I downloaded this library because I was looking at implementing OAuth2 for a large number of different social networks on my site.
I managed to get LinkedIn to work, and added my own hooks in order to register a user. I made it part of the way through VKontakte. But I found some general issues here... (in the case of VK it's not clear how to get the user's email address).
The code is a little difficult to work with. Each of the files for each of the services is basically the same, and they all have a lot of excess in them in terms of comments and <?php ?> when it would be easier if they were a little more structured.
The big problem with implementing this is that you have the task of going out and getting OAuth keys, and then you have to put them into all of these tiny little files, and the files themselves are not exactly 'production ready'. It's been a couple of months and I think this one had a good strategy for that, with a single file for managing the different URL strings for each organization, but it still is not straightforward.
This library is a good start towards something better. I looked at as many of the different OAuth and OAuth2 compatible libraries out there as I could, and what is good here is that central configuration file, along with the end point files for managing each provider.
I wish I had more time to describe my frustrations here, I am leaving this message as kind of a book mark so if it sends notifications I can describe the problems.
It does 'work' but it's not 'optimal'. It's also FREE and Open Source so this is not solely criticism. I like it and would love to be able to implement a fully working solution with all or as many of the providers as possible, but at the present it's too overwhelming and some things have to get handled to make it a fully working solution.
Manuel Lemos - 2017-03-21 21:21:42 - In reply to message 1 from Rob Lindman
Thanks for the feedback Rob.
The reason why there are separate example scripts for different OAuth servers, is because some details vary from one to the other depending on what you want to do.
For instance, different APIs require that you specify a different scope depending on what aspects of the API you want to access.
Also for just getting the user details, each API call URL is different.
With OpenID Connect, things can be the same, but not all OAuth servers support OpenID Connect.
The idea of these scripts is to just be the simplest solution to each person that wants to access each of the APIs. So the code has a section that outputs the results in HTML pages, thus the <?php ?> tags to embed code in HTML output at the end.
If you want to implement a general solution, you do not have to use these scripts. They are just examples.
Anyway, feel free to send your comments on any problems that you find.