|
| 1 | +# Slack Provider for OAuth 2.0 Client |
| 2 | +[](https://github.com/bramdevries/oauth2-slack/releases) |
| 3 | +[](LICENSE.md) |
| 4 | +[](https://travis-ci.org/bramdevries/oauth2-slack) |
| 5 | +[](https://scrutinizer-ci.com/g/bramdevries/oauth2-slack/code-structure) |
| 6 | +[](https://scrutinizer-ci.com/g/bramdevries/oauth2-slack) |
| 7 | +[](https://packagist.org/packages/league/oauth2-github) |
| 8 | + |
| 9 | +This package provides Slack OAuth 2.0 support for the PHP League's [OAuth 2.0 Client](https://github.com/thephpleague/oauth2-client). |
| 10 | + |
| 11 | +## Installation |
| 12 | + |
| 13 | +To install, use composer: |
| 14 | + |
| 15 | +``` |
| 16 | +composer require bramdevries/oauth2-slack |
| 17 | +``` |
| 18 | + |
| 19 | +## Usage |
| 20 | + |
| 21 | +Usage is the same as The League's OAuth client, using `\League\OAuth2\Client\Provider\Slack` as the provider. |
| 22 | + |
| 23 | +### Authorization Code Flow |
| 24 | + |
| 25 | +```php |
| 26 | +$provider = new League\OAuth2\Client\Provider\Slack([ |
| 27 | + 'clientId' => '{github-client-id}', |
| 28 | + 'clientSecret' => '{github-client-secret}', |
| 29 | + 'redirectUri' => 'https://example.com/callback-url', |
| 30 | +]); |
| 31 | + |
| 32 | +if (!isset($_GET['code'])) { |
| 33 | + |
| 34 | + // If we don't have an authorization code then get one |
| 35 | + $authUrl = $provider->getAuthorizationUrl(); |
| 36 | + $_SESSION['oauth2state'] = $provider->getState(); |
| 37 | + header('Location: '.$authUrl); |
| 38 | + exit; |
| 39 | + |
| 40 | +// Check given state against previously stored one to mitigate CSRF attack |
| 41 | +} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) { |
| 42 | + |
| 43 | + unset($_SESSION['oauth2state']); |
| 44 | + exit('Invalid state'); |
| 45 | + |
| 46 | +} else { |
| 47 | + |
| 48 | + // Try to get an access token (using the authorization code grant) |
| 49 | + $token = $provider->getAccessToken('authorization_code', [ |
| 50 | + 'code' => $_GET['code'] |
| 51 | + ]); |
| 52 | + |
| 53 | + // Optional: Now you have a token you can look up a users profile data |
| 54 | + try { |
| 55 | + |
| 56 | + // We got an access token, let's now get the user's details |
| 57 | + $user = $provider->getResourceOwner($token); |
| 58 | + |
| 59 | + // Use these details to create a new profile |
| 60 | + printf('Hello %s!', $user->getNickname()); |
| 61 | + |
| 62 | + } catch (Exception $e) { |
| 63 | + |
| 64 | + // Failed to get user details |
| 65 | + exit('Oh dear...'); |
| 66 | + } |
| 67 | + |
| 68 | + // Use this to interact with an API on the users behalf |
| 69 | + echo $token->getToken(); |
| 70 | +} |
| 71 | +``` |
| 72 | + |
| 73 | +### Managing Scopes |
| 74 | + |
| 75 | +When creating your Slack authorization URL, you can specify the state and scopes your application may authorize. |
| 76 | + |
| 77 | +```php |
| 78 | +$options = [ |
| 79 | + 'state' => 'OPTIONAL_CUSTOM_CONFIGURED_STATE', |
| 80 | + 'scope' => ['identify','read','post'] // array or string |
| 81 | +]; |
| 82 | + |
| 83 | +$authorizationUrl = $provider->getAuthorizationUrl($options); |
| 84 | +``` |
| 85 | +If neither are defined, the provider will utilize internal defaults. |
| 86 | + |
| 87 | +At the time of authoring this documentation, the [following scopes are available](https://api.slack.com/docs/oauth). |
| 88 | + |
| 89 | +- identify |
| 90 | +- read |
| 91 | +- post |
| 92 | +- client |
| 93 | +- admin |
| 94 | + |
| 95 | +## Testing |
| 96 | + |
| 97 | +``` bash |
| 98 | +$ ./vendor/bin/phpunit |
| 99 | +``` |
| 100 | +## Credits |
| 101 | + |
| 102 | +- [Bram Devries](https://github.com/bramdevries) |
| 103 | +- [All Contributors](https://github.com/bramdevries/oauth2-slack/contributors) |
| 104 | + |
| 105 | + |
| 106 | +## License |
| 107 | + |
| 108 | +The MIT License (MIT). Please see [License File](https://github.com/bramdevries/oauth2-slack/blob/master/LICENSE) for more information. |
0 commit comments