extract (protected) method OAuthProvider::addBasicAuthHeader()

Author: codemasher

src/Core/OAuth2Provider.php

@@ -16,7 +16,7 @@
 use Psr\Http\Message\{RequestInterface, ResponseInterface, UriInterface};
 use Throwable;
 use function array_merge, date, explode, hash, hash_equals, implode, in_array, is_array, random_int, sodium_bin2base64, sprintf;
-use const PHP_QUERY_RFC1738, PHP_VERSION_ID, SODIUM_BASE64_VARIANT_ORIGINAL, SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING;
+use const PHP_QUERY_RFC1738, PHP_VERSION_ID, SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING;
 
 /**
  * Implements an abstract OAuth2 provider with all methods required by the OAuth2Interface.
@@ -291,12 +291,10 @@ protected function getClientCredentialsTokenRequestBodyParams(array|null $scopes
 	 * sends a request to the client credentials endpoint, using basic authentication
 	 */
 	protected function sendClientCredentialsTokenRequest(string $url, array $body):ResponseInterface{
-		$auth = sodium_bin2base64(sprintf('%s:%s', $this->options->key, $this->options->secret), SODIUM_BASE64_VARIANT_ORIGINAL);
 
 		$request = $this->requestFactory
 			->createRequest('POST', $url)
 			->withHeader('Accept-Encoding', 'identity')
-			->withHeader('Authorization', sprintf('Basic %s', $auth))
 			->withHeader('Content-Type', 'application/x-www-form-urlencoded')
 			->withBody($this->streamFactory->createStream(QueryUtil::build($body, PHP_QUERY_RFC1738)))
 		;
@@ -305,6 +303,8 @@ protected function sendClientCredentialsTokenRequest(string $url, array $body):R
 			$request = $request->withHeader($header, $value);
 		}
 
+		$request = $this->addBasicAuthHeader($request);
+
 		return $this->http->sendRequest($request);
 	}
 

src/Core/OAuthProvider.php

@@ -24,9 +24,9 @@
 use Psr\Log\{LoggerInterface, NullLogger};
 use ReflectionClass, UnhandledMatchError;
 use function array_merge, array_shift, explode, implode, in_array, is_array, is_string,
-	json_encode, ltrim, random_bytes, rtrim, sodium_bin2hex, sprintf, str_contains,
-	str_starts_with, strip_tags, strtolower;
-use const PHP_QUERY_RFC1738;
+	json_encode, ltrim, random_bytes, rtrim, sodium_bin2hex, sodium_bin2base64,
+	sprintf, str_contains, str_starts_with, strip_tags, strtolower;
+use const PHP_QUERY_RFC1738, SODIUM_BASE64_VARIANT_ORIGINAL;
 
 /**
  * Implements an abstract OAuth provider with all methods required by the OAuthInterface.
@@ -236,6 +236,15 @@ protected function cleanBodyParams(iterable $params):array{
 		return QueryUtil::cleanParams($params, QueryUtil::BOOLEANS_AS_BOOL, true);
 	}
 
+	/**
+	 * Adds an "Authorization: Basic <base64(key:secret)>" header to the given request
+	 */
+	protected function addBasicAuthHeader(RequestInterface $request):RequestInterface{
+		$auth = sodium_bin2base64(sprintf('%s:%s', $this->options->key, $this->options->secret), SODIUM_BASE64_VARIANT_ORIGINAL);
+
+		return $request->withHeader('Authorization', sprintf('Basic %s', $auth));
+	}
+
 	/**
 	 * returns a 32 byte random string (in hexadecimal representation) for use as a nonce
 	 *

src/Providers/BigCartel.php

@@ -12,8 +12,7 @@
 namespace chillerlan\OAuth\Providers;
 
 use chillerlan\OAuth\Core\{AccessToken, AuthenticatedUser, CSRFToken, OAuth2Provider, TokenInvalidate, UserInfo};
-use function sodium_bin2base64, sprintf;
-use const SODIUM_BASE64_VARIANT_ORIGINAL;
+use function sprintf;
 
 /**
  * BigCartel OAuth2
@@ -58,13 +57,11 @@ public function me():AuthenticatedUser{
 	public function invalidateAccessToken(AccessToken|null $token = null):bool{
 		$tokenToInvalidate = ($token ?? $this->storage->getAccessToken($this->name));
 
