Initial commit

Author: SoftCreatR

.gitignore

@@ -0,0 +1 @@
+*.zip

LICENSE

@@ -0,0 +1,66 @@
+# OpenAuth.dev Provider for XenForo 2
+
+<div align=center>
+
+![openauth-icon](https://user-images.githubusercontent.com/81188/87192541-f9fbe600-c2f6-11ea-9c8c-aebe7813d154.png)
+
+
+### OpenAuth.dev Provider for XenForo 2
+
+</div>
+
+---
+
+### Table of contents
+
+* [About the project](#about-the-project)
+* [Getting Started](#getting-started)
+* [Configuration](#configuration)
+* [Contributing](#contributing)
+* [Versioning](#versioning)
+* [Authors](#authors)
+* [License](#license)
+
+## About the project
+
+WIP
+
+## Prerequisites
+
+You need:
+
+- A XenForo installation (2.0.4 or newer)
+- PHP (5.4 or newer)
+- A free user account on [OpenAuth.dev](https://www.openauth.dev), which has been authorized as a developer
+
+## Getting started
+
+Download the latest release from the [releases section](https://github.com/openauth-dev/XF-OA-OpenAuth/releases) and upload it in your XenForo installation.
+
+That's it!
+
+## Configuration
+
+Common to all vendors is that you have to create an "application" for the respective vendor, and get an ID and secret key, which must be entered into the settings (Administration > Setup > Connected Accounts) of your community.
+
+To obtain a key pair from OpenAuth.dev, you need to [create an application](https://www.openauth.dev/developer/app-create/) first. After successful creation, find your newly created application in the list of [your applications](https://www.openauth.dev/developer/my-apps/) and click the "Edit" button. At the bottom of that page, you'll find the Client ID and the corresponding Client Secret. Copy both and paste them into the provider settings.
+
+Under normal circumstances, you should now be able to register/log in using OpenAuth.dev.
+
+## Contributing
+
+There are many ways to help this open source project. Write tutorials, improve documentation, share bugs with others, make feature requests, or just write code. We look forward to every contribution.
+
+## Versioning
+
+We use [SemVer](http://semver.org/) for versioning. For available versions, see the [tags on this repository](https://github.com/openauth-dev/XF-OA-OpenAuth/tags).
+
+## Authors
+
+* **Sascha Greuel** - *Main development* - [SoftCreatR](https://github.com/SoftCreatR)
+
+See also the list of [contributors](https://github.com/openauth-dev/XF-OA-OpenAuth/graphs/contributors) who participated in this project.
+
+## License
+
+This project is licensed under the LGPL-2.1 License - see the [LICENSE](LICENSE) file for details.

README.md

@@ -0,0 +1,81 @@
+<?php
+/*
+ * Copyright by The OpenAuth.dev Team.
+ * This file is part of XF/OA/OpenAuth.
+ *
+ * License: GNU Lesser General Public License v2.1
+ *
+ * THIS LIBRARY IS FREE SOFTWARE; YOU CAN REDISTRIBUTE IT AND/OR
+ * MODIFY IT UNDER THE TERMS OF THE GNU LESSER GENERAL PUBLIC
+ * LICENSE AS PUBLISHED BY THE FREE SOFTWARE FOUNDATION; EITHER
+ * VERSION 2.1 OF THE LICENSE, OR (AT YOUR OPTION) ANY LATER VERSION.
+ * 
+ * THIS LIBRARY IS DISTRIBUTED IN THE HOPE THAT IT WILL BE USEFUL,
+ * BUT WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF
+ * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.  SEE THE GNU
+ * LESSER GENERAL PUBLIC LICENSE FOR MORE DETAILS.
+ * 
+ * YOU SHOULD HAVE RECEIVED A COPY OF THE GNU LESSER GENERAL PUBLIC
+ * LICENSE ALONG WITH THIS LIBRARY; IF NOT, WRITE TO THE FREE SOFTWARE
+ * FOUNDATION, INC., 51 FRANKLIN STREET, FIFTH FLOOR, BOSTON, MA  02110-1301  USA
+ *
+ * The above copyright notice and this disclaimer notice shall be included in all
+ * copies or substantial portions of the Software.
+ */
+
+namespace OA\OpenAuth\ConnectedAccount\Provider;
+
+use XF\ConnectedAccount\Provider\AbstractProvider;
+use XF\Entity\ConnectedAccountProvider;
+
+class OpenAuth extends AbstractProvider
+{
+    /**
+     * {@inheritdoc}
+     */
+    public function getOAuthServiceName()
+    {
+        return 'OA\OpenAuth:Service\OpenAuth';
+    }
+
+    /**
+     * @return string
+     */
+    public function getProviderDataClass()
+    {
+        return 'OA\OpenAuth:ProviderData\OpenAuth';
+    }
+
+    /**
+     * @return string[]
+     */
+    public function getDefaultOptions()
+    {
+        return [
+            'client_id' => '',
+            'client_secret' => ''
+        ];
+    }
+
+    /**
+     * @param ConnectedAccountProvider $provider
+     * @param null $redirectUri
+     * @return array
+     */
+    public function getOAuthConfig(ConnectedAccountProvider $provider, $redirectUri = null)
+    {
+        return [
+            'key' => $provider->options['client_id'],
+            'secret' => $provider->options['client_secret'],
+            'scopes' => [
+                \OA\OpenAuth\ConnectedAccount\Service\OpenAuth::SCOPE_OPENID,
+                \OA\OpenAuth\ConnectedAccount\Service\OpenAuth::SCOPE_NICKNAME,
+                \OA\OpenAuth\ConnectedAccount\Service\OpenAuth::SCOPE_PROFILE,
+                \OA\OpenAuth\ConnectedAccount\Service\OpenAuth::SCOPE_EMAIL,
+                \OA\OpenAuth\ConnectedAccount\Service\OpenAuth::SCOPE_EMAIL_VERIFIED,
+                \OA\OpenAuth\ConnectedAccount\Service\OpenAuth::SCOPE_PICTURE
+            ],
+            'redirect_uri' => $redirectUri ?: $this->getRedirectUri($provider)
+        ];
+    }
+}

