const'd some internal properties

src/Core/OAuth1Provider.php

@@ -60,7 +60,7 @@ public function getRequestToken():AccessToken{
 			->withHeader('Content-Length', '0') // tumblr requires a content-length header set
 		;
 
-		foreach($this->authHeaders as $header => $value){
+		foreach($this::HEADERS_AUTH as $header => $value){
 			$request = $request->withAddedHeader($header, $value);
 		}
 

src/Core/OAuth2Interface.php

@@ -18,9 +18,49 @@
  */
 interface OAuth2Interface extends OAuthInterface{
 
+	/** @var int */
 	public const AUTH_METHOD_HEADER = 1;
+	/** @var int */
 	public const AUTH_METHOD_QUERY  = 2;
 
+	/**
+	 * Specifies the authentication method:
+	 *
+	 *   - OAuth2Interface::AUTH_METHOD_HEADER (Bearer, OAuth, ...)
+	 *   - OAuth2Interface::AUTH_METHOD_QUERY (access_token, ...)
+	 *
+	 * @var int
+	 */
+	public const AUTH_METHOD = self::AUTH_METHOD_HEADER;
+
+	/**
+	 * The name of the authentication header in case of OAuth2Interface::AUTH_METHOD_HEADER
+	 *
+	 * @var string
+	 */
+	public const AUTH_PREFIX_HEADER = 'Bearer';
+
+	/**
+	 * The name of the authentication query parameter in case of OAuth2Interface::AUTH_METHOD_QUERY
+	 *
+	 * @var string
+	 */
+	public const AUTH_PREFIX_QUERY = 'access_token';
+
+	/**
+	 * Default scopes to apply if none were provided via the $scopes parameter
+	 *
+	 * @var string[]
+	 */
+	public const DEFAULT_SCOPES = [];
+
+	/**
+	 * The delimiter string for scopes
+	 *
+	 * @var string
+	 */
+	public const SCOPE_DELIMITER = ' ';
+
 	/**
 	 * Obtains an OAuth2 access token with the given $code, verifies the $state
 	 * if the provider implements the CSRFToken interface, and returns an AccessToken object

src/Core/OAuth2Provider.php

@@ -25,28 +25,6 @@
  */
 abstract class OAuth2Provider extends OAuthProvider implements OAuth2Interface{
 
-	/**
-	 * Specifies the authentication method:
-	 *   - OAuth2Interface::AUTH_METHOD_HEADER (Bearer, OAuth, ...)
-	 *   - OAuth2Interface::AUTH_METHOD_QUERY (access_token, ...)
-	 */
-	protected int $authMethod = self::AUTH_METHOD_HEADER;
-
-	/**
-	 * The name of the authentication header in case of OAuth2Interface::AUTH_METHOD_HEADER
-	 */
-	protected string $authMethodHeader = 'Bearer';
-
-	/**
-	 * The name of the authentication query parameter in case of OAuth2Interface::AUTH_METHOD_QUERY
-	 */
-	protected string $authMethodQuery = 'access_token';
-
-	/**
-	 * The delimiter string for scopes
-	 */
-	protected string $scopesDelimiter = ' ';
-
 	/**
 	 * An optional refresh token endpoint in case the provider supports TokenRefresh.
 	 * If the provider supports token refresh and $refreshTokenURL is null, $accessTokenURL will be used instead.
@@ -61,17 +39,12 @@ abstract class OAuth2Provider extends OAuthProvider implements OAuth2Interface{
 	 */
 	protected string|null $clientCredentialsTokenURL = null;
 
-	/**
-	 * Default scopes to apply if none were provided via the $scopes parameter in OAuth2Provider::getAuthURL()
-	 */
-	protected array $defaultScopes = [];
-
 	/**
 	 * @inheritDoc
 	 */
 	public function getAuthURL(array|null $params = null, array|null $scopes = null):UriInterface{
 		$params ??= [];
-		$scopes ??= $this->defaultScopes;
+		$scopes ??= $this::DEFAULT_SCOPES;
 
 		unset($params['client_secret']);
 
@@ -83,7 +56,7 @@ public function getAuthURL(array|null $params = null, array|null $scopes = null)
 		]);
 
 		if(!empty($scopes)){
-			$params['scope'] = implode($this->scopesDelimiter, $scopes);
+			$params['scope'] = implode($this::SCOPE_DELIMITER, $scopes);
 		}
 
 		if($this instanceof CSRFToken){
@@ -128,7 +101,7 @@ protected function parseTokenResponse(ResponseInterface $response):AccessToken{
 		if(isset($data['scope']) || isset($data['scopes'])){
 			$scope = ($data['scope'] ?? $data['scopes'] ?? []);
 
