You are here

Home » API reference » OpenID Connect / OAuth client 8 » OpenIDConnectGithubClient.php

class OpenIDConnectGithubClient in OpenID Connect / OAuth client 8

Same name and namespace in other branches
  1. 2.x src/Plugin/OpenIDConnectClient/OpenIDConnectGithubClient.php \Drupal\openid_connect\Plugin\OpenIDConnectClient\OpenIDConnectGithubClient

GitHub OpenID Connect client.

Implements OpenID Connect Client plugin for GitHub.

Plugin annotation


@OpenIDConnectClient(
  id = "github",
  label = @Translation("GitHub")
)

Hierarchy

Expanded class hierarchy of OpenIDConnectGithubClient

File

src/Plugin/OpenIDConnectClient/OpenIDConnectGithubClient.php, line 18

Namespace

Drupal\openid_connect\Plugin\OpenIDConnectClient
View source 
class OpenIDConnectGithubClient extends OpenIDConnectClientBase {

  /**
   * A mapping of OpenID Connect user claims to GitHub user properties.
   *
   * See https://developer.github.com/v3/users .
   *
   * @var array
   */
  protected $userInfoMapping = [
    'name' => 'name',
    'sub' => 'id',
    'email' => 'email',
    'preferred_username' => 'login',
    'picture' => 'avatar_url',
    'profile' => 'html_url',
    'website' => 'blog',
  ];

  /**
   * {@inheritdoc}
   */
  public function buildConfigurationForm(array $form, FormStateInterface $form_state) {
    $form = parent::buildConfigurationForm($form, $form_state);
    $url = 'https://github.com/settings/developers';
    $form['description'] = [
      '#markup' => '<div class="description">' . $this
        ->t('Set up your app in <a href="@url" target="_blank">developer applications</a> on GitHub.', [
        '@url' => $url,
      ]) . '</div>',
    ];
    return $form;
  }

  /**
   * {@inheritdoc}
   */
  public function getEndpoints() {
    return [
      'authorization' => 'https://github.com/login/oauth/authorize',
      'token' => 'https://github.com/login/oauth/access_token',
      'userinfo' => 'https://api.github.com/user',
    ];
  }

  /**
   * {@inheritdoc}
   */
  public function authorize($scope = 'openid email') {

    // Use GitHub specific authorisations.
    return parent::authorize('user:email');
  }

  /**
   * {@inheritdoc}
   */
  public function decodeIdToken($id_token) {
    return [];
  }

  /**
   * {@inheritdoc}
   */
  public function retrieveUserInfo($access_token) {
    $request_options = [
      'headers' => [
        'Authorization' => 'token ' . $access_token,
        'Accept' => 'application/json',
      ],
    ];
    $endpoints = $this
      ->getEndpoints();
    $client = $this->httpClient;
    try {
      $claims = [];
      $response = $client
        ->get($endpoints['userinfo'], $request_options);
      $response_data = json_decode((string) $response
        ->getBody(), TRUE);
      foreach ($this->userInfoMapping as $claim => $key) {
        if (array_key_exists($key, $response_data)) {
          $claims[$claim] = $response_data[$key];
        }
      }

      // GitHub names can be empty. Fall back to the login name.
      if (empty($claims['name']) && isset($response_data['login'])) {
        $claims['name'] = $response_data['login'];
      }

      // Convert the updated_at date to a timestamp.
      if (!empty($response_data['updated_at'])) {
        $claims['updated_at'] = strtotime($response_data['updated_at']);
      }

      // The email address is only provided in the User resource if the user has
      // chosen to display it publicly. So we need to make another request to
      // find out the user's email address(es).
      if (empty($claims['email'])) {
        $email_response = $client
          ->get($endpoints['userinfo'] . '/emails', $request_options);
        $email_response_data = json_decode((string) $email_response
          ->getBody(), TRUE);
        foreach ($email_response_data as $email) {

          // See https://developer.github.com/v3/users/emails/
          if (!empty($email['primary'])) {
            $claims['email'] = $email['email'];
            $claims['email_verified'] = $email['verified'];
            break;
          }
        }
      }
      return $claims;
    } catch (\Exception $e) {
      $variables = [
        '@message' => 'Could not retrieve user profile information',
        '@error_message' => $e
          ->getMessage(),
      ];
      $this->loggerFactory
        ->get('openid_connect_' . $this->pluginId)
        ->error('@message. Details: @error_message', $variables);
      return FALSE;
    }
  }