upload/src/addons/OA/OpenAuth/ConnectedAccount/Provider/OpenAuth.php

@@ -0,0 +1,56 @@
+<?php
+/*
+ * Copyright by The OpenAuth.dev Team.
+ * This file is part of XF/OA/OpenAuth.
+ *
+ * License: GNU Lesser General Public License v2.1
+ *
+ * THIS LIBRARY IS FREE SOFTWARE; YOU CAN REDISTRIBUTE IT AND/OR
+ * MODIFY IT UNDER THE TERMS OF THE GNU LESSER GENERAL PUBLIC
+ * LICENSE AS PUBLISHED BY THE FREE SOFTWARE FOUNDATION; EITHER
+ * VERSION 2.1 OF THE LICENSE, OR (AT YOUR OPTION) ANY LATER VERSION.
+ * 
+ * THIS LIBRARY IS DISTRIBUTED IN THE HOPE THAT IT WILL BE USEFUL,
+ * BUT WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF
+ * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.  SEE THE GNU
+ * LESSER GENERAL PUBLIC LICENSE FOR MORE DETAILS.
+ * 
+ * YOU SHOULD HAVE RECEIVED A COPY OF THE GNU LESSER GENERAL PUBLIC
+ * LICENSE ALONG WITH THIS LIBRARY; IF NOT, WRITE TO THE FREE SOFTWARE
+ * FOUNDATION, INC., 51 FRANKLIN STREET, FIFTH FLOOR, BOSTON, MA  02110-1301  USA
+ *
+ * The above copyright notice and this disclaimer notice shall be included in all
+ * copies or substantial portions of the Software.
+ */
+
+namespace OA\OpenAuth\ConnectedAccount\ProviderData;
+
+use XF\ConnectedAccount\ProviderData\AbstractProviderData;
+
+class OpenAuth extends AbstractProviderData
+{
+    public function getDefaultEndpoint()
+    {
+        return '/me';
+    }
+
+    public function getProviderKey()
+    {
+        return $this->requestFromEndpoint('sub');
+    }
+
+    public function getUsername()
+    {
+        return $this->requestFromEndpoint('nickname');
+    }
+
+    public function getEmail()
+    {
+        return $this->requestFromEndpoint('email_verified') ?: $this->requestFromEndpoint('email');
+    }
+
+    public function getAvatarUrl()
+    {
+        return $this->requestFromEndpoint('picture');
+    }
+}

