Google
extends AbstractProvider
in package
uses
BearerAuthorizationTrait
Represents a service provider (authorization server).
Table of Contents
Constants
- ACCESS_TOKEN_RESOURCE_OWNER_ID = null
- METHOD_GET = 'GET'
- METHOD_POST = 'POST'
- PKCE_METHOD_PLAIN = 'plain'
- PKCE_METHOD_S256 = 'S256'
Properties
- $accessType : string
- $clientId : string
- $clientSecret : string
- $grantFactory : GrantFactory
- $guarded : array<string|int, mixed>
- The properties that aren't mass assignable.
- $hostedDomain : string
- $httpClient : ClientInterface
- $optionProvider : OptionProviderInterface
- $pkceCode : string|null
- $prompt : string
- $redirectUri : string
- $requestFactory : RequestFactory
- $scopes : array<string|int, mixed>
- $state : string
Methods
- __construct() : mixed
- Constructs an OAuth 2.0 service provider.
- authorize() : mixed
- Redirects the client for authorization.
- getAccessToken() : AccessTokenInterface
- Requests an access token using a specified grant and option set.
- getAuthenticatedRequest() : RequestInterface
- Returns an authenticated PSR-7 request instance.
- getAuthorizationUrl() : string
- Builds the authorization URL.
- getBaseAccessTokenUrl() : string
- Returns the base URL for requesting an access token.
- getBaseAuthorizationUrl() : string
- Returns the base URL for authorizing a client.
- getGrantFactory() : GrantFactory
- Returns the current grant factory instance.
- getGuarded() : array<string|int, mixed>
- Returns current guarded properties.
- getHeaders() : array<string|int, mixed>
- Returns all headers used by this provider for a request.
- getHttpClient() : ClientInterface
- Returns the HTTP client instance.
- getOptionProvider() : OptionProviderInterface
- Returns the option provider instance.
- getParsedResponse() : mixed
- Sends a request and returns the parsed response.
- getPkceCode() : string|null
- Returns the current value of the pkceCode parameter.
- getRequest() : RequestInterface
- Returns a PSR-7 request instance that is not authenticated.
- getRequestFactory() : RequestFactory
- Returns the request factory instance.
- getResourceOwner() : ResourceOwnerInterface
- Requests and returns the resource owner of given access token.
- getResourceOwnerDetailsUrl() : string
- Returns the URL for requesting the resource owner's details.
- getResponse() : ResponseInterface
- Sends a request instance and returns a response instance.
- getState() : string
- Returns the current value of the state parameter.
- isGuarded() : bool
- Determines if the given property is guarded.
- setGrantFactory() : self
- Sets the grant factory instance.
- setHttpClient() : self
- Sets the HTTP client instance.
- setOptionProvider() : self
- Sets the option provider instance.
- setPkceCode() : self
- Set the value of the pkceCode parameter.
- setRequestFactory() : self
- Sets the request factory instance.
- appendQuery() : string
- Appends a query string to a URL.
- assertMatchingDomain() : void
- buildQueryString() : string
- Build a query string from an array.
- checkResponse() : void
- Checks a provider response for errors.
- createAccessToken() : AccessTokenInterface
- Creates an access token from a response.
- createRequest() : RequestInterface
- Creates a PSR-7 request instance.
- createResourceOwner() : ResourceOwnerInterface
- Generates a resource owner object from a successful resource owner details request.
- fetchResourceOwnerDetails() : mixed
- Requests resource owner details.
- fillProperties() : mixed
- Attempts to mass assign the given options to explicitly defined properties, skipping over any properties that are defined in the guarded array.
- getAccessTokenMethod() : string
- Returns the method to use when requesting an access token.
- getAccessTokenQuery() : string
- Builds the access token URL's query string.
- getAccessTokenRequest() : RequestInterface
- Returns a prepared request for requesting an access token.
- getAccessTokenResourceOwnerId() : string|null
- Returns the key used in the access token response to identify the resource owner.
- getAccessTokenUrl() : string
- Returns the full URL to use when requesting an access token.