}

Members

Namesort descending Modifiers Type Description Overrides
OpenIDConnectClientBase::$clientScopes protected property The minimum set of scopes for this client.
OpenIDConnectClientBase::$dateTime protected property The datetime.time service.
OpenIDConnectClientBase::$httpClient protected property The HTTP client to fetch the feed data with.
OpenIDConnectClientBase::$languageManager protected property The language manager.
OpenIDConnectClientBase::$loggerFactory protected property The logger factory used for logging.
OpenIDConnectClientBase::$pageCacheKillSwitch protected property Page cache kill switch.
OpenIDConnectClientBase::$requestStack protected property The request stack used to access request globals.
OpenIDConnectClientBase::$stateToken protected property The OpenID state token service.
OpenIDConnectClientBase::calculateDependencies public function Calculates dependencies for the configured plugin. Overrides DependentPluginInterface::calculateDependencies
OpenIDConnectClientBase::create public static function Creates an instance of the plugin. Overrides ContainerFactoryPluginInterface::create
OpenIDConnectClientBase::defaultConfiguration public function Gets default configuration for this plugin. Overrides ConfigurableInterface::defaultConfiguration 3
OpenIDConnectClientBase::getClientScopes public function Gets an array of of scopes. Overrides OpenIDConnectClientInterface::getClientScopes
OpenIDConnectClientBase::getConfiguration public function Gets this plugin's configuration. Overrides ConfigurableInterface::getConfiguration
OpenIDConnectClientBase::getRedirectUrl protected function Returns the redirect URL.
OpenIDConnectClientBase::getRequestOptions protected function Helper function for request options.
OpenIDConnectClientBase::getUrlOptions protected function Helper function for URL options.
OpenIDConnectClientBase::retrieveTokens public function Retrieve access token and ID token. Overrides OpenIDConnectClientInterface::retrieveTokens
OpenIDConnectClientBase::setConfiguration public function Sets the configuration for this plugin instance. Overrides ConfigurableInterface::setConfiguration
OpenIDConnectClientBase::submitConfigurationForm public function Form submission handler. Overrides PluginFormInterface::submitConfigurationForm
OpenIDConnectClientBase::validateConfigurationForm public function Form validation handler. Overrides PluginFormInterface::validateConfigurationForm
OpenIDConnectClientBase::__construct public function The constructor. Overrides PluginBase::__construct
OpenIDConnectGithubClient::$userInfoMapping protected property A mapping of OpenID Connect user claims to GitHub user properties.
OpenIDConnectGithubClient::authorize public function Redirects the user to the authorization endpoint. Overrides OpenIDConnectClientBase::authorize
OpenIDConnectGithubClient::buildConfigurationForm public function Form constructor. Overrides OpenIDConnectClientBase::buildConfigurationForm
OpenIDConnectGithubClient::decodeIdToken public function Decodes ID token to access user data. Overrides OpenIDConnectClientBase::decodeIdToken
OpenIDConnectGithubClient::getEndpoints public function Returns an array of endpoints. Overrides OpenIDConnectClientInterface::getEndpoints
OpenIDConnectGithubClient::retrieveUserInfo public function Retrieves user info: additional user profile data. Overrides OpenIDConnectClientBase::retrieveUserInfo
PluginBase::$configuration protected property Configuration information passed into the plugin. 1
PluginBase::$pluginDefinition protected property The plugin implementation definition. 1
PluginBase::$pluginId protected property The plugin_id.
PluginBase::DERIVATIVE_SEPARATOR constant A string which is used to separate base plugin IDs from the derivative ID.
PluginBase::getBaseId public function Gets the base_plugin_id of the plugin instance. Overrides DerivativeInspectionInterface::getBaseId
PluginBase::getDerivativeId public function Gets the derivative_id of the plugin instance. Overrides DerivativeInspectionInterface::getDerivativeId
PluginBase::getPluginDefinition public function Gets the definition of the plugin implementation. Overrides PluginInspectionInterface::getPluginDefinition 3
PluginBase::getPluginId public function Gets the plugin_id of the plugin instance. Overrides PluginInspectionInterface::getPluginId
PluginBase::isConfigurable public function Determines if the plugin is configurable.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.