Commit | Line | Data |
---|---|---|
320f4a6d | 1 | <?php |
a9229942 | 2 | |
320f4a6d | 3 | namespace wcf\action; |
a9229942 | 4 | |
8b2a995f | 5 | use GuzzleHttp\Psr7\Request; |
320f4a6d | 6 | use wcf\system\request\LinkHandler; |
8b2a995f | 7 | use wcf\system\user\authentication\oauth\User as OauthUser; |
320f4a6d MW |
8 | use wcf\util\JSON; |
9 | use wcf\util\StringUtil; | |
10 | ||
11 | /** | |
8b2a995f | 12 | * Performs authentication against Facebook |
a9229942 TD |
13 | * |
14 | * @author Tim Duesterhus | |
15 | * @copyright 2001-2021 WoltLab GmbH | |
16 | * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> | |
320f4a6d | 17 | */ |
34de730b | 18 | final class FacebookAuthAction extends AbstractOauth2AuthAction |
a9229942 | 19 | { |
3dbbe12f MW |
20 | const AVAILABLE_DURING_OFFLINE_MODE = true; |
21 | ||
34de730b | 22 | #[\Override] |
a9229942 TD |
23 | protected function getTokenEndpoint(): string |
24 | { | |
25 | return 'https://graph.facebook.com/oauth/access_token'; | |
26 | } | |
27 | ||
34de730b | 28 | #[\Override] |
a9229942 TD |
29 | protected function getClientId(): string |
30 | { | |
31 | return StringUtil::trim(FACEBOOK_PUBLIC_KEY); | |
32 | } | |
33 | ||
34de730b | 34 | #[\Override] |
a9229942 TD |
35 | protected function getClientSecret(): string |
36 | { | |
37 | return StringUtil::trim(FACEBOOK_PRIVATE_KEY); | |
38 | } | |
39 | ||
34de730b | 40 | #[\Override] |
a9229942 TD |
41 | protected function getScope(): string |
42 | { | |
43 | return 'email'; | |
44 | } | |
45 | ||
34de730b | 46 | #[\Override] |
a9229942 TD |
47 | protected function getAuthorizeUrl(): string |
48 | { | |
49 | return 'https://www.facebook.com/dialog/oauth'; | |
50 | } | |
51 | ||
34de730b | 52 | #[\Override] |
a9229942 TD |
53 | protected function getCallbackUrl(): string |
54 | { | |
55 | $callbackURL = LinkHandler::getInstance()->getControllerLink(self::class); | |
56 | ||
57 | // Work around Facebook performing an illegal substitution of the Slash | |
58 | // by '%2F' when entering redirect URI (RFC 3986 sect. 2.2, sect. 3.4) | |
adf26c0d | 59 | return \preg_replace_callback('/(?<=\?).*/', static function ($matches) { |
a9229942 TD |
60 | return \rawurlencode($matches[0]); |
61 | }, $callbackURL); | |
a9229942 TD |
62 | } |
63 | ||
34de730b | 64 | #[\Override] |
a9229942 TD |
65 | protected function supportsState(): bool |
66 | { | |
67 | return true; | |
68 | } | |
69 | ||
34de730b | 70 | #[\Override] |
a9229942 TD |
71 | protected function getUser(array $accessToken): OauthUser |
72 | { | |
73 | $request = new Request('GET', 'https://graph.facebook.com/me?fields=email,id,name', [ | |
74 | 'accept' => 'application/json', | |
75 | 'authorization' => \sprintf('Bearer %s', $accessToken['access_token']), | |
76 | ]); | |
77 | $response = $this->getHttpClient()->send($request); | |
78 | $parsed = JSON::decode((string)$response->getBody()); | |
79 | ||
80 | $parsed['__id'] = $parsed['id']; | |
81 | $parsed['__username'] = $parsed['name']; | |
b1b31d79 TD |
82 | if (!empty($parsed['email'])) { |
83 | $parsed['__email'] = $parsed['email']; | |
84 | } | |
a9229942 TD |
85 | $parsed['accessToken'] = $accessToken; |
86 | ||
87 | return new OauthUser($parsed); | |
88 | } | |
89 | ||
34de730b C |
90 | #[\Override] |
91 | protected function getProviderName(): string | |
a9229942 | 92 | { |
34de730b | 93 | return 'facebook'; |
a9229942 | 94 | } |
320f4a6d | 95 | } |