- getAllowedClientOptions() : array<string|int, mixed>
- Returns the list of options that can be passed to the HttpClient
- getAuthorizationHeaders() : array<string|int, mixed>
- Returns authorization headers for the 'bearer' grant.
- getAuthorizationParameters() : array<string|int, mixed>
- Returns authorization parameters based on provided options.
- getAuthorizationQuery() : string
- Builds the authorization URL's query string.
- getContentType() : string
- Returns the content type header of a response.
- getDefaultHeaders() : array<string|int, mixed>
- Returns the default headers used by this provider.
- getDefaultScopes() : array<string|int, mixed>
- Returns the default scopes used by this provider.
- getPkceMethod() : string|null
- getRandomPkceCode() : string
- Returns a new random string to use as PKCE code_verifier and hashed as code_challenge parameters in an authorization flow.
- getRandomState() : string
- Returns a new random string to use as the state parameter in an authorization flow.
- getScopeSeparator() : string
- Returns the string that should be used to separate scopes when building the URL for requesting an access token.
- parseJson() : array<string|int, mixed>
- Attempts to parse a JSON response.
- parseResponse() : array<string|int, mixed>
- Parses the response according to its content-type header.
- prepareAccessTokenResponse() : array<string|int, mixed>
- Prepares an parsed access token response for a grant.
- verifyGrant() : AbstractGrant
- Checks that a provided grant is valid, or attempts to produce one if the provided grant is a string.
- getValueByKey() : mixed
- Returns a value by key using dot notation.
Constants
ACCESS_TOKEN_RESOURCE_OWNER_ID
public
string|null
ACCESS_TOKEN_RESOURCE_OWNER_ID
= null
Key used in a token response to identify the resource owner.
METHOD_GET
public
string
METHOD_GET
= 'GET'
HTTP method used to fetch access tokens.
METHOD_POST
public
string
METHOD_POST
= 'POST'
HTTP method used to fetch access tokens.
PKCE_METHOD_PLAIN
public
string
PKCE_METHOD_PLAIN
= 'plain'
PKCE method used to fetch authorization token.
The PKCE code challenge will be sent as plain text, this is NOT recommended.
Only use plain if no other option is possible.
PKCE_METHOD_S256
public
string
PKCE_METHOD_S256
= 'S256'
PKCE method used to fetch authorization token. The PKCE code challenge will be hashed with sha256 (recommended).
Properties
$accessType
protected
string
$accessType
If set, this will be sent to google as the "access_type" parameter.
Tags
$clientId
protected
string
$clientId
$clientSecret
protected
string
$clientSecret
$grantFactory
protected
GrantFactory
$grantFactory
$guarded
The properties that aren't mass assignable.
protected
array<string|int, mixed>
$guarded
= []
$hostedDomain
protected
string
$hostedDomain
If set, this will be sent to google as the "hd" parameter.
Tags
$httpClient
protected
ClientInterface
$httpClient
$optionProvider
protected
OptionProviderInterface
$optionProvider
$pkceCode
protected
string|null
$pkceCode
= null
$prompt
protected
string
$prompt
If set, this will be sent to google as the "prompt" parameter.
Tags
$redirectUri
protected
string
$redirectUri
$requestFactory
protected
RequestFactory
$requestFactory
$scopes
protected
array<string|int, mixed>
$scopes
= []
List of scopes that will be used for authentication.
Tags
$state
protected
string
$state
Methods
__construct()
Constructs an OAuth 2.0 service provider.
public
__construct([array<string|int, mixed> $options = [] ][, array<string|int, mixed> $collaborators = [] ]) : mixed
Parameters
- $options : array<string|int, mixed> = []
-
An array of options to set on this provider. Options include
clientId,clientSecret,redirectUri, andstate. Individual providers may introduce more options, as needed. - $collaborators : array<string|int, mixed> = []
-
An array of collaborators that may be used to override this provider's default behavior. Collaborators include
grantFactory,requestFactory, andhttpClient. Individual providers may introduce more collaborators, as needed.
authorize()
Redirects the client for authorization.
public
authorize([array<string|int, mixed> $options = [] ][, callable|null $redirectHandler = null ]) : mixed
Parameters
- $options : array<string|int, mixed> = []
- $redirectHandler : callable|null = null
Tags
getAccessToken()
Requests an access token using a specified grant and option set.
