This package provides OVHcloud OAuth 2.0 support for the PHP League's OAuth 2.0 Client.
To install, use composer:
composer require carsso/oauth2-ovhcloud
Usage is the same as The League's OAuth client, using \Carsso\OAuth2\Client\Provider\Ovhcloud as the provider.
$provider = new Carsso\OAuth2\Client\Provider\Ovhcloud([
// See supported endpoints section below
'endpoint' => '{ovhcloud-endpoint}',
// See OAuth2 application registration in supported endpoints section below
'clientId' => '{ovhcloud-client-id}',
'clientSecret' => '{ovhcloud-client-secret}',
'redirectUri' => 'https://example.com/callback-url',
]);
if (!isset($_GET['code'])) {
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
header('Location: '.$authUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', [
'code' => $_GET['code']
]);
// Optional: Now you have a token you can look up a users profile data
try {
// We got an access token, let's now get the user's details
$user = $provider->getResourceOwner($token);
// Use these details
printf('Hello %s (%s)!', $user->getName(), $user->getEmail());
} catch (Exception $e) {
// Failed to get user details
exit('Oh dear...');
}
// Use this to interact with an API on the user behalf (see OVHcloud API calls section below)
echo $token->getToken();
// Eventually refresh token if needed
/*
if ($token->hasExpired()) {
$newAccessToken = $provider->getAccessToken('refresh_token', [
'refresh_token' => $token->getRefreshToken()
]);
}
*/
}When creating your OVHcloud authorization URL, you can specify the state and scopes your application may authorize.
$options = [
'state' => 'OPTIONAL_CUSTOM_CONFIGURED_STATE',
'scope' => ['openid', 'profile', 'email', 'all'] // array or string
];
$authorizationUrl = $provider->getAuthorizationUrl($options);Here are the default scopes the provider is using :
- openid
- profile
- all
Since the OVHcloud API URL can vary, you can use the getAuthenticatedApiRequest() method of the provider (or getApiRequest() for unauthenticated calls).
$request = $provider->getAuthenticatedApiRequest(
\Carsso\OAuth2\Client\Provider\Ovhcloud::METHOD_GET,
'/me',
$token
);
$response = $provider->getResponse($request);'endpoint' => 'ovh-eu',
- API documentation: https://eu.api.ovh.com
- API console: https://eu.api.ovh.com/console
- API community support: [email protected]
- OAuth2 application registration: https://eu.api.ovh.com/console/#/me/api/oauth2/client#POST
'endpoint' => 'ovh-us',
- API documentation: https://api.us.ovhcloud.com
- API console: https://api.us.ovhcloud.com/console
- OAuth2 application registration: https://api.us.ovhcloud.com/console/#/me/api/oauth2/client#POST
'endpoint' => 'ovh-ca',
- API documentation: https://ca.api.ovh.com
- API console: https://ca.api.ovh.com/console
- API community support: [email protected]
- OAuth2 application registration: https://ca.api.ovh.com/console/#/me/api/oauth2/client#POST
$ ./vendor/bin/phpunitPlease see CONTRIBUTING for details.
The MIT License (MIT). Please see License File for more information.