[GitHub/WoltLab/WCF.git] / wcfsetup / install / files / lib / action / FacebookAuthAction.class.php

<?php

namespace wcf\action;

use GuzzleHttp\Psr7\Request;
use wcf\system\request\LinkHandler;
use wcf\system\user\authentication\oauth\User as OauthUser;
use wcf\util\JSON;
use wcf\util\StringUtil;

/**
 * Performs authentication against Facebook
 *
 * @author  Tim Duesterhus
 * @copyright   2001-2021 WoltLab GmbH
 * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 */
final class FacebookAuthAction extends AbstractOauth2AuthAction
{
    #[\Override]
    protected function getTokenEndpoint(): string
    {
        return 'https://graph.facebook.com/oauth/access_token';
    }

    #[\Override]
    protected function getClientId(): string
    {
        return StringUtil::trim(FACEBOOK_PUBLIC_KEY);
    }

    #[\Override]
    protected function getClientSecret(): string
    {
        return StringUtil::trim(FACEBOOK_PRIVATE_KEY);
    }

    #[\Override]
    protected function getScope(): string
    {
        return 'email';
    }

    #[\Override]
    protected function getAuthorizeUrl(): string
    {
        return 'https://www.facebook.com/dialog/oauth';
    }

    #[\Override]
    protected function getCallbackUrl(): string
    {
        $callbackURL = LinkHandler::getInstance()->getControllerLink(self::class);

        // Work around Facebook performing an illegal substitution of the Slash
        // by '%2F' when entering redirect URI (RFC 3986 sect. 2.2, sect. 3.4)
        return \preg_replace_callback('/(?<=\?).*/', static function ($matches) {
            return \rawurlencode($matches[0]);
        }, $callbackURL);
    }

    #[\Override]
    protected function supportsState(): bool
    {
        return true;
    }

    #[\Override]
    protected function getUser(array $accessToken): OauthUser
    {
        $request = new Request('GET', 'https://graph.facebook.com/me?fields=email,id,name', [
            'accept' => 'application/json',
            'authorization' => \sprintf('Bearer %s', $accessToken['access_token']),
        ]);
        $response = $this->getHttpClient()->send($request);
        $parsed = JSON::decode((string)$response->getBody());

        $parsed['__id'] = $parsed['id'];
        $parsed['__username'] = $parsed['name'];
        if (!empty($parsed['email'])) {
            $parsed['__email'] = $parsed['email'];
        }
        $parsed['accessToken'] = $accessToken;

        return new OauthUser($parsed);
    }

    #[\Override]
    protected function getProviderName(): string
    {
        return 'facebook';
    }
}
Commit	Line	Data
320f4a6d	1	<?php
a9229942	2
320f4a6d	3	namespace wcf\action;
a9229942	4
8b2a995f	5	use GuzzleHttp\Psr7\Request;
320f4a6d	6	use wcf\system\request\LinkHandler;
8b2a995f	7	use wcf\system\user\authentication\oauth\User as OauthUser;
320f4a6d MW	8	use wcf\util\JSON;
	9	use wcf\util\StringUtil;
	10
	11	/**
8b2a995f	12	* Performs authentication against Facebook
a9229942 TD	13	*
	14	* @author Tim Duesterhus
	15	* @copyright 2001-2021 WoltLab GmbH
	16	* @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
320f4a6d	17	*/
34de730b	18	final class FacebookAuthAction extends AbstractOauth2AuthAction
a9229942	19	{
34de730b	20	#[\Override]
a9229942 TD	21	protected function getTokenEndpoint(): string
	22	{
	23	return 'https://graph.facebook.com/oauth/access_token';
	24	}
	25
34de730b	26	#[\Override]
a9229942 TD	27	protected function getClientId(): string
	28	{
	29	return StringUtil::trim(FACEBOOK_PUBLIC_KEY);
	30	}
	31
34de730b	32	#[\Override]
a9229942 TD	33	protected function getClientSecret(): string
	34	{
	35	return StringUtil::trim(FACEBOOK_PRIVATE_KEY);
	36	}
	37
34de730b	38	#[\Override]
a9229942 TD	39	protected function getScope(): string
	40	{
	41	return 'email';
	42	}
	43
34de730b	44	#[\Override]
a9229942 TD	45	protected function getAuthorizeUrl(): string
	46	{
	47	return 'https://www.facebook.com/dialog/oauth';
	48	}
	49
34de730b	50	#[\Override]
a9229942 TD	51	protected function getCallbackUrl(): string
	52	{
	53	$callbackURL = LinkHandler::getInstance()->getControllerLink(self::class);
	54
	55	// Work around Facebook performing an illegal substitution of the Slash
	56	// by '%2F' when entering redirect URI (RFC 3986 sect. 2.2, sect. 3.4)
adf26c0d	57	return \preg_replace_callback('/(?<=\?).*/', static function ($matches) {
a9229942 TD	58	return \rawurlencode($matches[0]);
a9229942 TD	59	}, $callbackURL);
a9229942 TD	60	}
a9229942 TD	61
34de730b	62	#[\Override]
a9229942 TD	63	protected function supportsState(): bool
	64	{
	65	return true;
	66	}
	67
34de730b	68	#[\Override]
a9229942 TD	69	protected function getUser(array $accessToken): OauthUser
	70	{
	71	$request = new Request('GET', 'https://graph.facebook.com/me?fields=email,id,name', [
	72	'accept' => 'application/json',
	73	'authorization' => \sprintf('Bearer %s', $accessToken['access_token']),
	74	]);
	75	$response = $this->getHttpClient()->send($request);
	76	$parsed = JSON::decode((string)$response->getBody());
	77
	78	$parsed['__id'] = $parsed['id'];
	79	$parsed['__username'] = $parsed['name'];
b1b31d79 TD	80	if (!empty($parsed['email'])) {
	81	$parsed['__email'] = $parsed['email'];
	82	}
a9229942 TD	83	$parsed['accessToken'] = $accessToken;
	84
	85	return new OauthUser($parsed);
	86	}
	87
34de730b C	88	#[\Override]
34de730b C	89	protected function getProviderName(): string
a9229942	90	{
34de730b	91	return 'facebook';
a9229942	92	}
320f4a6d	93	}