• Stars
    star
    396
  • Rank 108,801 (Top 3 %)
  • Language
    PHP
  • License
    MIT License
  • Created almost 10 years ago
  • Updated about 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Google Provider for the OAuth 2.0 Client

Google Provider for OAuth 2.0 Client

Build Status Code Coverage License Latest Stable Version

This package provides Google OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

This package is compliant with PSR-1, PSR-2 and PSR-4. If you notice compliance oversights, please send a patch via pull request.

Requirements

The following versions of PHP are supported.

  • PHP 7.3
  • PHP 7.4
  • PHP 8.0
  • PHP 8.1
  • PHP 8.2
  • PHP 8.3

This package uses OpenID Connect to authenticate users with Google accounts.

To use this package, it will be necessary to have a Google client ID and client secret. These are referred to as {google-client-id} and {google-client-secret} in the documentation.

Please follow the Google instructions to create the required credentials.

Installation

To install, use composer:

composer require league/oauth2-google

Usage

Authorization Code Flow

require __DIR__ . '/vendor/autoload.php';

use League\OAuth2\Client\Provider\Google;

session_start(); // Remove if session.auto_start=1 in php.ini

$provider = new Google([
    'clientId'     => '{google-client-id}',
    'clientSecret' => '{google-client-secret}',
    'redirectUri'  => 'https://example.com/callback-url',
    'hostedDomain' => 'example.com', // optional; used to restrict access to users on your G Suite/Google Apps for Business accounts
]);

if (!empty($_GET['error'])) {

    // Got an error, probably user denied access
    exit('Got error: ' . htmlspecialchars($_GET['error'], ENT_QUOTES, 'UTF-8'));

} elseif (empty($_GET['code'])) {

    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: ' . $authUrl);
    exit;

} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    // State is invalid, possible CSRF attack in progress
    unset($_SESSION['oauth2state']);
    exit('Invalid state');

} else {

    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]);

    // Optional: Now you have a token you can look up a users profile data
    try {

        // We got an access token, let's now get the owner details
        $ownerDetails = $provider->getResourceOwner($token);

        // Use these details to create a new profile
        printf('Hello %s!', $ownerDetails->getFirstName());

    } catch (Exception $e) {

        // Failed to get user details
        exit('Something went wrong: ' . $e->getMessage());

    }

    // Use this to interact with an API on the users behalf
    echo $token->getToken();

    // Use this to get a new access token if the old one expires
    echo $token->getRefreshToken();

    // Unix timestamp at which the access token expires
    echo $token->getExpires();
}

Available Options

The Google provider has the following options:

  • accessType to use online or offline access
  • hostedDomain to authenticate G Suite users
  • prompt to modify the prompt that the user will see
  • scopes to request access to additional user information

Accessing Token JWT

Google provides a JSON Web Token (JWT) with all access tokens. This token contains basic information about the authenticated user. The JWT can be accessed from the id_token value of the access token:

/** @var League\OAuth2\Client\Token\AccessToken $token */
$values = $token->getValues();

/** @var string */
$jwt = $values['id_token'];

Parsing the JWT will require a JWT parser. Refer to parser documentation for instructions.

Refreshing a Token

Refresh tokens are only provided to applications which request offline access. You can specify offline access by setting the accessType option in your provider:

use League\OAuth2\Client\Provider\Google;

$provider = new Google([
    'clientId'     => '{google-client-id}',
    'clientSecret' => '{google-client-secret}',
    'redirectUri'  => 'https://example.com/callback-url',
    'accessType'   => 'offline',
]);

It is important to note that the refresh token is only returned on the first request after this it will be null. You should securely store the refresh token when it is returned:

$token = $provider->getAccessToken('authorization_code', [
    'code' => $code
]);

// persist the token in a database
$refreshToken = $token->getRefreshToken();

If you ever need to get a new refresh token you can request one by forcing the consent prompt:

$authUrl = $provider->getAuthorizationUrl(['prompt' => 'consent', 'access_type' => 'offline']);

Now you have everything you need to refresh an access token using a refresh token:

use League\OAuth2\Client\Provider\Google;
use League\OAuth2\Client\Grant\RefreshToken;

$provider = new Google([
    'clientId'     => '{google-client-id}',
    'clientSecret' => '{google-client-secret}',
    'redirectUri'  => 'https://example.com/callback-url',
]);

$grant = new RefreshToken();
$token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);

Scopes

Additional scopes can be set by using the scope parameter when generating the authorization URL:

$authorizationUrl = $provider->getAuthorizationUrl([
    'scope' => [
        'scope-url-here'
    ],
]);

Testing

Tests can be run with:

composer test

Style checks can be run with:

composer check

Contributing

Please see CONTRIBUTING for details.