-			$token->scopes = (is_array($scope)) ? $scope : explode($this->scopesDelimiter, $scope);
+			$token->scopes = (is_array($scope)) ? $scope : explode($this::SCOPE_DELIMITER, $scope);
 		}
 
 		unset($data['expires_in'], $data['refresh_token'], $data['access_token'], $data['scope'], $data['scopes']);
@@ -161,7 +134,7 @@ public function getAccessToken(string $code, string|null $state = null):AccessTo
 			->withHeader('Accept-Encoding', 'identity')
 			->withBody($this->streamFactory->createStream(QueryUtil::build($body, PHP_QUERY_RFC1738)));
 
-		foreach($this->authHeaders as $header => $value){
+		foreach($this::HEADERS_AUTH as $header => $value){
 			$request = $request->withHeader($header, $value);
 		}
 
@@ -177,17 +150,17 @@ public function getAccessToken(string $code, string|null $state = null):AccessTo
 	 */
 	public function getRequestAuthorization(RequestInterface $request, AccessToken $token):RequestInterface{
 
-		if($this->authMethod === OAuth2Interface::AUTH_METHOD_HEADER){
-			return $request->withHeader('Authorization', $this->authMethodHeader.' '.$token->accessToken);
+		if($this::AUTH_METHOD === OAuth2Interface::AUTH_METHOD_HEADER){
+			return $request->withHeader('Authorization', $this::AUTH_PREFIX_HEADER.' '.$token->accessToken);
 		}
 
-		if($this->authMethod === OAuth2Interface::AUTH_METHOD_QUERY){
-			$uri = QueryUtil::merge((string)$request->getUri(), [$this->authMethodQuery => $token->accessToken]);
+		if($this::AUTH_METHOD === OAuth2Interface::AUTH_METHOD_QUERY){
+			$uri = QueryUtil::merge((string)$request->getUri(), [$this::AUTH_PREFIX_QUERY => $token->accessToken]);
 
 			return $request->withUri($this->uriFactory->createUri($uri));
 		}
 
-		throw new ProviderException('invalid auth type');
+		throw new ProviderException('invalid auth AUTH_METHOD');
 	}
 
 	/**
@@ -203,7 +176,7 @@ public function getClientCredentialsToken(array|null $scopes = null):AccessToken
 		$params = ['grant_type' => 'client_credentials'];
 
 		if(!empty($scopes)){
-			$params['scope'] = implode($this->scopesDelimiter, $scopes);
+			$params['scope'] = implode($this::SCOPE_DELIMITER, $scopes);
 		}
 
 		$request = $this->requestFactory
@@ -214,7 +187,7 @@ public function getClientCredentialsToken(array|null $scopes = null):AccessToken
 			->withBody($this->streamFactory->createStream(QueryUtil::build($params, PHP_QUERY_RFC1738)))
 		;
 
-		foreach($this->authHeaders as $header => $value){
+		foreach($this::HEADERS_AUTH as $header => $value){
 			$request = $request->withAddedHeader($header, $value);
 		}
 
@@ -267,7 +240,7 @@ public function refreshAccessToken(AccessToken|null $token = null):AccessToken{
 			->withBody($this->streamFactory->createStream(QueryUtil::build($body, PHP_QUERY_RFC1738)))
 		;
 
-		foreach($this->authHeaders as $header => $value){
+		foreach($this::HEADERS_AUTH as $header => $value){
 			$request = $request->withAddedHeader($header, $value);
 		}
 

src/Core/OAuthInterface.php

@@ -30,6 +30,20 @@
  */
 interface OAuthInterface extends ClientInterface{
 
+	/**
+	 * additional headers to use during authentication
+	 *
+	 * @var array
+	 */
+	public const HEADERS_AUTH = [];
+
+	/**
+	 * additional headers to use during API access
+	 *
+	 * @var array
+	 */
+	public const HEADERS_API = [];
+
 	/**
 	 * Prepares the URL with optional $params which redirects to the provider's authorization prompt
 	 * and returns a PSR-7 UriInterface with all necessary parameters set

src/Core/OAuthProvider.php

@@ -49,16 +49,6 @@ abstract class OAuthProvider implements OAuthInterface{
 	 */
 	protected string $accessTokenURL;
 
-	/**
-	 * additional headers to use during authentication
-	 */
-	protected array $authHeaders = [];
-
-	/**
-	 * additional headers to use during API access
-	 */
-	protected array $apiHeaders = [];
-
 	/*
 	 * magic properties (public readonly would be cool if the implementation wasn't fucking stupid)
 	 */
@@ -249,7 +239,8 @@ public function request(
 	 * Prepare request headers
 	 */
 	protected function getRequestHeaders(array|null $headers = null):array{
-		return array_merge($this->apiHeaders, ($headers ?? []));
+		/** @noinspection PhpParamsInspection sup PHPStorm?? */
+		return array_merge($this::HEADERS_API, ($headers ?? []));
 	}
 
