[GitHub/WoltLab/WCF.git] / wcfsetup / install / files / lib / action / FacebookAuthAction.class.php

<?php

namespace wcf\action;

use GuzzleHttp\Psr7\Request;
use wcf\system\request\LinkHandler;
use wcf\system\user\authentication\oauth\User as OauthUser;
use wcf\util\JSON;
use wcf\util\StringUtil;

/**
 * Performs authentication against Facebook
 *
 * @author  Tim Duesterhus
 * @copyright   2001-2021 WoltLab GmbH
 * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 */
final class FacebookAuthAction extends AbstractOauth2AuthAction
{
    const AVAILABLE_DURING_OFFLINE_MODE = true;

    #[\Override]
    protected function getTokenEndpoint(): string
    {
        return 'https://graph.facebook.com/oauth/access_token';
    }

    #[\Override]
    protected function getClientId(): string
    {
        return StringUtil::trim(FACEBOOK_PUBLIC_KEY);
    }

    #[\Override]
    protected function getClientSecret(): string
    {
        return StringUtil::trim(FACEBOOK_PRIVATE_KEY);
    }

    #[\Override]
    protected function getScope(): string
    {
        return 'email';
    }

    #[\Override]
    protected function getAuthorizeUrl(): string
    {
        return 'https://www.facebook.com/dialog/oauth';
    }

    #[\Override]
    protected function getCallbackUrl(): string
    {
        $callbackURL = LinkHandler::getInstance()->getControllerLink(self::class);

        // Work around Facebook performing an illegal substitution of the Slash
        // by '%2F' when entering redirect URI (RFC 3986 sect. 2.2, sect. 3.4)
        return \preg_replace_callback('/(?<=\?).*/', static function ($matches) {
            return \rawurlencode($matches[0]);
        }, $callbackURL);
    }

    #[\Override]
    protected function supportsState(): bool
    {
        return true;
    }

    #[\Override]
    protected function getUser(array $accessToken): OauthUser
    {
        $request = new Request('GET', 'https://graph.facebook.com/me?fields=email,id,name', [
            'accept' => 'application/json',
            'authorization' => \sprintf('Bearer %s', $accessToken['access_token']),
        ]);
        $response = $this->getHttpClient()->send($request);
        $parsed = JSON::decode((string)$response->getBody());

        $parsed['__id'] = $parsed['id'];
        $parsed['__username'] = $parsed['name'];
        if (!empty($parsed['email'])) {
            $parsed['__email'] = $parsed['email'];
        }
        $parsed['accessToken'] = $accessToken;

        return new OauthUser($parsed);
    }

    #[\Override]
    protected function getProviderName(): string
    {
        return 'facebook';
    }
}
Commit	Line	Data
320f4a6d	1	<?php
a9229942	2
320f4a6d	3	namespace wcf\action;
a9229942	4
8b2a995f	5	use GuzzleHttp\Psr7\Request;
320f4a6d	6	use wcf\system\request\LinkHandler;
8b2a995f	7	use wcf\system\user\authentication\oauth\User as OauthUser;
320f4a6d MW	8	use wcf\util\JSON;
	9	use wcf\util\StringUtil;
	10
	11	/**
8b2a995f	12	* Performs authentication against Facebook
a9229942 TD	13	*
	14	* @author Tim Duesterhus
	15	* @copyright 2001-2021 WoltLab GmbH
	16	* @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
320f4a6d	17	*/
34de730b	18	final class FacebookAuthAction extends AbstractOauth2AuthAction
a9229942	19	{
3dbbe12f MW	20	const AVAILABLE_DURING_OFFLINE_MODE = true;
3dbbe12f MW	21
34de730b	22	#[\Override]
a9229942 TD	23	protected function getTokenEndpoint(): string
	24	{
	25	return 'https://graph.facebook.com/oauth/access_token';
	26	}
	27
34de730b	28	#[\Override]
a9229942 TD	29	protected function getClientId(): string
	30	{
	31	return StringUtil::trim(FACEBOOK_PUBLIC_KEY);
	32	}
	33
34de730b	34	#[\Override]
a9229942 TD	35	protected function getClientSecret(): string
	36	{
	37	return StringUtil::trim(FACEBOOK_PRIVATE_KEY);
	38	}
	39
34de730b	40	#[\Override]
a9229942 TD	41	protected function getScope(): string
	42	{
	43	return 'email';
	44	}
	45
34de730b	46	#[\Override]
a9229942 TD	47	protected function getAuthorizeUrl(): string
	48	{
	49	return 'https://www.facebook.com/dialog/oauth';
	50	}
	51
34de730b	52	#[\Override]
a9229942 TD	53	protected function getCallbackUrl(): string
	54	{
	55	$callbackURL = LinkHandler::getInstance()->getControllerLink(self::class);
	56
	57	// Work around Facebook performing an illegal substitution of the Slash
	58	// by '%2F' when entering redirect URI (RFC 3986 sect. 2.2, sect. 3.4)
adf26c0d	59	return \preg_replace_callback('/(?<=\?).*/', static function ($matches) {
a9229942 TD	60	return \rawurlencode($matches[0]);
a9229942 TD	61	}, $callbackURL);
a9229942 TD	62	}
a9229942 TD	63
34de730b	64	#[\Override]
a9229942 TD	65	protected function supportsState(): bool
	66	{
	67	return true;
	68	}
	69
34de730b	70	#[\Override]
a9229942 TD	71	protected function getUser(array $accessToken): OauthUser
	72	{
	73	$request = new Request('GET', 'https://graph.facebook.com/me?fields=email,id,name', [
	74	'accept' => 'application/json',
	75	'authorization' => \sprintf('Bearer %s', $accessToken['access_token']),
	76	]);
	77	$response = $this->getHttpClient()->send($request);
	78	$parsed = JSON::decode((string)$response->getBody());
	79
	80	$parsed['__id'] = $parsed['id'];
	81	$parsed['__username'] = $parsed['name'];
b1b31d79 TD	82	if (!empty($parsed['email'])) {
	83	$parsed['__email'] = $parsed['email'];
	84	}
a9229942 TD	85	$parsed['accessToken'] = $accessToken;
	86
	87	return new OauthUser($parsed);
	88	}
	89
34de730b C	90	#[\Override]
34de730b C	91	protected function getProviderName(): string
a9229942	92	{
34de730b	93	return 'facebook';
a9229942	94	}
320f4a6d	95	}