Credits

License

The MIT License (MIT). Please see License File for more information.

More Repositories

1

flysystem

Abstraction for local and remote filesystems
PHP
13,354
star
2

oauth2-server

A spec compliant, secure by default PHP OAuth 2.0 Server
PHP
6,362
star
3

omnipay

A framework agnostic, multi-gateway payment processing library for PHP 5.6+
PHP
5,813
star
4

fractal

Output complex, flexible, AJAX/RESTful data structures.
PHP
3,524
star
5

oauth2-client

Easy integration with OAuth 2.0 service providers.
PHP
3,508
star
6

csv

CSV data manipulation made easy in PHP
PHP
3,337
star
7

commonmark

Highly-extensible PHP Markdown parser which fully supports the CommonMark and GFM specs.
PHP
2,738
star
8

glide

Wonderfully easy on-demand image manipulation library with an HTTP based API.
PHP
2,550
star
9

climate

PHP's best friend for the terminal.
PHP
1,867
star
10

html-to-markdown

Convert HTML to Markdown with PHP
PHP
1,619
star
11

flysystem-aws-s3-v3

[READYONLY SUB-SPLIT]Flysystem Adapter for AWS SDK V3
PHP
1,557
star
12

skeleton

A skeleton repository for League Packages
PHP
1,525
star
13

event

Event package for your app and domain
PHP
1,519
star
14

plates

Native PHP template system
PHP
1,470
star
15

geotools

Geo-related tools PHP 7.3+ library built atop Geocoder and React libraries
PHP
1,366
star
16

color-extractor

Extract colors from an image like a human would do.
PHP
1,297
star
17

mime-type-detection

League Mime Type Detection
PHP
1,262
star
18

uri

[READ-ONLY] URI manipulation Library
PHP
1,032
star
19

pipeline

League\Pipeline
PHP
959
star
20

oauth1-client

OAuth 1 Client
PHP
936
star
21

tactician

A small, flexible command bus
PHP
858
star
22

container

Small but powerful dependency injection container
PHP
843
star
23

period

PHP's time range API
PHP
720
star
24

route

Fast PSR-7 based routing and dispatch component including PSR-15 middleware, built on top of FastRoute.
PHP
651
star
25

iso3166

A PHP library providing ISO 3166-1 data.
PHP
639
star
26

factory-muffin

Enables the rapid creation of objects for testing
PHP
533
star
27

openapi-psr7-validator

It validates PSR-7 messages (HTTP request/response) against OpenAPI specifications
PHP
525
star
28

config

Simple yet expressive schema-based configuration library for PHP apps
PHP
478
star
29

uri-interfaces

League URI Interfaces
PHP
459
star
30

shunt

[ABANDONED] PHP library for executing commands on multiple remote machines, via SSH
PHP
436
star
31

uri-parser

RFC3986/RFC3987 compliant URI parser
PHP
394
star
32

flysystem-bundle

Symfony bundle integrating Flysystem into Symfony applications
PHP
361
star
33

flysystem-cached-adapter

Flysystem Adapter Cache Decorator.
PHP
356
star
34

statsd

A library for working with StatsD
PHP
351
star
35

url

A simple PHP library to parse and manipulate URLs
PHP
347
star
36

booboo

A modern error handler capable of logging and formatting errors in a variety of ways.
PHP
338
star
37

omnipay-common

Core components for the Omnipay PHP payment processing library
PHP
330
star
38

monga

Simple and swift MongoDB abstraction.
PHP
328
star
39

flysystem-sftp

[READ-ONLY SUBSPLIT] Flysystem Adapter for SFTP
PHP
308
star
40

uri-components

[READ-ONLY] League URI components objects
PHP
307
star
41

omnipay-paypal

PayPal driver for the Omnipay PHP payment processing library
PHP
299
star
42

oauth2-facebook

Facebook Provider for the OAuth 2.0 Client
PHP
299
star
43

tactician-bundle

Bundle to integrate Tactician with Symfony projects
PHP
245
star
44

uri-schemes

Collection of URI Immutable Value Objects
PHP
216
star
45

uri-manipulations

Functions and Middleware to manipulate URI Objects
PHP
199
star
46

uri-hostname-parser

A lightweight hostname parser according to public suffix list ICANN section
PHP
197
star
47

