Files
event/lib/hybridauth3/examples/example_01.php
T
2025-03-05 14:10:06 +09:00

188 lines
6.1 KiB
PHP

<?php
/*!
* This simple example illustrate how to authenticate users with GitHub.
*
* Most other providers work pretty much the same.
*/
/**
* Step 0: Start PHP session
*
* Normally this step is not required as Hybridauth will attempt to start the session for you, however
* in some cases it might be better to call session_start() at top of script to avoid cookie-based sessions
* issues.
*
* See: http://php.net/manual/en/function.session-start.php#refsect1-function.session-start-notes
* http://stackoverflow.com/a/8028987
*/
session_start();
/**
* Step 1: Require the Hybridauth Library
*
* Should be as simple as including Composer's autoloader.
*/
include '../src/autoload.php';
/**
* Step 2: Configuring Your Application
*
* If you're already familiar with the process, you can skip the explanation below.
*
* To get started with GitHub authentication, you need to create a new GitHub application.
*
* First, navigate to https://github.com/settings/developers then click the Register
* new application button at the top right of that page and fill in any required fields
* such as the application name, description and website.
*
* Set the Authorization callback URL to https://path/to/hybridauth/examples/example_01.php.
* Understandably, you need to replace 'path/to/hybridauth' with the real path to this script.
*
* Note that Hybridauth provides an utility function that can generate the current page url for you
* and can be used for the callback. Example: 'callback' => Hybridauth\HttpClient\Util::getCurrentUrl()
*
* After configuring your GitHub application, simple replace 'your-app-id' and 'your-app-secret'
* with your application credentials (Client ID and Client Secret).
*
* Providers who uses OAuth 2.0 protocol (i.g., GitHub, Facebook, Google, etc.) may need
* an Authorization scope as additional parameter. Authorization scopes are strings that
* enable access to particular resources, such as user data.
*
* https://developer.github.com/v3/oauth/
* https://developer.github.com/v3/oauth/#scopes
*/
$config = [
'callback' => 'https://path/to/hybridauth/examples/example_01.php', // or Hybridauth\HttpClient\Util::getCurrentUrl()
'keys' => ['id' => 'your-app-id', 'secret' => 'your-app-secret'], // Your Github application credentials
/* optional : set scope
'scope' => 'user:email', */
/* optional : set debug mode
'debug_mode' => true,
// Path to file writeable by the web server. Required if 'debug_mode' is not false
'debug_file' => __FILE__ . '.log', */
/* optional : customize Curl settings
// for more information on curl, refer to: http://www.php.net/manual/fr/function.curl-setopt.php
'curl_options' => [
// setting custom certificates
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_CAINFO => '/path/to/your/certificate.crt',
// set a valid proxy ip address
CURLOPT_PROXY => '*.*.*.*:*',
// set a custom user agent
CURLOPT_USERAGENT => ''
] */
];
/**
* Step 3: Instantiate Github Adapter
*
* This example instantiates a GitHub adapter using the array $config we just built.
*/
$github = new Hybridauth\Provider\GitHub($config);
/**
* Step 4: Authenticating Users
*
* When invoked, `authenticate()` will redirect users to GitHub login page where they
* will be asked to grant access to your application. If they do, GitHub will redirect
* the users back to Authorization callback URL (i.e., this script).
*
* Note that GitHub and few other providers will ask their users for authorisation
* only once.
*/
$github->authenticate();
/**
* Step 5: Retrieve Users Profiles
*
* Calling getUserProfile returns an instance of class Hybridauth\User\Profile which contain the
* connected user's profile in simple and standardized structure across all the social APIs supported
* by Hybridauth.
*/
$userProfile = $github->getUserProfile();
echo 'Hi ' . $userProfile->displayName;
/**
* Bonus: Access GitHub API
*
* Now that the user is authenticated with Gihub, and depending on the authorization given to your
* application, you should be able to query the said API on behalf of the user.
*
* As an example we list the authenticated user's public gists.
*/
$apiResponse = $github->apiRequest('gists');
/**
* Step 6: Disconnect the adapter
*
* This will erase the current user authentication data from session, and any further
* attempt to communicate with Github API will result on an authorisation exception.
*/
$github->disconnect();
/**
* Final note: Catching Exceptions
*
* Hybridauth use exceptions extensively and it's important that these exceptions
* be properly caught/handled in your code.
*
* Below is a basic example of how to catch exceptions.
*
* Note that on the previous step we disconnected from the API; meaning Hybridauth
* has erased the oauth access token used to sign http requests from the current
* session, thus, any new request we now make will now throw an exception.
*
* It's important that you don't show Hybridauth exception's messages to the end user as
* they may include sensitive data, and that you use your own error messages instead.
*/
try {
$github->getUserProfile();
}
/**
* Catch Curl Errors
*
* This kind of error may happen in case of:
* - Internet or Network issues.
* - Your server configuration is not setup correctly.
*
* The full list of curl errors that may happen can be found at http://curl.haxx.se/libcurl/c/libcurl-errors.html
*/
catch (Hybridauth\Exception\HttpClientFailureException $e) {
echo 'Curl text error message : ' . $github->getHttpClient()->getResponseClientError();
}
/**
* Catch API Requests Errors
*
* This usually happens when requesting a:
* - Wrong URI or a mal-formatted http request.
* - Protected resource without providing a valid access token.
*/
catch (Hybridauth\Exception\HttpRequestFailedException $e) {
echo 'Raw API Response: ' . $github->getHttpClient()->getResponseBody();
}
/**
* Base PHP's exception that catches everything [else]
*/
catch (\Exception $e) {
echo 'Oops! We ran into an unknown issue: ' . $e->getMessage();
}