From 06143c81d280a9a35e207cd8d6dc06400b814a07 Mon Sep 17 00:00:00 2001
From: Aubruz <aubruz@hotmail.com>
Date: Wed, 2 May 2018 20:54:43 +0200
Subject: [PATCH 1/2] Add OAuth class

---
 src/OAuth.php | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 93 insertions(+)
 create mode 100644 src/OAuth.php

diff --git a/src/OAuth.php b/src/OAuth.php
new file mode 100644
index 0000000..34ef04c
--- /dev/null
+++ b/src/OAuth.php
@@ -0,0 +1,93 @@
+<?php
+
+
+namespace DrewM\MailChimp;
+
+
+/**
+ * Class OAuth
+ * This class allows one to use the oauth authentication of Mailchimp
+ * @package DrewM\MailChimp
+ */
+class OAuth
+{
+
+    /**
+     * Get Mailchimp Authentication url
+     *
+     * @param $client_id
+     * @param $redirect_uri
+     * @return string
+     */
+    public static function getAuthUrl($client_id, $redirect_uri){
+        $encoded_uri = urldecode($redirect_uri);
+        $authUrl = "https://login.mailchimp.com/oauth2/authorize";
+        $authUrl .= "?client_id=" . $client_id;
+        $authUrl .= "&redirect_uri=" . $encoded_uri;
+        $authUrl .= "&response_type=code";
+        return $authUrl;
+    }
+
+    /**
+     * Get a user access token from the code retrieved with getUrl
+     *
+     * @param $code
+     * @param $client_id
+     * @param $client_secret
+     * @param $redirect_uri
+     * @return string
+     */
+    public static function getAccessToken($code, $client_id, $client_secret, $redirect_uri)
+    {
+        $encoded_uri = urldecode($redirect_uri);
+        $oauth_string = "grant_type=authorization_code";
+        $oauth_string .= "&client_id=" . $client_id;
+        $oauth_string .= "&client_secret=" . $client_secret;
+        $oauth_string .= "&redirect_uri=" . $encoded_uri;
+        $oauth_string .= "&code=" . $code;
+
+        return self::exchange($oauth_string);
+    }
+
+    /**
+     * Internal function that makes call to Mailchimp API to get an access token
+     *
+     * @param $oauth_string
+     * @return string
+     * @throws \Exception
+     */
+    private static function exchange($oauth_string)
+    {
+        $ch = curl_init('https://login.mailchimp.com/oauth2/token');
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($ch, CURLOPT_POST, true);
+        curl_setopt($ch, CURLOPT_POSTFIELDS, $oauth_string);
+        $return = curl_exec($ch);
+        if (!is_null(json_decode($return))) {
+            $return = json_decode($return);
+        }
+        curl_close($ch);
+        if (!$return->access_token) {
+            throw new \Exception(
+                'MailChimp did not return an access token',
+                $return
+            );
+        }
+        $headers = array('Authorization: OAuth ' . $return->access_token);
+        $ch = curl_init("https://login.mailchimp.com/oauth2/metadata/");
+        curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        $account = curl_exec($ch);
+        if (!is_null(json_decode($account))) {
+            $account = json_decode($account);
+        }
+        curl_close($ch);
+        if (!$account->dc) {
+            throw new \Exception(
+                'Unable to retrieve account meta-data',
+                $account
+            );
+        }
+        return $return->access_token . "-" . $account->dc;
+    }
+}
\ No newline at end of file

From 22d0b833dedb4e692ba326cb0758d8e21e2c4bb2 Mon Sep 17 00:00:00 2001
From: Aubruz <aubruz@hotmail.com>
Date: Wed, 2 May 2018 20:54:50 +0200
Subject: [PATCH 2/2] Add OAuth Doc

---
 README.md | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/README.md b/README.md
index ee57cc8..f76834b 100644
--- a/README.md
+++ b/README.md
@@ -190,6 +190,41 @@ print_r($result);
 
 There doesn't appear to be any documentation for the content of the webhook data. It's helpful to use something like [ngrok](https://ngrok.com) for tunneling the webhooks to your development machine - you can then use its web interface to inspect what's been sent and to replay incoming webhooks while you debug your code.
 
+Oauth
+-----
+If you are using [Oauth](http://developer.mailchimp.com/documentation/mailchimp/guides/how-to-use-oauth2/) to obtain an access token, this library can handle the "handshake" for you.
+ 
+You must first send the user to the `authorize_uri`. You can get this url like this:
+
+```php 
+use \DrewM\MailChimp\OAuth;
+
+$client_id =   '12345676543';
+$redirect_url =  'https://www.some-domain.com/callback_file.php';
+
+$url = OAuth::getAuthUrl($client_id, $redirect_url);
+
+echo '<a href="'. $url . '">Login via mailchimp</a>';
+```
+
+Then the user will input their username and password to approve your application and will be redirected to the `redirect_uri` you provided along with a `code`.
+
+Since you do not yet have an API key you will need to call the `getAccessToken()` method statically like this:
+
+```php
+use \DrewM\MailChimp\OAuth;
+
+$code = 'abc123abc123abc123abc123';
+$client_id =   '12345676543';
+$client_secret =  '789xyz789xyz789xyz789xyz';
+$redirect_url =  'https://www.some-domain.com/callback_file.php';
+
+$UserAPIKey = OAuth::getAccessToken($code, $client_id, $client_secret, $redirect_url);
+```
+
+If the handshake is successful, then this method will return a string containing your API key like this: `123abc123abc123abc123abc123abc-us0`. This API key can now be used to instantiate the `Mailchimp` class above.
+
+
 Troubleshooting
 ---------------