omnipay-stripe

Stripe driver for the Omnipay PHP payment processing library
PHP
184
star
48

oauth2-server-bundle

Symfony bundle for the OAuth2 Server.
PHP
183
star
49

json-guard

Validation of json-schema.org compliant schemas.
PHP
175
star
50

flysystem-local

PHP
152
star
51

commonmark-ext-table

The table extension for CommonMark PHP implementation
PHP
128
star
52

glide-laravel

Glide adapter for Laravel
PHP
121
star
53

oauth2-github

GitHub Provider for the OAuth 2.0 Client
PHP
109
star
54

flysystem-ziparchive

Flysystem Adapter for ZipArchive's
PHP
101
star
55

omnipay-example

Example application for Omnipay PHP payments library
PHP
100
star
56

glide-symfony

Glide adapter for Symfony
PHP
96
star
57

oauth2-linkedin

LinkedIn Provider for the OAuth 2.0 Client
PHP
83
star
58

flysystem-memory

Flysystem Memory Adapter
PHP
75
star
59

tactician-container

Load Tactician handlers from any PSR-11/container-interop container
PHP
75
star
60

stack-attack

StackPHP Middleware based on Rack::Attack
PHP
74
star
61

flysystem-webdav

[READ ONLY] WebDAV adapter for Flysystem
PHP
70
star
62

flysystem-dropbox

Flysystem Adapter for Dropbox [ABANDONED] replacement: https://packagist.org/packages/spatie/flysystem-dropbox
PHP
67
star
63

stack-robots

StackPHP middleware providing robots.txt disallow for non-production environments
PHP
67
star
64

oauth2-instagram

Instagram Provider for the OAuth 2.0 Client
PHP
65
star
65

tactician-logger

Adds PSR-3 logging support to the Tactician Command Bus
PHP
62
star
66

omnipay-mollie

Mollie driver for the Omnipay PHP payment processing library
PHP
62
star
67

di

An Ultra-Fast Dependency Injection Container. DEPRECATED
PHP
58
star
68

tactician-doctrine

Tactician plugins for the Doctrine ORM, primarily transactions
PHP
57
star
69

omnipay-authorizenet

Authorize.Net driver for the Omnipay payment processing library
PHP
57
star
70

omnipay-sagepay

Sage Pay driver for the Omnipay PHP payment processing library
PHP
55
star
71

flysystem-azure-blob-storage

PHP
53
star
72

flysystem-aws-s3-v2

Flysystem Adapter for AWS SDK V2
PHP
50
star
73

DEPRECATED-squery

PHP wrapper for osquery
PHP
49
star
74

phpunit-coverage-listener

Report code coverage statistics to third-party services
PHP
48
star
75

thephpleague.github.io

The League of Extraordinary Packages website
SCSS
45
star
76

construct-finder

PHP code construct finder
PHP
42
star
77

factory-muffin-faker

A wrapper around faker for factory muffin
PHP
40
star
78

uri-query-parser

a parser and a builder to work with URI query string the right way in PHP
PHP
37
star
79

flysystem-rackspace

Flysystem Adapter for Rackspace
PHP
37
star
80

flysystem-azure

Flysystem adapter for the Windows Azure.
PHP
35
star
81

flysystem-sftp-v3

PHP
35
star
82

omnipay-braintree

Braintree Driver for Omnipay Gateway
PHP
34
star
83

json-reference

A library for working with JSON References.
PHP
33
star
84

uri-src

URI manipulation Library
PHP
29
star
85

commonmark-extras

Useful extensions for the league/commonmark parser
PHP
28
star
86

uploads

Receive, validate, and distribute uploaded files.
PHP
27
star
87

object-mapper

PHP
27
star
88

omnipay-dummy

Dummy driver for the Omnipay PHP payment processing library
PHP
26
star
89

flysystem-replicate-adapter

Flysystem Adapter Decorator for Replicating Filesystems.
PHP
24
star
90

omnipay-paymentexpress

PaymentExpress driver for the Omnipay PHP payment processing library
PHP
24
star
91

omnipay-worldpay

WorldPay driver for the Omnipay PHP payment processing library
PHP
23
star
92

flysystem-ftp

[SUB-SPLIT] Flysystem FTP Adapter
PHP
23
star
93

flysystem-async-aws-s3

PHP
22
star
94

omnipay-migs

MIGS driver for the Omnipay PHP payment processing library
PHP
21
star
95

omnipay-payfast

PayFast driver for the Omnipay PHP payment processing library
PHP
21
star
96

flysystem-google-cloud-storage

PHP
20
star
97

omnipay-firstdata

First Data driver for the Omnipay PHP payment processing library
PHP
20
star
98

omnipay-multisafepay

MultiSafepay driver for the Omnipay PHP payment processing library
PHP
19
star
99

flysystem-gridfs

GridFS Adapter for Flysystem
PHP
19
star
100

tactician-bernard

Tactician integration with the Bernard queueing library
PHP
19
star