OAuth
in package
uses
ActivityLoggingTrait
OAuth 2.0 authentication utility for Canvas LMS
Implements the Canvas OAuth 2.0 flow including:
- Authorization URL generation
- Authorization code exchange
- Token refresh
- Token revocation
- Session token creation
Table of Contents
Properties
- $httpClient : HttpClientInterface|null
Methods
- exchangeCode() : array<string, mixed>
- Exchange authorization code for access token
- getAuthorizationUrl() : string
- Generate the authorization URL for OAuth flow
- getSessionToken() : string
- Get a session token for web-based features not available via API
- refreshToken() : array<string, mixed>
- Refresh the access token using refresh token
- revokeToken() : array<string, mixed>
- Revoke the current access token
- setHttpClient() : void
- Set the HTTP client for OAuth operations
- endTimer() : void
- End a timed operation and log the performance.
- getActivityLogger() : LoggerInterface
- Get the logger instance for activity logging.
- logActivity() : void
- Log an API activity with enriched context.
- logError() : void
- Log an API error with context.
- logFileUpload() : void
- Log file upload operations.
- logOAuthOperation() : void
- Log OAuth token operations.
- logPagination() : void
- Log pagination information.
- logPerformance() : void
- Log performance metrics for an operation.
- logSuccess() : void
- Log a successful API operation.
- startTimer() : float
- Start a timed operation for performance logging.
- getClient() : HttpClientInterface
- Get the HTTP client for OAuth operations
- sanitizeOAuthContext() : array<string, mixed>
- Sanitize OAuth context to remove sensitive data.
Properties
$httpClient
private
static HttpClientInterface|null
$httpClient
= null
Methods
exchangeCode()
Exchange authorization code for access token
public
static exchangeCode(string $code[, array<string, mixed> $options = [] ]) : array<string, mixed>
Parameters
- $code : string
-
The authorization code from Canvas callback
- $options : array<string, mixed> = []
-
Optional parameters including:
- replace_tokens: Set to '1' to replace existing tokens
Tags
Return values
array<string, mixed> —Token data including access_token, refresh_token, expires_in, user
getAuthorizationUrl()
Generate the authorization URL for OAuth flow
public
static getAuthorizationUrl([array<string, mixed> $params = [] ]) : string
Parameters
- $params : array<string, mixed> = []
-
Optional parameters including:
- state: Recommended for CSRF protection
- scope: Canvas API scopes (e.g., "url:GET|/api/v1/courses")
- purpose: Token description for user identification
- force_login: Set to '1' to force re-authentication
- unique_id: Pre-populate login form
Tags
Return values
string —The authorization URL to redirect the user to
getSessionToken()
Get a session token for web-based features not available via API
public
static getSessionToken([string|null $returnTo = null ]) : string
Parameters
- $returnTo : string|null = null
-
Optional URL to begin the web session at
Tags
Return values
string —The session URL
refreshToken()
Refresh the access token using refresh token
public
static refreshToken() : array<string, mixed>
Note: Canvas does not return a new refresh token
Tags
Return values
array<string, mixed> —Updated token data with new access_token and expires_in
revokeToken()
Revoke the current access token
public
static revokeToken([bool $expireSessions = false ]) : array<string, mixed>
Parameters
- $expireSessions : bool = false
-
Set to true to end all Canvas web sessions
Tags
Return values
array<string, mixed> —Response data, may contain forward_url for SSO logout
setHttpClient()
Set the HTTP client for OAuth operations
public
static setHttpClient(HttpClientInterface|null $client) : void
Parameters
- $client : HttpClientInterface|null
-
The HTTP client to use, or null to reset
endTimer()
End a timed operation and log the performance.
protected
endTimer(float $startTime, string $operation[, array<string, mixed> $context = [] ]) : void
Parameters
- $startTime : float
-
The start time from startTimer()
- $operation : string
-
The operation being measured
- $context : array<string, mixed> = []
-
Additional context
getActivityLogger()
Get the logger instance for activity logging.
protected
getActivityLogger() : LoggerInterface
Return values
LoggerInterfacelogActivity()
Log an API activity with enriched context.
protected
logActivity(string $action[, array<string, mixed> $context = [] ]) : void
Parameters
- $action : string
-
The action being performed (e.g., 'fetch', 'create', 'update', 'delete')
- $context : array<string, mixed> = []
-
Additional context for the log entry
logError()
Log an API error with context.
protected
logError(string $operation, Throwable $exception[, array<string, mixed> $context = [] ]) : void
Parameters
- $operation : string
-
The operation that failed
- $exception : Throwable
-
The exception that was thrown
- $context : array<string, mixed> = []
-
Additional context for the log entry
logFileUpload()
Log file upload operations.
protected
logFileUpload(string $step[, array<string, mixed> $context = [] ]) : void
Parameters
- $step : string
-
The upload step (e.g., 'initiate', 'upload', 'confirm')
- $context : array<string, mixed> = []
-
Additional context for the log entry
logOAuthOperation()
Log OAuth token operations.
protected
logOAuthOperation(string $operation[, array<string, mixed> $context = [] ]) : void
Parameters
- $operation : string
-
The OAuth operation (e.g., 'refresh', 'validate', 'revoke')
- $context : array<string, mixed> = []
-
Additional context for the log entry
logPagination()
Log pagination information.
protected
logPagination(string $operation, int $page, int $perPage[, array<string, mixed> $context = [] ]) : void
Parameters
- $operation : string
-
The pagination operation
- $page : int
-
The current page number
- $perPage : int
-
The number of items per page
- $context : array<string, mixed> = []
-
Additional context for the log entry
logPerformance()
Log performance metrics for an operation.
protected
logPerformance(string $operation, float $duration[, array<string, mixed> $context = [] ]) : void
Parameters
- $operation : string
-
The operation being measured
- $duration : float
-
The duration in seconds
- $context : array<string, mixed> = []
-
Additional context for the log entry
logSuccess()
Log a successful API operation.
protected
logSuccess(string $operation[, array<string, mixed> $context = [] ]) : void
Parameters
- $operation : string
-
The operation that succeeded
- $context : array<string, mixed> = []
-
Additional context for the log entry
startTimer()
Start a timed operation for performance logging.
protected
startTimer() : float
Return values
float —The start time
getClient()
Get the HTTP client for OAuth operations
private
static getClient() : HttpClientInterface
Return values
HttpClientInterfacesanitizeOAuthContext()
Sanitize OAuth context to remove sensitive data.
private
sanitizeOAuthContext(array<string, mixed> $context) : array<string, mixed>
Parameters
- $context : array<string, mixed>
-
The context to sanitize
Return values
array<string, mixed> —The sanitized context