Skip to content

ursuleacv/oauth2-lightspeed

Repository files navigation

LightSpeed Provider for OAuth 2.0 Client

Build Status

This package provides LightSpeed OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

This package is compliant with PSR-1, PSR-2, PSR-4, and PSR-7. If you notice compliance oversights, please send a patch via pull request.

Requirements

The following versions of PHP are supported.

  • PHP 8.1
  • PHP 8.2
  • PHP 8.3
  • PHP 8.4
  • HHVM

Installation

Add the following to your composer.json file.

{
    "require": {
        "ursuleacv/oauth2-lightspeed": "~3.0"
    }
}

Usage

Authorization Code Flow

session_start();

$provider = new League\OAuth2\Client\Provider\Lightspeed([
    'clientId'                => LIGHTSPEED_CLIENT_ID,
    'clientSecret'            => LIGHTSPEED_CLIENT_SECRET,
    'redirectUri'             => LIGHTSPEED_REDIRECT_URI,
]);

if (!isset($_GET['code'])) {

    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl([
        'scope' => ['employee:all', '...', '...'],
    ]);
    $_SESSION['oauth2state'] = $provider->getState();
    
    echo '<a href="'.$authUrl.'">Log in with LightSpeed!</a>';
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    unset($_SESSION['oauth2state']);
    echo 'Invalid state.';
    exit;

}

// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', [
    'code' => $_GET['code']
]);

try {

    // We got an access token, let's now get the Account ID and sale details
    $client = $provider->getResourceOwner($token);
    $merchantos = $provider->merchantosApi($token, $client->getId());

    $clientId = $client->getId();
    $sale = $merchantos->getSale(1);

    echo '<pre>';
    print_r($client); echo '<br>';
    print_r($sale); echo '<br>';
    echo '</pre>';

} catch (Exception $e) {
    exit($e->getMessage());
}

echo '<pre>';
// Use this to interact with an API on the client behalf
var_dump($token->getToken());

echo '</pre>';

Testing

$ ./vendor/bin/phpunit

Upgrading

vendor/bin/rector process src --dry-run

Contributing

Please see CONTRIBUTING for details.

Credits

License

The MIT License (MIT). Please see License File for more information.