
}
}
vendor/laravel/socialite/src/Two/Token.php
Vendored
+50
View File
@@ -0,0 +1,50 @@
<?php
namespace Laravel\Socialite\Two;
class Token
{
/**
* The user's access token.
*
* @var string
*/
public $token;
/**
* The refresh token that can be exchanged for a new access token.
*
* @var string
*/
public $refreshToken;
/**
* The number of seconds the access token is valid for.
*
* @var int
*/
public $expiresIn;
/**
* The scopes the user authorized. The approved scopes may be a subset of the requested scopes.
*
* @var array
*/
public $approvedScopes;
/**
* Create a new token instance.
*
* @param string $token
* @param string $refreshToken
* @param int $expiresIn
* @param array $approvedScopes
*/
public function __construct(string $token, string $refreshToken, int $expiresIn, array $approvedScopes)
{
$this->token = $token;
$this->refreshToken = $refreshToken;
$this->expiresIn = $expiresIn;
$this->approvedScopes = $approvedScopes;
}
}
vendor/laravel/socialite/src/Two/TwitterProvider.php
Vendored
+125
View File
@@ -0,0 +1,125 @@
<?php
namespace Laravel\Socialite\Two;
use GuzzleHttp\RequestOptions;
use Illuminate\Support\Arr;
class TwitterProvider extends AbstractProvider implements ProviderInterface
{
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['users.read', 'tweet.read'];
/**
* Indicates if PKCE should be used.
*
* @var bool
*/
protected $usesPKCE = true;
/**
* The separating character for the requested scopes.
*
* @var string
*/
protected $scopeSeparator = ' ';
/**
* The query encoding format.
*
* @var int
*/
protected $encodingType = PHP_QUERY_RFC3986;
/**
* {@inheritdoc}
*/
public function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://twitter.com/i/oauth2/authorize', $state);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return 'https://api.twitter.com/2/oauth2/token';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$response = $this->getHttpClient()->get('https://api.twitter.com/2/users/me', [
RequestOptions::HEADERS => ['Authorization' => 'Bearer '.$token],
RequestOptions::QUERY => ['user.fields' => 'profile_image_url'],
]);
return Arr::get(json_decode($response->getBody(), true), 'data');
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => $user['id'],
'nickname' => $user['username'],
'name' => $user['name'],
'avatar' => $user['profile_image_url'],
]);
}
/**
* {@inheritdoc}
*/
public function getAccessTokenResponse($code)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::HEADERS => ['Accept' => 'application/json'],
RequestOptions::AUTH => [$this->clientId, $this->clientSecret],
RequestOptions::FORM_PARAMS => $this->getTokenFields($code),
]);
return json_decode($response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function getRefreshTokenResponse($refreshToken)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::HEADERS => ['Accept' => 'application/json'],
RequestOptions::AUTH => [$this->clientId, $this->clientSecret],
RequestOptions::FORM_PARAMS => [
'grant_type' => 'refresh_token',
'refresh_token' => $refreshToken,
'client_id' => $this->clientId,
],
]);
return json_decode($response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function getCodeFields($state = null)
{
$fields = parent::getCodeFields($state);
if ($this->isStateless()) {
$fields['state'] = 'state';
}
return $fields;
}
}
vendor/laravel/socialite/src/Two/User.php
Vendored
+88
View File
@@ -0,0 +1,88 @@
<?php
namespace Laravel\Socialite\Two;
use Laravel\Socialite\AbstractUser;
class User extends AbstractUser
{
/**
* The user's access token.
*
* @var string
*/
public $token;
/**
* The refresh token that can be exchanged for a new access token.
*
* @var string
*/
public $refreshToken;
/**
* The number of seconds the access token is valid for.
*
* @var int
*/
public $expiresIn;
/**
* The scopes the user authorized. The approved scopes may be a subset of the requested scopes.
*
* @var array
*/
public $approvedScopes;
/**
* Set the token on the user.
*
* @param string $token
* @return $this
*/
public function setToken($token)
{
$this->token = $token;
return $this;
}
/**
* Set the refresh token required to obtain a new access token.
*
* @param string $refreshToken
* @return $this
*/
public function setRefreshToken($refreshToken)
{
$this->refreshToken = $refreshToken;
return $this;
}
/**
* Set the number of seconds the access token is valid for.
*
* @param int $expiresIn
* @return $this
*/
public function setExpiresIn($expiresIn)
{
$this->expiresIn = $expiresIn;
return $this;
}
/**
* Set the scopes that were approved by the user during authentication.
*
* @param array $approvedScopes
* @return $this
*/
public function setApprovedScopes($approvedScopes)
{
$this->approvedScopes = $approvedScopes;
return $this;
}
}