Skip to content

teampanfu/oauth2-discord

BranchesTags

Repository files navigation

Discord Provider for OAuth 2.0 Client

Latest Version Total Downloads Software License

This package provides Discord OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

Installation

To install, use Composer:

composer require teampanfu/oauth2-discord

Usage

The first step in implementing OAuth2 is registering a developer application and retrieving your client ID and client secret.

Authorization Code Flow

<?php

require __DIR__.'/vendor/autoload.php';

use Panfu\OAuth2\Client\Provider\Discord;

session_start();

$provider = new Discord([
    'clientId' => 'YOUR_CLIENT_ID',
    'clientSecret' => 'YOUR_CLIENT_SECRET',
    'redirectUri' => 'http://localhost/callback-url',
]);

if (!empty($_GET['error'])) {
    // Got an error, probably user denied access
    exit('Got error: '.htmlspecialchars($_GET['error'], ENT_QUOTES, 'UTF-8'));
} else if (empty($_GET['code'])) {
    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: '.$authUrl);
    exit;
} else if (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
    // State is invalid, possible CSRF attack in progress
    unset($_SESSION['oauth2state']);
    exit('Invalid state');
} else {
    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code'],
    ]);

    // Now that you have a token, you can retrieve a user's data
    try {
        $user = $provider->getResourceOwner($token);

        // Depending on which scope you use, you now have access to the user data
        printf('Hello %s#%s!', $user->getUsername(), $user->getDiscriminator());
    } catch (Exception $e) {
        // Failed to get user data
        exit('Something went wrong:'.$e->getMessage());
    }
}

Retrieving User Data

When using the getResourceOwner() method to obtain the user node, it will be returned as a DiscordUser entity.

$user = $provider->getResourceOwner($token);

$id = $user->getId();
var_dump($id);
# string(17) "80351110224678912"

$username = $user->getUsername();
var_dump($username);
# string(5) "Nelly"

$discriminator = $user->getDiscriminator();
var_dump($discriminator);
# string(4) "1337"

$avatar = $user->getAvatar();
var_dump($avatar);
# string(32) "8342729096ea3675442027381ff50dfe"

$isBot = $user->getBot();
var_dump($isBot);
# boolean false

$isSystem = $user->getSystem();
var_dump($isSystem);
# boolean false

$isMfaEnabled = $user->getMfaEnabled();
var_dump($isMfaEnabled);
# boolean true

$banner = $user->getBanner();
var_dump($banner);
# string(32) "06c16474723fe537c283b8efa61a30c8"

$accentColor = $user->getAccentColor();
var_dump($accentColor);
# int 16711680

$locale = $user->getLocale();
var_dump($locale);
# string(5) "en-GB"

$verified = $user->getVerified();
var_dump($verified);
# boolean true

$email = $user->getEmail();
var_dump($email);
# string(17) "[email protected]"

$flags = $user->getFlags();
var_dump($flags);
# int 64

$premiumType = $user->getPremiumType();
var_dump($premiumType);
# int 1

$publicFlags = $user->getPublicFlags();
var_dump($publicFlags);
# int 64

You can also get all the data from the user node as a plain-old PHP array with toArray().

$userData = $user->toArray();

Managing Scopes

When creating the authorization URL, you can specify different scopes.

$options = [
    'scope' => ['identify', 'email', 'guilds.join'],
];

$authUrl = $provider->getAuthorizationUrl($options);

A list of all available scopes can be found in the Discord API documentation.

Client Credentials Grant

Discord provides a client credentials flow for bot developers to get their own bearer tokens for testing purposes. This returns an access token for the bot owner:

$provider = new Discord(...);

try {
    $accessToken = $provider->getAccessToken('client_credentials');
} catch (Exception $e) {
    exit('Something went wrong: '.$e->getMessage());
}

Bot Authorization

To authorize a bot, specify the bot scope and set permissions appropriately:

$provider = new Discord(...);

$options = [
    'scope' => ['bot'],
    'permissions' => 1,
];

$authUrl = $provider->getAuthorizationUrl($options);

header('Location: '.$authUrl);

Testing

$ ./vendor/bin/phpunit

Contribute

If you find a bug or have a suggestion for a feature, feel free to create a new issue or open a pull request.

We are happy about every contribution!

License

This package is open-source software licensed under the MIT License.

About

Discord Provider for the PHP League's OAuth 2.0 Client

packagist.org/packages/teampanfu/oauth2-discord

Topics

client oauth oauth2 authentication discord authorization

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 4

v1.0.3 Latest
Oct 17, 2023
+ 3 releases

Languages