public
getAccessToken(mixed $grant[, array<string, mixed> $options = [] ]) : AccessTokenInterface
Parameters
- $grant : mixed
- $options : array<string, mixed> = []
Tags
Return values
AccessTokenInterfacegetAuthenticatedRequest()
Returns an authenticated PSR-7 request instance.
public
getAuthenticatedRequest(string $method, string $url, AccessTokenInterface|string|null $token[, array<string|int, mixed> $options = [] ]) : RequestInterface
Parameters
- $method : string
- $url : string
- $token : AccessTokenInterface|string|null
- $options : array<string|int, mixed> = []
-
Any of "headers", "body", and "protocolVersion".
Return values
RequestInterfacegetAuthorizationUrl()
Builds the authorization URL.
public
getAuthorizationUrl([array<string|int, mixed> $options = [] ]) : string
Parameters
- $options : array<string|int, mixed> = []
Tags
Return values
string —Authorization URL
getBaseAccessTokenUrl()
Returns the base URL for requesting an access token.
public
getBaseAccessTokenUrl(array<string|int, mixed> $params) : string
Eg. https://oauth.service.com/token
Parameters
- $params : array<string|int, mixed>
Return values
stringgetBaseAuthorizationUrl()
Returns the base URL for authorizing a client.
public
getBaseAuthorizationUrl() : string
Eg. https://oauth.service.com/authorize
Return values
stringgetGrantFactory()
Returns the current grant factory instance.
public
getGrantFactory() : GrantFactory
Return values
GrantFactorygetGuarded()
Returns current guarded properties.
public
getGuarded() : array<string|int, mixed>
Return values
array<string|int, mixed>getHeaders()
Returns all headers used by this provider for a request.
public
getHeaders([mixed|null $token = null ]) : array<string|int, mixed>
The request will be authenticated if an access token is provided.
Parameters
- $token : mixed|null = null
-
object or string
Return values
array<string|int, mixed>getHttpClient()
Returns the HTTP client instance.
public
getHttpClient() : ClientInterface
Return values
ClientInterfacegetOptionProvider()
Returns the option provider instance.
public
getOptionProvider() : OptionProviderInterface
Return values
OptionProviderInterfacegetParsedResponse()
Sends a request and returns the parsed response.
public
getParsedResponse(RequestInterface $request) : mixed
Parameters
- $request : RequestInterface
Tags
getPkceCode()
Returns the current value of the pkceCode parameter.
public
getPkceCode() : string|null
This can be accessed by the redirect handler during authorization.
Return values
string|nullgetRequest()
Returns a PSR-7 request instance that is not authenticated.
public
getRequest(string $method, string $url[, array<string|int, mixed> $options = [] ]) : RequestInterface
Parameters
- $method : string
- $url : string
- $options : array<string|int, mixed> = []
Return values
RequestInterfacegetRequestFactory()
Returns the request factory instance.
public
getRequestFactory() : RequestFactory
Return values
RequestFactorygetResourceOwner()
Requests and returns the resource owner of given access token.
public
getResourceOwner(AccessToken $token) : ResourceOwnerInterface
Parameters
- $token : AccessToken
Tags
Return values
ResourceOwnerInterfacegetResourceOwnerDetailsUrl()
Returns the URL for requesting the resource owner's details.
public
getResourceOwnerDetailsUrl(AccessToken $token) : string
Parameters
- $token : AccessToken
Return values
stringgetResponse()
Sends a request instance and returns a response instance.
public
getResponse(RequestInterface $request) : ResponseInterface
WARNING: This method does not attempt to catch exceptions caused by HTTP errors! It is recommended to wrap this method in a try/catch block.
Parameters
- $request : RequestInterface
Tags
Return values
ResponseInterfacegetState()
Returns the current value of the state parameter.
public
getState() : string
This can be accessed by the redirect handler during authorization.
