Via Composer
$ composer require lrf141/oauth2-mastodon<?php
use Lrf141\OAuth2\Client\Provider\Mastodon;
session_start();
$provider = new Mastodon([
'clientId' => '',
'clientSecret' => '',
'redirectUri' => 'redirect url',
'instance' => 'https://mstdn.jp',
'scope' => 'read write follow',
]);
if (!isset($_GET['code'])) {
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
header('Location: '.$authUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', [
'code' => $_GET['code']
]);
// Optional: Now you have a token you can look up a users profile data
try {
$user = $provider->getResourceOwner($token);
echo $user->getName();
} catch(Exception $e) {
exit('Oh dear...');
}
echo $token->getToken();
}Please see CHANGELOG for more information on what has changed recently.
$ composer testPlease see CONTRIBUTING and CODE_OF_CONDUCT for details.
If you discover any security related issues, please email ghost141.kentyo @ gmail.com instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.