 	/**

src/Providers/Amazon.php

@@ -29,7 +29,7 @@ class Amazon extends OAuth2Provider implements CSRFToken, TokenRefresh{
 	public const SCOPE_PROFILE_USER_ID = 'profile:user_id';
 	public const SCOPE_POSTAL_CODE     = 'postal_code';
 
-	protected array $defaultScopes = [
+	public const DEFAULT_SCOPES = [
 		self::SCOPE_PROFILE,
 		self::SCOPE_PROFILE_USER_ID,
 	];

src/Providers/BattleNet.php

@@ -23,12 +23,12 @@
  */
 class BattleNet extends OAuth2Provider implements ClientCredentials, CSRFToken{
 
-	public const SCOPE_OPENID         = 'openid';
-	public const SCOPE_PROFILE_D3     = 'd3.profile';
-	public const SCOPE_PROFILE_SC2    = 'sc2.profile';
-	public const SCOPE_PROFILE_WOW    = 'wow.profile';
+	public const SCOPE_OPENID      = 'openid';
+	public const SCOPE_PROFILE_D3  = 'd3.profile';
+	public const SCOPE_PROFILE_SC2 = 'sc2.profile';
+	public const SCOPE_PROFILE_WOW = 'wow.profile';
 
-	protected array $defaultScopes = [
+	public const DEFAULT_SCOPES = [
 		self::SCOPE_OPENID,
 		self::SCOPE_PROFILE_D3,
 		self::SCOPE_PROFILE_SC2,

src/Providers/BigCartel.php

@@ -24,14 +24,17 @@
  */
 class BigCartel extends OAuth2Provider implements CSRFToken, TokenInvalidate{
 
+	public const HEADERS_API = [
+		'Accept' => 'application/vnd.api+json',
+	];
+
 	protected string      $authURL        = 'https://my.bigcartel.com/oauth/authorize';
 	protected string      $accessTokenURL = 'https://api.bigcartel.com/oauth/token';
 	protected string      $revokeURL      = 'https://api.bigcartel.com/oauth/deauthorize/%s'; // sprintf() user id!
 	protected string      $apiURL         = 'https://api.bigcartel.com/v1';
 	protected string|null $userRevokeURL  = 'https://my.bigcartel.com/account';
 	protected string|null $apiDocs        = 'https://developers.bigcartel.com/api/v1';
 	protected string|null $applicationURL = 'https://bigcartel.wufoo.com/forms/big-cartel-api-application/';
-	protected array       $apiHeaders     = ['Accept' => 'application/vnd.api+json'];
 
 	/**
 	 * @inheritDoc

src/Providers/Deezer.php

@@ -24,29 +24,30 @@
  */
 class Deezer extends OAuth2Provider implements CSRFToken{
 
-	public const SCOPE_BASIC              = 'basic_access';
-	public const SCOPE_EMAIL              = 'email';
-	public const SCOPE_OFFLINE_ACCESS     = 'offline_access';
-	public const SCOPE_MANAGE_LIBRARY     = 'manage_library';
-	public const SCOPE_MANAGE_COMMUNITY   = 'manage_community';
-	public const SCOPE_DELETE_LIBRARY     = 'delete_library';
-	public const SCOPE_LISTENING_HISTORY  = 'listening_history';
-
-	protected array $defaultScopes = [
+	public const SCOPE_BASIC             = 'basic_access';
+	public const SCOPE_EMAIL             = 'email';
+	public const SCOPE_OFFLINE_ACCESS    = 'offline_access';
+	public const SCOPE_MANAGE_LIBRARY    = 'manage_library';
+	public const SCOPE_MANAGE_COMMUNITY  = 'manage_community';
+	public const SCOPE_DELETE_LIBRARY    = 'delete_library';
+	public const SCOPE_LISTENING_HISTORY = 'listening_history';
+
+	public const DEFAULT_SCOPES = [
 		self::SCOPE_BASIC,
 		self::SCOPE_EMAIL,
 		self::SCOPE_OFFLINE_ACCESS,
 		self::SCOPE_MANAGE_LIBRARY,
 		self::SCOPE_LISTENING_HISTORY,
 	];
 