Return values
stringisGuarded()
Determines if the given property is guarded.
public
isGuarded(string $property) : bool
Parameters
- $property : string
Return values
boolsetGrantFactory()
Sets the grant factory instance.
public
setGrantFactory(GrantFactory $factory) : self
Parameters
- $factory : GrantFactory
Return values
selfsetHttpClient()
Sets the HTTP client instance.
public
setHttpClient(ClientInterface $client) : self
Parameters
- $client : ClientInterface
Return values
selfsetOptionProvider()
Sets the option provider instance.
public
setOptionProvider(OptionProviderInterface $provider) : self
Parameters
- $provider : OptionProviderInterface
Return values
selfsetPkceCode()
Set the value of the pkceCode parameter.
public
setPkceCode(string $pkceCode) : self
When using PKCE this should be set before requesting an access token.
Parameters
- $pkceCode : string
Return values
selfsetRequestFactory()
Sets the request factory instance.
public
setRequestFactory(RequestFactory $factory) : self
Parameters
- $factory : RequestFactory
Return values
selfappendQuery()
Appends a query string to a URL.
protected
appendQuery(string $url, string $query) : string
Parameters
- $url : string
-
The URL to append the query to
- $query : string
-
The HTTP query string
Return values
string —The resulting URL
assertMatchingDomain()
protected
assertMatchingDomain(string|null $hostedDomain) : void
Parameters
- $hostedDomain : string|null
Tags
buildQueryString()
Build a query string from an array.
protected
buildQueryString(array<string|int, mixed> $params) : string
Parameters
- $params : array<string|int, mixed>
Return values
stringcheckResponse()
Checks a provider response for errors.
protected
checkResponse(ResponseInterface $response, mixed $data) : void
Parameters
- $response : ResponseInterface
- $data : mixed
-
Parsed response data
createAccessToken()
Creates an access token from a response.
protected
createAccessToken(array<string|int, mixed> $response, AbstractGrant $grant) : AccessTokenInterface
The grant that was used to fetch the response can be used to provide additional context.
Parameters
- $response : array<string|int, mixed>
- $grant : AbstractGrant
Return values
AccessTokenInterfacecreateRequest()
Creates a PSR-7 request instance.
protected
createRequest(string $method, string $url, AccessTokenInterface|string|null $token, array<string|int, mixed> $options) : RequestInterface
Parameters
- $method : string
- $url : string
- $token : AccessTokenInterface|string|null
- $options : array<string|int, mixed>
Return values
RequestInterfacecreateResourceOwner()
Generates a resource owner object from a successful resource owner details request.
protected
createResourceOwner(array<string|int, mixed> $response, AccessToken $token) : ResourceOwnerInterface
Parameters
- $response : array<string|int, mixed>
- $token : AccessToken
Return values
ResourceOwnerInterfacefetchResourceOwnerDetails()
Requests resource owner details.
protected
fetchResourceOwnerDetails(AccessToken $token) : mixed
Parameters
- $token : AccessToken
Tags
fillProperties()
Attempts to mass assign the given options to explicitly defined properties, skipping over any properties that are defined in the guarded array.
protected
fillProperties([array<string|int, mixed> $options = [] ]) : mixed
Parameters
- $options : array<string|int, mixed> = []
getAccessTokenMethod()
Returns the method to use when requesting an access token.
protected
getAccessTokenMethod() : string
Return values
string —HTTP method
getAccessTokenQuery()
Builds the access token URL's query string.
protected
getAccessTokenQuery(array<string|int, mixed> $params) : string
Parameters
- $params : array<string|int, mixed>
-
Query parameters
Return values
string —Query string
getAccessTokenRequest()
Returns a prepared request for requesting an access token.
protected
getAccessTokenRequest(array<string|int, mixed> $params) : RequestInterface
Parameters
- $params : array<string|int, mixed>
-
Query string parameters
Return values
RequestInterfacegetAccessTokenResourceOwnerId()
Returns the key used in the access token response to identify the resource owner.
protected
getAccessTokenResourceOwnerId() : string|null
Return values
string|null —Resource owner identifier key
getAccessTokenUrl()
Returns the full URL to use when requesting an access token.
protected
getAccessTokenUrl(array<string|int, mixed> $params) : string
Parameters
- $params : array<string|int, mixed>
-
Query parameters
Return values
stringgetAllowedClientOptions()
Returns the list of options that can be passed to the HttpClient
protected
getAllowedClientOptions(array<string|int, mixed> $options) : array<string|int, mixed>
Parameters
- $options : array<string|int, mixed>
-
An array of options to set on this provider. Options include
clientId,clientSecret,redirectUri, andstate. Individual providers may introduce more options, as needed.
