tempest-framework/packages/auth/src/OAuth/OAuthClient.php at a6aa54a547ddb72819b42da7cebae2ad5acc9e4f · tempestphp/tempest-framework · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
<?php

declare(strict_types=1);

namespace Tempest\Auth\OAuth;

use Closure;
use League\OAuth2\Client\Token\AccessToken;
use Tempest\Auth\Authentication\Authenticatable;
use Tempest\Http\Request;
use Tempest\Http\Responses\Redirect;

/**
 * @template T of Authenticatable
 */
interface OAuthClient
{
    /**
     * Gets the authorization URL for the OAuth provider.
     */
    public function buildAuthorizationUrl(array $scopes = [], array $options = []): string;

    /**
     * Creates a redirect response for the OAuth flow.
     */
    public function createRedirect(array $scopes = [], array $options = []): Redirect;

    /**
     * Gets the state parameter for CSRF protection.
     */
    public function getState(): ?string;

    /**
     * Exchanges an authorization code for an access token.
     */
    public function requestAccessToken(string $code): AccessToken;

    /**
     * Gets user information from an OAuth provider using an access token.
     */
    public function fetchUser(AccessToken $token): OAuthUser;

    /**
     * Authenticates a user based on the given OAuth callback request.
     *
     * @param Closure(OAuthUser): T $map A callback that should return an authenticatable model from the given OAuthUser. Typically, the callback is also responsible for saving the user to the database.
     */
    public function authenticate(Request $request, Closure $map): Authenticatable;
}