+	public const AUTH_METHOD = self::AUTH_METHOD_QUERY;
+
 	protected string      $authURL        = 'https://connect.deezer.com/oauth/auth.php';
 	protected string      $accessTokenURL = 'https://connect.deezer.com/oauth/access_token.php';
 	protected string      $apiURL         = 'https://api.deezer.com';
 	protected string|null $userRevokeURL  = 'https://www.deezer.com/account/apps';
 	protected string|null $apiDocs        = 'https://developers.deezer.com/api';
 	protected string|null $applicationURL = 'http://developers.deezer.com/myapps';
-	protected int         $authMethod     = self::AUTH_METHOD_QUERY;
 
 	/**
 	 * @inheritDoc
@@ -61,7 +62,7 @@ public function getAuthURL(array|null $params = null, array|null $scopes = null)
 		$params = array_merge($params, [
 			'app_id'       => $this->options->key,
 			'redirect_uri' => $this->options->callbackURL,
-			'perms'        => implode($this->scopesDelimiter, ($scopes ?? [])),
+			'perms'        => implode($this::SCOPE_DELIMITER, ($scopes ?? [])),
 		]);
 
 		$params = $this->setState($params);

src/Providers/DeviantArt.php

@@ -21,31 +21,34 @@
  */
 class DeviantArt extends OAuth2Provider implements ClientCredentials, CSRFToken, TokenInvalidate, TokenRefresh{
 
-	public const SCOPE_BASIC              = 'basic';
-	public const SCOPE_BROWSE             = 'browse';
-	public const SCOPE_COLLECTION         = 'collection';
-	public const SCOPE_COMMENT_POST       = 'comment.post';
-	public const SCOPE_FEED               = 'feed';
-	public const SCOPE_GALLERY            = 'gallery';
-	public const SCOPE_MESSAGE            = 'message';
-	public const SCOPE_NOTE               = 'note';
-	public const SCOPE_STASH              = 'stash';
-	public const SCOPE_USER               = 'user';
-	public const SCOPE_USER_MANAGE        = 'user.manage';
-
-	protected array $defaultScopes = [
+	public const SCOPE_BASIC        = 'basic';
+	public const SCOPE_BROWSE       = 'browse';
+	public const SCOPE_COLLECTION   = 'collection';
+	public const SCOPE_COMMENT_POST = 'comment.post';
+	public const SCOPE_FEED         = 'feed';
+	public const SCOPE_GALLERY      = 'gallery';
+	public const SCOPE_MESSAGE      = 'message';
+	public const SCOPE_NOTE         = 'note';
+	public const SCOPE_STASH        = 'stash';
+	public const SCOPE_USER         = 'user';
+	public const SCOPE_USER_MANAGE  = 'user.manage';
+
+	public const DEFAULT_SCOPES = [
 		self::SCOPE_BASIC,
 		self::SCOPE_BROWSE,
 	];
 
+	public const HEADERS_API = [
+		'dA-minor-version' => '20210526',
+	];
+
 	protected string      $authURL        = 'https://www.deviantart.com/oauth2/authorize';
 	protected string      $accessTokenURL = 'https://www.deviantart.com/oauth2/token';
 	protected string      $revokeURL      = 'https://www.deviantart.com/oauth2/revoke';
 	protected string      $apiURL         = 'https://www.deviantart.com/api/v1/oauth2';
 	protected string|null $userRevokeURL  = 'https://www.deviantart.com/settings/applications';
 	protected string|null $apiDocs        = 'https://www.deviantart.com/developers/';
 	protected string|null $applicationURL = 'https://www.deviantart.com/developers/apps';
-	protected array       $apiHeaders     = ['dA-minor-version' => '20210526'];
 
 	/**
 	 * @inheritDoc

src/Providers/Discogs.php

@@ -21,15 +21,17 @@
  */
 class Discogs extends OAuth1Provider{
 
+	public const HEADERS_API = [
+		'Accept' => 'application/vnd.discogs.v2.discogs+json',
+	];
+
 	protected string      $requestTokenURL = 'https://api.discogs.com/oauth/request_token';
 	protected string      $authURL         = 'https://www.discogs.com/oauth/authorize';
 	protected string      $accessTokenURL  = 'https://api.discogs.com/oauth/access_token';
 	protected string      $apiURL          = 'https://api.discogs.com';
 	protected string|null $userRevokeURL   = 'https://www.discogs.com/settings/applications';
 	protected string|null $apiDocs         = 'https://www.discogs.com/developers/';
-	protected string|null $applicationURL  = 'https://www.discogs.com/settings/developers';
-	protected array       $apiHeaders      = ['Accept' => 'application/vnd.discogs.v2.discogs+json'];
-
+	protected string|null $applicationURL = 'https://www.discogs.com/settings/developers';
 	/**
 	 * @inheritDoc
 	 */