Commit | Line | Data |
---|---|---|
320f4a6d | 1 | <?php |
a9229942 | 2 | |
320f4a6d | 3 | namespace wcf\action; |
a9229942 | 4 | |
8b2a995f | 5 | use GuzzleHttp\Psr7\Request; |
320f4a6d | 6 | use wcf\system\request\LinkHandler; |
8b2a995f | 7 | use wcf\system\user\authentication\oauth\User as OauthUser; |
320f4a6d MW |
8 | use wcf\util\JSON; |
9 | use wcf\util\StringUtil; | |
10 | ||
11 | /** | |
8b2a995f | 12 | * Performs authentication against Facebook |
a9229942 TD |
13 | * |
14 | * @author Tim Duesterhus | |
15 | * @copyright 2001-2021 WoltLab GmbH | |
16 | * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> | |
320f4a6d | 17 | */ |
34de730b | 18 | final class FacebookAuthAction extends AbstractOauth2AuthAction |
a9229942 | 19 | { |
34de730b | 20 | #[\Override] |
a9229942 TD |
21 | protected function getTokenEndpoint(): string |
22 | { | |
23 | return 'https://graph.facebook.com/oauth/access_token'; | |
24 | } | |
25 | ||
34de730b | 26 | #[\Override] |
a9229942 TD |
27 | protected function getClientId(): string |
28 | { | |
29 | return StringUtil::trim(FACEBOOK_PUBLIC_KEY); | |
30 | } | |
31 | ||
34de730b | 32 | #[\Override] |
a9229942 TD |
33 | protected function getClientSecret(): string |
34 | { | |
35 | return StringUtil::trim(FACEBOOK_PRIVATE_KEY); | |
36 | } | |
37 | ||
34de730b | 38 | #[\Override] |
a9229942 TD |
39 | protected function getScope(): string |
40 | { | |
41 | return 'email'; | |
42 | } | |
43 | ||
34de730b | 44 | #[\Override] |
a9229942 TD |
45 | protected function getAuthorizeUrl(): string |
46 | { | |
47 | return 'https://www.facebook.com/dialog/oauth'; | |
48 | } | |
49 | ||
34de730b | 50 | #[\Override] |
a9229942 TD |
51 | protected function getCallbackUrl(): string |
52 | { | |
53 | $callbackURL = LinkHandler::getInstance()->getControllerLink(self::class); | |
54 | ||
55 | // Work around Facebook performing an illegal substitution of the Slash | |
56 | // by '%2F' when entering redirect URI (RFC 3986 sect. 2.2, sect. 3.4) | |
adf26c0d | 57 | return \preg_replace_callback('/(?<=\?).*/', static function ($matches) { |
a9229942 TD |
58 | return \rawurlencode($matches[0]); |
59 | }, $callbackURL); | |
a9229942 TD |
60 | } |
61 | ||
34de730b | 62 | #[\Override] |
a9229942 TD |
63 | protected function supportsState(): bool |
64 | { | |
65 | return true; | |
66 | } | |
67 | ||
34de730b | 68 | #[\Override] |
a9229942 TD |
69 | protected function getUser(array $accessToken): OauthUser |
70 | { | |
71 | $request = new Request('GET', 'https://graph.facebook.com/me?fields=email,id,name', [ | |
72 | 'accept' => 'application/json', | |
73 | 'authorization' => \sprintf('Bearer %s', $accessToken['access_token']), | |
74 | ]); | |
75 | $response = $this->getHttpClient()->send($request); | |
76 | $parsed = JSON::decode((string)$response->getBody()); | |
77 | ||
78 | $parsed['__id'] = $parsed['id']; | |
79 | $parsed['__username'] = $parsed['name']; | |
b1b31d79 TD |
80 | if (!empty($parsed['email'])) { |
81 | $parsed['__email'] = $parsed['email']; | |
82 | } | |
a9229942 TD |
83 | $parsed['accessToken'] = $accessToken; |
84 | ||
85 | return new OauthUser($parsed); | |
86 | } | |
87 | ||
34de730b C |
88 | #[\Override] |
89 | protected function getProviderName(): string | |
a9229942 | 90 | { |
34de730b | 91 | return 'facebook'; |
a9229942 | 92 | } |
320f4a6d | 93 | } |