Return values
array<string|int, mixed> —The options to pass to the HttpClient constructor
getAuthorizationHeaders()
Returns authorization headers for the 'bearer' grant.
protected
getAuthorizationHeaders([AccessTokenInterface|string|null $token = null ]) : array<string|int, mixed>
Parameters
- $token : AccessTokenInterface|string|null = null
-
Either a string or an access token instance
Return values
array<string|int, mixed>getAuthorizationParameters()
Returns authorization parameters based on provided options.
protected
getAuthorizationParameters(array<string|int, mixed> $options) : array<string|int, mixed>
Parameters
- $options : array<string|int, mixed>
Return values
array<string|int, mixed> —Authorization parameters
getAuthorizationQuery()
Builds the authorization URL's query string.
protected
getAuthorizationQuery(array<string|int, mixed> $params) : string
Parameters
- $params : array<string|int, mixed>
-
Query parameters
Return values
string —Query string
getContentType()
Returns the content type header of a response.
protected
getContentType(ResponseInterface $response) : string
Parameters
- $response : ResponseInterface
Return values
string —Semi-colon separated join of content-type headers.
getDefaultHeaders()
Returns the default headers used by this provider.
protected
getDefaultHeaders() : array<string|int, mixed>
Typically this is used to set 'Accept' or 'Content-Type' headers.
Return values
array<string|int, mixed>getDefaultScopes()
Returns the default scopes used by this provider.
protected
getDefaultScopes() : array<string|int, mixed>
This should only be the scopes that are required to request the details of the resource owner, rather than all the available scopes.
Return values
array<string|int, mixed>getPkceMethod()
protected
getPkceMethod() : string|null
Return values
string|nullgetRandomPkceCode()
Returns a new random string to use as PKCE code_verifier and hashed as code_challenge parameters in an authorization flow.
protected
getRandomPkceCode([int $length = 64 ]) : string
Must be between 43 and 128 characters long.
Parameters
- $length : int = 64
-
Length of the random string to be generated.
Return values
stringgetRandomState()
Returns a new random string to use as the state parameter in an authorization flow.
protected
getRandomState([int $length = 32 ]) : string
Parameters
- $length : int = 32
-
Length of the random string to be generated.
Return values
stringgetScopeSeparator()
Returns the string that should be used to separate scopes when building the URL for requesting an access token.
protected
getScopeSeparator() : string
Return values
string —Scope separator, defaults to ','
parseJson()
Attempts to parse a JSON response.
protected
parseJson(string $content) : array<string|int, mixed>
Parameters
- $content : string
-
JSON content from response body
Tags
Return values
array<string|int, mixed> —Parsed JSON data
parseResponse()
Parses the response according to its content-type header.
protected
parseResponse(ResponseInterface $response) : array<string|int, mixed>
Parameters
- $response : ResponseInterface
Tags
Return values
array<string|int, mixed>prepareAccessTokenResponse()
Prepares an parsed access token response for a grant.
protected
prepareAccessTokenResponse(array<string, mixed> $result) : array<string|int, mixed>
Custom mapping of expiration, etc should be done here. Always call the parent method when overloading this method.
Parameters
- $result : array<string, mixed>
Return values
array<string|int, mixed>verifyGrant()
Checks that a provided grant is valid, or attempts to produce one if the provided grant is a string.
protected
verifyGrant(AbstractGrant|string $grant) : AbstractGrant
Parameters
- $grant : AbstractGrant|string
Return values
AbstractGrantgetValueByKey()
Returns a value by key using dot notation.
private
getValueByKey(array<string|int, mixed> $data, string $key[, mixed|null $default = null ]) : mixed
Parameters
- $data : array<string|int, mixed>
- $key : string
- $default : mixed|null = null