We are looking for an oAuth expert who can provide us with a very clean and organized PHP class to manage oAuth connections between our website members and a variety of oAuth providers (initially the list must include Facebook, Twitter, Google, and LinkedIn). The purpose of the PHP class is to allow the oAuth process to occur (e.g. authorization, authentication, etc.) so that various features can be available in our system (e.g. login with "XXXX", social sharing/posting to "XXXX", using APIs to obtain user data from each provider, etc.) by calling the same PHP functions which are then designed to handle the queries as needed for each provider.
There are existing open source PHP classes/libraries that provide this type of functionality. Please review and familiarize yourself with each of the following before responding to this job posting:
PHP OAuth API - [url removed, login to view]
HybridAuth - [url removed, login to view]
It is possible that portions of this or other coding logic can be used as a starting point for this project. However, we are looking to have a PHP library customized for our use as described below. Thus the final product needs to satisfy each of the following requirements, not contain any extra functions/code we do not need, and basically be designed for our specific use so that it can be expanded to offer additional functionality and more providers over time.
Provider Configuration File - the code should use an include file (e.g. [url removed, login to view]) that contains an array of providers, the API and secret keys for our applications with each, etc. This will be a single file that we can update as needed when expanding to additional providers. The "scope" posted to each provider should be managed seperately through the authentication functions (so that scope can be changed for different uses).
Authorization/Authentication - An example "authentication status page" must be included that will display the authentication status of the member with each provider, and keep sessions active with each one until/unless the member has revoked authorization. We will be using this logic in our website to provide social sharing functionality (e.g. a member can click to automatically have a post shared on their Facebook timeline, tweeted in their Twitter account, etc.) Thus, it is critical for sessions to be automatically re-created when they expire so that members are not forced to redirect to each provider's site every time they want to share a post, etc.
Provider API for User Data - Beyond the functions needed for authentication, the PHP class must also include functions to standardize obtaining user data from providers (i.e. a single function that can be used with all providers to obtain their available user data from each). Since the field names can vary between providers, the function should standardize them and assign the data from each provider accordingly. Basically obtain all of the various data fields available from all providers such as identifier, firstName, lastName, displayName, etc.
Provider API for Social Sharing - There should be a single function that can be used to post data to each provider (e.g. sharing a post on Facebook, tweeting to Twitter, etc.) If providers have options, the function should include flags, etc. to trigger them. Again the idea here is to be able to call a single PHP function that will post data to each provider.
We are looking for someone who we can trust to continue to manage this part of our system. This initial project is an opportunity for the right person to prove themselves worthy of the long term opportunity.