src/applications/auth/adapter/PhutilGoogleAuthAdapter.php

   1 <?php
   2
   3 /**
   4  * Authentication adapter for Google OAuth2.
   5  */
   6 final class PhutilGoogleAuthAdapter extends PhutilOAuthAuthAdapter {
   7
   8   public function getAdapterType() {
   9     return 'google';
  10   }
  11
  12   public function getAdapterDomain() {
  13     return 'google.com';
  14   }
  15
  16   protected function newAccountIdentifiers() {
  17     $identifiers = array();
  18
  19     $account_id = $this->getOAuthAccountData('id');
  20     if ($account_id !== null) {
  21       $account_id = sprintf(
  22         'id(%s)',
  23         $account_id);
  24       $identifiers[] = $this->newAccountIdentifier($account_id);
  25     }
  26
  27     $email = $this->getAccountEmail();
  28     if ($email !== null) {
  29       $identifiers[] = $this->newAccountIdentifier($email);
  30     }
  31
  32     return $identifiers;
  33   }
  34
  35   public function getAccountEmail() {
  36     return $this->getOAuthAccountData('email');
  37   }
  38
  39   public function getAccountName() {
  40     // Guess account name from email address, this is just a hint anyway.
  41     $email = $this->getAccountEmail();
  42     $email = explode('@', $email);
  43     $email = head($email);
  44     return $email;
  45   }
  46
  47   public function getAccountImageURI() {
  48     $uri = $this->getOAuthAccountData('picture');
  49
  50     // Change the "sz" parameter ("size") from the default to 100 to ask for
  51     // a 100x100px image.
  52     if ($uri !== null) {
  53       $uri = new PhutilURI($uri);
  54       $uri->replaceQueryParam('sz', 100);
  55       $uri = (string)$uri;
  56     }
  57
  58     return $uri;
  59   }
  60
  61   public function getAccountURI() {
  62     return $this->getOAuthAccountData('link');
  63   }
  64
  65   public function getAccountRealName() {
  66     return $this->getOAuthAccountData('name');
  67   }
  68
  69   protected function getAuthenticateBaseURI() {
  70     return 'https://accounts.google.com/o/oauth2/auth';
  71   }
  72
  73   protected function getTokenBaseURI() {
  74     return 'https://accounts.google.com/o/oauth2/token';
  75   }
  76
  77   public function getScope() {
  78     $scopes = array(
  79       'email',
  80       'profile',
  81     );
  82
  83     return implode(' ', $scopes);
  84   }
  85
  86   public function getExtraAuthenticateParameters() {
  87     return array(
  88       'response_type' => 'code',
  89     );
  90   }
  91
  92   public function getExtraTokenParameters() {
  93     return array(
  94       'grant_type' => 'authorization_code',
  95     );
  96   }
  97
  98   protected function loadOAuthAccountData() {
  99     $uri = new PhutilURI('https://www.googleapis.com/userinfo/v2/me');
 100     $uri->replaceQueryParam('access_token', $this->getAccessToken());
 101
 102     $future = new HTTPSFuture($uri);
 103     list($status, $body) = $future->resolve();
 104
 105     if ($status->isError()) {
 106       throw $status;
 107     }
 108
 109     try {
 110       $result =  phutil_json_decode($body);
 111     } catch (PhutilJSONParserException $ex) {
 112       throw new PhutilProxyException(
 113         pht('Expected valid JSON response from Google account data request.'),
 114         $ex);
 115     }
 116
 117     return $result;
 118   }
 119
 120 }