This package provides Webflow OAuth 2.0 support for the PHP League's OAuth 2.0 Client.
This package requires PHP 8.0 or above.
To install, use composer:
composer require koalati/oauth2-webflow
<?php
use Koalati\OAuth2\Client\Provider\Webflow;
session_start();
$provider = new Webflow([
// @TODO Fill these based on your app's configuration
/**
* @see https://developers.webflow.com/docs/getting-started-with-apps#step-2-get-your-client-id-and-secret)
* @see https://developers.webflow.com/docs/oauth#user-authorization
*/
'clientId' => '{webflow-app-id}',
'clientSecret' => '{webflow-app-secret}',
'redirectUri' => 'https://example.com/callback-url',
]);
// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
echo "<a href='{$authUrl}'>Log in with Webflow</a>";
exit;
}
// Check given state against previously stored one to mitigate CSRF attack
if (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
http_response_code(403);
echo 'Invalid state / CSRF token.';
exit;
}
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', [
'code' => $_GET['code']
]);
// At this point, you have an access token you can use to interact with the API.
// You can use it to look up the user's information, or to make any other API calls.
try {
// We got an access token, let's now get the user's details
$user = $provider->getResourceOwner($token);
// Use these details to create a new profile
printf('<h1>Hello %s!</h1>', $user->getFirstName());
echo "<strong>Your Webflow user info:</strong><br>";
echo '<pre>';
print_r($user);
echo '</pre>';
} catch (\Exception $e) {
// Failed to get user details
exit("An error has occured while fetching the Webflow user's information.");
}
echo "<strong>Your Webflow access token:</strong> (keep this safe!)<br>";
echo '<pre>';
// Use this to interact with an API on the users behalf
echo $token->getToken();
echo '</pre>';<?php
use Koalati\OAuth2\Client\Provider\Webflow;
$provider = new Webflow([
// @TODO Fill these based on your app's configuration
/**
* @see https://developers.webflow.com/docs/getting-started-with-apps#step-2-get-your-client-id-and-secret)
* @see https://developers.webflow.com/docs/oauth#user-authorization
*/
'clientId' => '{webflow-app-id}',
'clientSecret' => '{webflow-app-secret}',
'redirectUri' => 'https://example.com/callback-url',
]);
// Use the token of "Authorization Code Flow" which you saved somewhere for the user
$token = $token->getToken();
try {
$provider->revokeAccessToken($token);
} catch (Exception $e) {
exit('Failed to revoke the Webflow access token.');
}This package does not provide any API interactions other than OAuth 2.0 authentication.
However, if you need to interact with the Webflow API, we recommend you check
out the koalati/webflow-api-client
package.
Please see CONTRIBUTING for details.
The core of this package was developed by Koalati, a QA platform for web developers and agencies.
Check out other contributors who helped maintain and make this package better: All Contributors.
The MIT License (MIT). Please see License File for more information.