-		$auth = sodium_bin2base64(sprintf('%s:%s', $this->options->key, $this->options->secret), SODIUM_BASE64_VARIANT_ORIGINAL);
-
 		$request = $this->requestFactory
 			->createRequest('POST', sprintf('%s/%s', $this->revokeURL, $this->getAccountID($tokenToInvalidate)))
-			->withHeader('Authorization', sprintf('Basic %s', $auth))
 		;
 
+		$request  = $this->addBasicAuthHeader($request);
 		$response = $this->http->sendRequest($request);
 
 		if($response->getStatusCode() === 204){

src/Providers/PayPal.php

@@ -16,8 +16,7 @@
 use chillerlan\HTTP\Utils\QueryUtil;
 use chillerlan\OAuth\Core\{AuthenticatedUser, ClientCredentials, CSRFToken, OAuth2Provider, TokenRefresh, UserInfo};
 use Psr\Http\Message\ResponseInterface;
-use function sodium_bin2base64, sprintf;
-use const PHP_QUERY_RFC1738, SODIUM_BASE64_VARIANT_ORIGINAL;
+use const PHP_QUERY_RFC1738;
 
 /**
  * PayPal OAuth2
@@ -58,16 +57,16 @@ protected function getAccessTokenRequestBodyParams(string $code):array{
 	 * @inheritDoc
 	 */
 	protected function sendAccessTokenRequest(string $url, array $body):ResponseInterface{
-		$auth = sodium_bin2base64(sprintf('%s:%s', $this->options->key, $this->options->secret), SODIUM_BASE64_VARIANT_ORIGINAL);
 
 		$request = $this->requestFactory
 			->createRequest('POST', $url)
 			->withHeader('Accept-Encoding', 'identity')
-			->withHeader('Authorization', sprintf('Basic %s', $auth))
 			->withHeader('Content-Type', 'application/x-www-form-urlencoded')
 			->withBody($this->streamFactory->createStream(QueryUtil::build($body, PHP_QUERY_RFC1738)))
 		;
 
+		$request = $this->addBasicAuthHeader($request);
+
 		return $this->http->sendRequest($request);
 	}
 

src/Providers/Reddit.php

@@ -19,8 +19,8 @@
 	OAuth2Provider, TokenInvalidate, TokenRefresh, UserInfo
 };
 use Psr\Http\Message\ResponseInterface;
-use function sodium_bin2base64, sprintf;
-use const PHP_QUERY_RFC1738, SODIUM_BASE64_VARIANT_ORIGINAL;
+use function sprintf;
+use const PHP_QUERY_RFC1738;
 
 /**
  * @see https://github.com/reddit-archive/reddit/wiki/OAuth2
@@ -99,16 +99,16 @@ protected function getAccessTokenRequestBodyParams(string $code):array{
 	 * @inheritDoc
 	 */
 	protected function sendAccessTokenRequest(string $url, array $body):ResponseInterface{
-		$auth = sodium_bin2base64(sprintf('%s:%s', $this->options->key, $this->options->secret), SODIUM_BASE64_VARIANT_ORIGINAL);
 
 		$request = $this->requestFactory
 			->createRequest('POST', $url)
 			->withHeader('Accept-Encoding', 'identity')
-			->withHeader('Authorization', sprintf('Basic %s', $auth))
 			->withHeader('Content-Type', 'application/x-www-form-urlencoded')
 			->withBody($this->streamFactory->createStream(QueryUtil::build($body, PHP_QUERY_RFC1738)))
 		;
 
+		$request = $this->addBasicAuthHeader($request);
+
 		return $this->http->sendRequest($request);
 	}
 
@@ -143,14 +143,12 @@ public function invalidateAccessToken(AccessToken $token = null):bool{
 			'token_type_hint' => 'access_token',
 		];
 
-		$auth = sodium_bin2base64(sprintf('%s:%s', $this->options->key, $this->options->secret), SODIUM_BASE64_VARIANT_ORIGINAL);
-
 		$request = $this->requestFactory
 			->createRequest('POST', $this->revokeURL)
-			->withHeader('Authorization', sprintf('Basic %s', $auth))
 			->withHeader('Content-Type', 'application/x-www-form-urlencoded')
 		;
 
+		$request  = $this->addBasicAuthHeader($request);
 		$request  = $this->setRequestBody($bodyParams, $request);
 		$response = $this->http->sendRequest($request);