Init

.gitignore

@@ -0,0 +1,3 @@
+# OS
+.DS_Store
+Thumbs.db

README.md

@@ -0,0 +1,44 @@
+# E-POSTBUSINESS Provider for OAuth 2.0 Client
+
+[![Latest Version on Packagist][ico-version]][link-packagist]
+[![Software License][ico-license]]()
+[![Dependency Status][ico-dependencies]][link-dependencies]
+
+This package provides E-POSTBUSINESS API OAuth 2.0 support for the PHP League's [OAuth 2.0 Client](https://github.com/thephpleague/oauth2-client).
+
+## Install
+
+Via Composer
+
+``` bash
+$ composer require richardhj/oauth2-epost
+```
+
+## Usage
+
+The provider supports _Authorization Code Grant_ as well as _Resource Owner Password Credentials Grant_. I recommend reading these usage instructions before: https://github.com/thephpleague/oauth2-client#usage
+But instead of the `GenericProvider` you're going to use this provider.
+
+This is how to initiate the provider:
+```php
+$provider = new EPost\OAuth2\Client\Provider\EPost(
+    [
+        'clientId'              => sprintf('%s,%s', EPOST_DEV_ID, EPOST_APP_ID),
+        'redirectUri'           => 'http://localhost:8080/oauth2_redirect.php', // Only necessary for the Authorization Code Grant flow
+        'scopes'                => ['create_letter', 'send_hybrid'],
+        'lif'                   => EPOST_LIF_CONTENT,
+        'enableTestEnvironment' => true,
+    ]
+);
+```
+
+## License
+
+The  GNU Lesser General Public License (LGPL).
+
+[ico-version]: https://img.shields.io/packagist/v/richardhj/oauth2-epost.svg?style=flat-square
+[ico-license]: https://img.shields.io/badge/license-LGPL-brightgreen.svg?style=flat-square
+[ico-dependencies]: https://www.versioneye.com/php/richardhj:oauth2-epost/badge.svg?style=flat-square
+
+[link-packagist]: https://packagist.org/packages/richardhj/oauth2-epost
+[link-dependencies]: https://www.versioneye.com/php/richardhj:oauth2-epost

composer.json

@@ -0,0 +1,24 @@
+{
+  "name": "richardhj/oauth2-epost",
+  "description": "E-POSTBUSINESS OAuth 2.0 Client Provider for The PHP League OAuth2-Client",
+  "authors": [
+    {
+      "name": "Richard Henkenjohann",
+      "email": "[email protected]",
+      "homepage": "http://henkenjohann.me",
+      "role": "Developer"
+    }
+  ],
+  "support": {
+    "email": "[email protected]"
+  },
+  "require": {
+    "php": "^5.4 || ^7.0",
+    "league/oauth2-client": "~1.4"
+  },
+  "autoload": {
+    "psr-4": {
+      "EPost\\OAuth2\\Client\\": "src/"
+    }
+  }
+}

src/Provider/EPost.php

@@ -0,0 +1,233 @@
+<?php
+/**
+ * E-POSTBUSINESS API integration for Contao Open Source CMS
+ *
+ * Copyright (c) 2015-2016 Richard Henkenjohann
+ *
+ * @package E-POST
+ * @author  Richard Henkenjohann <[email protected]>
+ */
+
+namespace EPost\OAuth2\Client\Provider;
+
+use League\OAuth2\Client\Provider\AbstractProvider;
+use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
+use League\OAuth2\Client\Token\AccessToken;
+use Psr\Http\Message\ResponseInterface;
+
+
+/**
+ * Class EPost
+ * @package EPost\OAuth2\Client\Provider
+ */
+class EPost extends AbstractProvider
+{
+
+    /**
+     * The login endpoint for production
+     *
+     * @var string
+     */
+    protected static $endpointProduction = 'https://login.epost.de';
+
+
+    /**
+     * The login endpoint for test and integration environment
+     *
+     * @var string
+     */
+    protected static $endpointTest = 'https://login.epost-gka.de';
+
+
+    /**
+     * A toggle to enable test and integration environment
+     *
+     * @var bool
+     */
+    protected $enableTestEnvironment;
+
+
+    /**
+     * An array containing the scopes used for authentication
+     *
+     * @var array
+     */
+    protected $scopes;
+
+
+    /**
+     * The content of the license file (LIF)
+     *
+     * @var string
+     */
+    protected $lif;
+
+
+    /**
+     * {@inheritdoc}
+     */
+    public function __construct(array $options = [], array $collaborators = [])
+    {
+        $this->assertRequiredOptions($options);
+
+        $possible = $this->getConfigurableOptions();
+        $configured = array_intersect_key($options, array_flip($possible));
+
+        foreach ($configured as $key => $value) {
+            $this->$key = $value;
+        }
+
+        // Remove all options that are only used locally
+        $options = array_diff_key($options, $configured);
+
+        parent::__construct($options, $collaborators);
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getBaseAuthorizationUrl()
+    {
+        return (!$this->enableTestEnvironment ? static::$endpointProduction : static::$endpointTest).'/oauth2/auth';
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getBaseAccessTokenUrl(array $params)
+    {
+        return (!$this->enableTestEnvironment ? static::$endpointProduction : static::$endpointTest).'/oauth2/tokens/';
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getResourceOwnerDetailsUrl(AccessToken $token)
+    {
+        throw new \BadFunctionCallException('A resource owner is not supported by the E-POST OAuth implementation');
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getDefaultScopes()
+    {
+        return $this->scopes;
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getScopeSeparator()
+    {
+        return ' ';
+    }
+
+
+    /**
+     * Builds request options used for requesting an access token including the client authentication header
+     *
+     * @param  array $params
+     *
+     * @return array
+     */
+    protected function getAccessTokenOptions(array $params)
+    {
+        // Add params that are required
+        $params += [
+            'scope' => implode($this->getScopeSeparator(), $this->getDefaultScopes()),
+        ];
+
+        $options = parent::getAccessTokenOptions($params);
+
+        // Add authorization header
+        $options['headers']['Authorization'] = sprintf(
+            'Basic %s',
+            base64_encode(
+                sprintf(
+                    '%s:%s',
+                    $this->clientId,
+                    $this->lif
+                )
+            )
+        );
+
+        return $options;
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function checkResponse(ResponseInterface $response, $data)
+    {
+        if (!empty($data['error'])) {
+            throw new IdentityProviderException($data['error'], $response->getStatusCode(), $data);
+        }
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function createResourceOwner(array $response, AccessToken $token)
+    {
+        throw new \BadFunctionCallException('A resource owner is not supported by the E-POST OAuth implementation');
+    }
+
+
+    /**
+     * Returns all options that can be configured
+     *
+     * @return array
+     */
+    protected function getConfigurableOptions()
+    {
+        return array_merge(
+            $this->getRequiredOptions(),
+            [
+                'enableTestEnvironment',
+            ]
+        );
+    }
+
+
+    /**
+     * Returns all options that are required
+     *
+     * @return array
+     */
+    protected function getRequiredOptions()
+    {
+        return [
+            'clientId',
+            'lif',
+            'scopes',
+        ];
+    }
+
+
+    /**
+     * Verifies that all required options have been passed
+     *
+     * @param  array $options
+     *
+     * @return void
+     * @throws \InvalidArgumentException
+     */
+    protected function assertRequiredOptions(array $options)
+    {
+        $missing = array_diff_key(array_flip($this->getRequiredOptions()), $options);
+
+        if (!empty($missing)) {
+            throw new \InvalidArgumentException(
+                'Required options not defined: '.implode(', ', array_keys($missing))
+            );
+        }
+    }
+}