upload/src/addons/OA/OpenAuth/ConnectedAccount/ProviderData/OpenAuth.php

@@ -0,0 +1,178 @@
+<?php
+/*
+ * Copyright by The OpenAuth.dev Team.
+ * This file is part of XF/OA/OpenAuth.
+ *
+ * License: GNU Lesser General Public License v2.1
+ *
+ * THIS LIBRARY IS FREE SOFTWARE; YOU CAN REDISTRIBUTE IT AND/OR
+ * MODIFY IT UNDER THE TERMS OF THE GNU LESSER GENERAL PUBLIC
+ * LICENSE AS PUBLISHED BY THE FREE SOFTWARE FOUNDATION; EITHER
+ * VERSION 2.1 OF THE LICENSE, OR (AT YOUR OPTION) ANY LATER VERSION.
+ * 
+ * THIS LIBRARY IS DISTRIBUTED IN THE HOPE THAT IT WILL BE USEFUL,
+ * BUT WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF
+ * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.  SEE THE GNU
+ * LESSER GENERAL PUBLIC LICENSE FOR MORE DETAILS.
+ * 
+ * YOU SHOULD HAVE RECEIVED A COPY OF THE GNU LESSER GENERAL PUBLIC
+ * LICENSE ALONG WITH THIS LIBRARY; IF NOT, WRITE TO THE FREE SOFTWARE
+ * FOUNDATION, INC., 51 FRANKLIN STREET, FIFTH FLOOR, BOSTON, MA  02110-1301  USA
+ *
+ * The above copyright notice and this disclaimer notice shall be included in all
+ * copies or substantial portions of the Software.
+ */
+
+namespace OA\OpenAuth\ConnectedAccount\Service;
+
+use OAuth\Common\Consumer\CredentialsInterface;
+use OAuth\Common\Http\Client\ClientInterface;
+use OAuth\Common\Http\Exception\TokenResponseException;
+use OAuth\Common\Http\Uri\Uri;
+use OAuth\Common\Http\Uri\UriInterface;
+use OAuth\Common\Storage\TokenStorageInterface;
+use OAuth\OAuth2\Service\AbstractService;
+use OAuth\OAuth2\Token\StdOAuth2Token;
+
+class OpenAuth extends AbstractService
+{
+    /**
+     * @string
+     */
+    const SCOPE_OPENID = 'openid';
+
+    /**
+     * @string
+     */
+    const SCOPE_NICKNAME = 'nickname';
+
+    /**
+     * @string
+     */
+    const SCOPE_PROFILE = 'profile';
+
+    /**
+     * @string
+     */
+    const SCOPE_EMAIL = 'email';
+
+    /**
+     * @string
+     */
+    const SCOPE_EMAIL_VERIFIED = 'email_verified';
+
+    /**
+     * @string
+     */
+    const SCOPE_PICTURE = 'picture';
+
+    /**
+     * {@inheritdoc}
+     */
+    public function __construct(
+        CredentialsInterface $credentials,
+        ClientInterface $httpClient,
+        TokenStorageInterface $storage,
+        $scopes = [],
+        UriInterface $baseApiUri = null
+    ) {
+        parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri, true);
+
+        if (null === $baseApiUri) {
+            $this->baseApiUri = new Uri('https://www.openauth.dev');
+        }
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getAuthorizationMethod()
+    {
+        return static::AUTHORIZATION_METHOD_HEADER_BEARER;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function parseAccessTokenResponse($responseBody)
+    {
+        $data = json_decode($responseBody, true);
+
+        if (null === $data || !is_array($data)) {
+            throw new TokenResponseException('Unable to parse response.');
+        }
+
+        if (isset($data['error'])) {
+            throw new TokenResponseException('Error in retrieving token: "' . $data['error'] . '"');
+        }
+
+        $token = new StdOAuth2Token();
+
+        $token->setAccessToken($data['access_token']);
+        unset($data['access_token']);
+
+        if (isset($data['expires_in'])) {
+            $token->setLifeTime($data['expires_in']);
+            unset($data['expires_in']);
+        }
+
+        if (isset($data['refresh_token'])) {
+            $token->setRefreshToken($data['refresh_token']);
+            unset($data['refresh_token']);
+        }
+
+        $token->setExtraParams($data);
+
+        return $token;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getAuthorizationEndpoint()
+    {
+        return new Uri($this->baseApiUri . '/oauth2-authorize');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getAccessTokenEndpoint()
+    {
+        return new Uri($this->baseApiUri . '/oauth2-token');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getAuthorizationUri(array $additionalParameters = [])
+    {
+        $parameters = array_merge(
+            $additionalParameters,
+            [
+                'client_id' => $this->credentials->getConsumerId(),
+                'redirect_uri' => $this->credentials->getCallbackUrl(),
+                'response_type' => 'code',
+            ]
+        );
+
+        if ($this->needsStateParameterInAuthUrl()) {
+            if (!isset($parameters['state'])) {
+                $parameters['state'] = $this->generateAuthorizationState();
+            }
+
+            $this->storeAuthorizationState($parameters['state']);
+        }
+
+        $parameters['scope'] = implode(' ', $this->scopes);
+
+        // Build the url
+        $url = clone $this->getAuthorizationEndpoint();
+
+        foreach ($parameters as $key => $val) {
+            $url->addToQuery($key, $val);
+        }
+
+        return $url;
+    }
+}