├── .gitignore ├── FacebookStrategy.php ├── README.md └── composer.json /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | .idea 3 | -------------------------------------------------------------------------------- /FacebookStrategy.php: -------------------------------------------------------------------------------- 1 | '{complete_url_to_strategy}int_callback', 8 | 'scope' => 'email', // Default scope for necessary permissions 9 | ); 10 | 11 | private $api_version = 'v17.0'; // Update to the latest supported version 12 | 13 | public function request() { 14 | $params = array( 15 | 'client_id' => $this->strategy['app_id'], 16 | 'redirect_uri' => $this->strategy['redirect_uri'], 17 | 'scope' => $this->strategy['scope'], 18 | ); 19 | 20 | if (!empty($this->strategy['api_version'])) { 21 | $params['api_version'] = $this->strategy['api_version']; 22 | $this->api_version = $this->strategy['api_version']; 23 | } 24 | $url = "https://www.facebook.com/{$this->api_version}/dialog/oauth"; 25 | 26 | // Other optional parameters 27 | if (!empty($this->strategy['state'])) $params['state'] = $this->strategy['state']; 28 | if (!empty($this->strategy['response_type'])) $params['response_type'] = $this->strategy['response_type']; 29 | if (!empty($this->strategy['display'])) $params['display'] = $this->strategy['display']; 30 | if (!empty($this->strategy['auth_type'])) $params['auth_type'] = $this->strategy['auth_type']; 31 | 32 | $this->clientGet($url, $params); 33 | } 34 | 35 | public function int_callback() { 36 | if (empty($_GET['code'])) { 37 | $error = array( 38 | 'provider' => 'Facebook', 39 | 'code' => isset($_GET['error_code']) ? $_GET['error_code'] : 'unknown_error', 40 | 'message' => isset($_GET['error_message']) ? $_GET['error_message'] : 'Unknown error occurred', 41 | 'raw' => $_GET 42 | ); 43 | 44 | $this->errorCallback($error); 45 | return; 46 | } 47 | 48 | $url = 'https://graph.facebook.com/oauth/access_token'; 49 | $params = array( 50 | 'client_id' => $this->strategy['app_id'], 51 | 'client_secret' => $this->strategy['app_secret'], 52 | 'redirect_uri' => $this->strategy['redirect_uri'], 53 | 'code' => trim($_GET['code']) 54 | ); 55 | 56 | $response = $this->serverGet($url, $params, null, $headers); 57 | $results = json_decode($response); 58 | 59 | if (empty($results) || empty($results->access_token)) { 60 | $error = array( 61 | 'provider' => 'Facebook', 62 | 'code' => 'access_token_error', 63 | 'message' => 'Failed when attempting to obtain access token', 64 | 'raw' => $headers 65 | ); 66 | 67 | $this->errorCallback($error); 68 | return; 69 | } 70 | 71 | // Store the access token securely, for example, in a session or database 72 | $securely_stored_access_token = $results->access_token; 73 | 74 | // Fetch user info using the access token 75 | $me = $this->me($securely_stored_access_token); 76 | if (empty($me)) { 77 | $error = array( 78 | 'provider' => 'Facebook', 79 | 'code' => 'me_error', 80 | 'message' => 'Failed when attempting to query for user information', 81 | 'raw' => array( 82 | 'response' => $me, 83 | 'headers' => $headers 84 | ) 85 | ); 86 | 87 | $this->errorCallback($error); 88 | return; 89 | } 90 | 91 | // Prepare the user information for Opauth callback 92 | $this->auth = array( 93 | 'provider' => 'Facebook', 94 | 'uid' => $me->id, 95 | 'info' => array( 96 | 'name' => $me->name, 97 | 'image' => "https://graph.facebook.com/{$this->api_version}/{$me->id}/picture?type=large" 98 | ), 99 | 'credentials' => array( 100 | 'token' => $securely_stored_access_token, 101 | 'expires' => date('c', time() + $results->expires_in) 