1<?php
2
3namespace OAuth\OAuth2\Service;
4
5use OAuth\Common\Exception\Exception;
6use OAuth\OAuth2\Token\StdOAuth2Token;
7use OAuth\Common\Http\Exception\TokenResponseException;
8use OAuth\Common\Http\Uri\Uri;
9use OAuth\Common\Consumer\CredentialsInterface;
10use OAuth\Common\Http\Client\ClientInterface;
11use OAuth\Common\Storage\TokenStorageInterface;
12use OAuth\Common\Http\Uri\UriInterface;
13
14class Facebook extends AbstractService
15{
16    /**
17     * Facebook www url - used to build dialog urls
18     */
19    const WWW_URL = 'https://www.facebook.com/';
20
21    /**
22     * Defined scopes
23     *
24     * If you don't think this is scary you should not be allowed on the web at all
25     *
26     * @link https://developers.facebook.com/docs/reference/login/
27     * @link https://developers.facebook.com/tools/explorer For a list of permissions use 'Get Access Token'
28     */
29    // Default scope
30    const SCOPE_PUBLIC_PROFILE                = 'public_profile';
31    // Email scopes
32    const SCOPE_EMAIL                         = 'email';
33    // Extended permissions
34    const SCOPE_READ_FRIENDLIST               = 'read_friendlists';
35    const SCOPE_READ_INSIGHTS                 = 'read_insights';
36    const SCOPE_READ_MAILBOX                  = 'read_mailbox';
37    const SCOPE_READ_PAGE_MAILBOXES           = 'read_page_mailboxes';
38    const SCOPE_READ_REQUESTS                 = 'read_requests';
39    const SCOPE_READ_STREAM                   = 'read_stream';
40    const SCOPE_VIDEO_UPLOAD                  = 'video_upload';
41    const SCOPE_XMPP_LOGIN                    = 'xmpp_login';
42    const SCOPE_USER_ONLINE_PRESENCE          = 'user_online_presence';
43    const SCOPE_FRIENDS_ONLINE_PRESENCE       = 'friends_online_presence';
44    const SCOPE_ADS_MANAGEMENT                = 'ads_management';
45    const SCOPE_ADS_READ                      = 'ads_read';
46    const SCOPE_CREATE_EVENT                  = 'create_event';
47    const SCOPE_CREATE_NOTE                   = 'create_note';
48    const SCOPE_EXPORT_STREAM                 = 'export_stream';
49    const SCOPE_MANAGE_FRIENDLIST             = 'manage_friendlists';
50    const SCOPE_MANAGE_NOTIFICATIONS          = 'manage_notifications';
51    const SCOPE_PHOTO_UPLOAD                  = 'photo_upload';
52    const SCOPE_PUBLISH_ACTIONS               = 'publish_actions';
53    const SCOPE_PUBLISH_CHECKINS              = 'publish_checkins';
54    const SCOPE_PUBLISH_STREAM                = 'publish_stream';
55    const SCOPE_RSVP_EVENT                    = 'rsvp_event';
56    const SCOPE_SHARE_ITEM                    = 'share_item';
57    const SCOPE_SMS                           = 'sms';
58    const SCOPE_STATUS_UPDATE                 = 'status_update';
59    // Extended Profile Properties
60    const SCOPE_USER_POSTS                    = 'user_posts';
61    const SCOPE_USER_FRIENDS                  = 'user_friends';
62    const SCOPE_USER_ABOUT                    = 'user_about_me';
63    const SCOPE_USER_TAGGED_PLACES            = 'user_tagged_places';
64    const SCOPE_FRIENDS_ABOUT                 = 'friends_about_me';
65    const SCOPE_USER_ACTIVITIES               = 'user_activities';
66    const SCOPE_FRIENDS_ACTIVITIES            = 'friends_activities';
67    const SCOPE_USER_BIRTHDAY                 = 'user_birthday';
68    const SCOPE_FRIENDS_BIRTHDAY              = 'friends_birthday';
69    const SCOPE_USER_CHECKINS                 = 'user_checkins';
70    const SCOPE_FRIENDS_CHECKINS              = 'friends_checkins';
71    const SCOPE_USER_EDUCATION                = 'user_education_history';
72    const SCOPE_FRIENDS_EDUCATION             = 'friends_education_history';
73    const SCOPE_USER_EVENTS                   = 'user_events';
74    const SCOPE_FRIENDS_EVENTS                = 'friends_events';
75    const SCOPE_USER_GROUPS                   = 'user_groups';
76    const SCOPE_USER_MANAGED_GROUPS           = 'user_managed_groups';
77    const SCOPE_FRIENDS_GROUPS                = 'friends_groups';
78    const SCOPE_USER_HOMETOWN                 = 'user_hometown';
79    const SCOPE_FRIENDS_HOMETOWN              = 'friends_hometown';
80    const SCOPE_USER_INTERESTS                = 'user_interests';
81    const SCOPE_FRIEND_INTERESTS              = 'friends_interests';
82    const SCOPE_USER_LIKES                    = 'user_likes';
83    const SCOPE_FRIENDS_LIKES                 = 'friends_likes';
84    const SCOPE_USER_LOCATION                 = 'user_location';
85    const SCOPE_FRIENDS_LOCATION              = 'friends_location';
86    const SCOPE_USER_NOTES                    = 'user_notes';
87    const SCOPE_FRIENDS_NOTES                 = 'friends_notes';
88    const SCOPE_USER_PHOTOS                   = 'user_photos';
89    const SCOPE_USER_PHOTO_VIDEO_TAGS         = 'user_photo_video_tags';
90    const SCOPE_FRIENDS_PHOTOS                = 'friends_photos';
91    const SCOPE_FRIENDS_PHOTO_VIDEO_TAGS      = 'friends_photo_video_tags';
92    const SCOPE_USER_QUESTIONS                = 'user_questions';
93    const SCOPE_FRIENDS_QUESTIONS             = 'friends_questions';
94    const SCOPE_USER_RELATIONSHIPS            = 'user_relationships';
95    const SCOPE_FRIENDS_RELATIONSHIPS         = 'friends_relationships';
96    const SCOPE_USER_RELATIONSHIPS_DETAILS    = 'user_relationship_details';
97    const SCOPE_FRIENDS_RELATIONSHIPS_DETAILS = 'friends_relationship_details';
98    const SCOPE_USER_RELIGION                 = 'user_religion_politics';
99    const SCOPE_FRIENDS_RELIGION              = 'friends_religion_politics';
100    const SCOPE_USER_STATUS                   = 'user_status';
101    const SCOPE_FRIENDS_STATUS                = 'friends_status';
102    const SCOPE_USER_SUBSCRIPTIONS            = 'user_subscriptions';
103    const SCOPE_FRIENDS_SUBSCRIPTIONS         = 'friends_subscriptions';
104    const SCOPE_USER_VIDEOS                   = 'user_videos';
105    const SCOPE_FRIENDS_VIDEOS                = 'friends_videos';
106    const SCOPE_USER_WEBSITE                  = 'user_website';
107    const SCOPE_FRIENDS_WEBSITE               = 'friends_website';
108    const SCOPE_USER_WORK                     = 'user_work_history';
109    const SCOPE_FRIENDS_WORK                  = 'friends_work_history';
110    // Open Graph Permissions
111    const SCOPE_USER_MUSIC                    = 'user_actions.music';
112    const SCOPE_FRIENDS_MUSIC                 = 'friends_actions.music';
113    const SCOPE_USER_NEWS                     = 'user_actions.news';
114    const SCOPE_FRIENDS_NEWS                  = 'friends_actions.news';
115    const SCOPE_USER_VIDEO                    = 'user_actions.video';
116    const SCOPE_FRIENDS_VIDEO                 = 'friends_actions.video';
117    const SCOPE_USER_APP                      = 'user_actions:APP_NAMESPACE';
118    const SCOPE_FRIENDS_APP                   = 'friends_actions:APP_NAMESPACE';
119    const SCOPE_USER_GAMES                    = 'user_games_activity';
120    const SCOPE_FRIENDS_GAMES                 = 'friends_games_activity';
121    //Page Permissions
122    const SCOPE_PAGES                         = 'manage_pages';
123    const SCOPE_PUBLISH_PAGES                 = 'publish_pages';
124
125    public function __construct(
126        CredentialsInterface $credentials,
127        ClientInterface $httpClient,
128        TokenStorageInterface $storage,
129        $scopes = array(),
130        UriInterface $baseApiUri = null,
131        $apiVersion = ""
132    ) {
133        parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri, true, $apiVersion);
134
135        if (null === $baseApiUri) {
136            $this->baseApiUri = new Uri('https://graph.facebook.com'.$this->getApiVersionString().'/');
137        }
138    }
139
140    /**
141     * {@inheritdoc}
142     */
143    public function getAuthorizationEndpoint()
144    {
145        return new Uri('https://www.facebook.com'.$this->getApiVersionString().'/dialog/oauth');
146    }
147
148    /**
149     * {@inheritdoc}
150     */
151    public function getAccessTokenEndpoint()
152    {
153        return new Uri('https://graph.facebook.com'.$this->getApiVersionString().'/oauth/access_token');
154    }
155
156    /**
157     * {@inheritdoc}
158     */
159    protected function parseAccessTokenResponse($responseBody)
160    {
161        $data = @json_decode($responseBody, true);
162
163        // Facebook gives us a query string on old api (v2.0)
164        if (!$data) {
165            parse_str($responseBody, $data);
166        }
167
168        if (null === $data || !is_array($data)) {
169            throw new TokenResponseException('Unable to parse response.');
170        } elseif (isset($data['error'])) {
171            throw new TokenResponseException('Error in retrieving token: "' . $data['error'] . '"');
172        }
173
174        $token = new StdOAuth2Token();
175        $token->setAccessToken($data['access_token']);
176
177        if (isset($data['expires'])) {
178            $token->setLifeTime($data['expires']);
179        }
180
181        if (isset($data['refresh_token'])) {
182            $token->setRefreshToken($data['refresh_token']);
183            unset($data['refresh_token']);
184        }
185
186        unset($data['access_token']);
187        unset($data['expires']);
188
189        $token->setExtraParams($data);
190
191        return $token;
192    }
193
194    public function getDialogUri($dialogPath, array $parameters)
195    {
196        if (!isset($parameters['redirect_uri'])) {
197            throw new Exception("Redirect uri is mandatory for this request");
198        }
199        $parameters['app_id'] = $this->credentials->getConsumerId();
200        $baseUrl = self::WWW_URL .$this->getApiVersionString(). '/dialog/' . $dialogPath;
201        $query = http_build_query($parameters);
202        return new Uri($baseUrl . '?' . $query);
203    }
204
205    /**
206     * {@inheritdoc}
207     */
208    protected function getApiVersionString()
209    {
210        return empty($this->apiVersion) ? '' : '/v' . $this->apiVersion;
211    }
212
213    /**
214     * {@inheritdoc}
215     */
216    protected function getScopesDelimiter()
217    {
218        return ',';
219    }
220}
221