102 | ), 103 | 'raw' => $me 104 | ); 105 | 106 | // Optional user info 107 | if (!empty($me->email)) $this->auth['info']['email'] = $me->email; 108 | if (!empty($me->name)) $this->auth['info']['nickname'] = $me->name; 109 | if (!empty($me->first_name)) $this->auth['info']['first_name'] = $me->first_name; 110 | if (!empty($me->last_name)) $this->auth['info']['last_name'] = $me->last_name; 111 | if (!empty($me->link)) $this->auth['info']['urls']['facebook'] = $me->link; 112 | 113 | $this->callback(); 114 | } 115 | 116 | private function me($access_token) { 117 | $fields = 'id,name,email'; // Default fields 118 | if (isset($this->strategy['fields'])) { 119 | $fields = $this->strategy['fields']; 120 | } 121 | 122 | if (!empty($this->strategy['api_version'])) { 123 | $this->api_version = $this->strategy['api_version']; 124 | } 125 | 126 | $me = $this->serverGet( 127 | "https://graph.facebook.com/{$this->api_version}/me", 128 | array( 129 | 'appsecret_proof' => hash_hmac('sha256', $access_token, $this->strategy['app_secret']), 130 | 'access_token' => $access_token, 131 | 'fields' => $fields 132 | ), 133 | null, 134 | $headers 135 | ); 136 | 137 | if (empty($me)) { 138 | return null; 139 | } 140 | 141 | return json_decode($me); 142 | } 143 | } 144 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Opauth-Facebook 2 | ============= 3 | [Opauth][1] strategy for Facebook authentication. 4 | 5 | Implemented based on https://developers.facebook.com/docs/authentication/ 6 | 7 | Getting started 8 | ---------------- 9 | 1. Install Opauth-Facebook: 10 | ```bash 11 | cd path_to_opauth/Strategy 12 | git clone https://github.com/opauth/facebook.git Facebook 13 | ``` 14 | or 15 | ``` 16 | composer require opauth/facebook 17 | ``` 18 | 19 | 2. Create Facebook application at https://developers.facebook.com/apps/ 20 | - Remember to enter App Domains 21 | - "Website with Facebook Login" must be checked, but for "Site URL", you can enter any landing URL. 22 | 23 | 3. Configure Opauth-Facebook strategy with at least `App ID` and `App Secret`. 24 | 25 | 4. Direct user to `http://path_to_opauth/facebook` to authenticate 26 | 27 | Strategy configuration 28 | ---------------------- 29 | 30 | Required parameters: 31 | 32 | ```php 33 | array( 35 | 'app_id' => 'YOUR APP ID', 36 | 'app_secret' => 'YOUR APP SECRET' 37 | ) 38 | ``` 39 | 40 | Even though `fields` is an optional configuration parameter for Opauth-Facebook, for most cases you would like to explicitly define it. It should be defined in a comma-separated string. 41 | 42 | Refer to [Facebook Fields Reference](https://developers.facebook.com/docs/graph-api/reference/user) for list of valid fields. 43 | 44 | License 45 | --------- 46 | Opauth-Facebook is MIT Licensed 47 | Copyright © 2012 U-Zyn Chua (http://uzyn.com) 48 | 49 | [1]: https://github.com/opauth/opauth 50 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "opauth/facebook", 3 | "description": "Facebook strategy for Opauth", 4 | "keywords": ["authentication","auth","facebook"], 5 | "homepage": "https://opauth.org", 6 | "license": "MIT", 7 | "authors": [ 8 | { 9 | "name": "U-Zyn Chua", 10 | "email": "chua@uzyn.com", 11 | "homepage": "http://uzyn.com" 12 | }, 13 | { 14 | "name": "Henrique Mattos", 15 | "email": "henrique@visualworks.com.br", 16 | "homepage": "https://www.visualworks.com.br" 17 | } 18 | ], 19 | "require": { 20 | "php": ">=5.2.0", 21 | "opauth/opauth": ">=0.2.0" 22 | }, 23 | "autoload": { 24 | "psr-0": { 25 | "": "." 26 | } 27 | } 28 | } 29 | --------------------------------------------------------------------------------