Rewrite README; add news and notes to CHANGELOG #253
Conversation
| @@ -66,7 +66,7 @@ | |||
| <?php endif; ?> | |||
| <?php if ( $userinfo ) : | |||
| $picture = filter_var( $userinfo['picture'], FILTER_SANITIZE_URL ); | |||
| $nickname = filter_var( $userinfo['email'], FILTER_SANITIZE_STRING ); | |||
| $nickname = filter_var( $userinfo['nickname'], FILTER_SANITIZE_STRING ); | |||
README.md
Outdated
| @@ -7,290 +7,505 @@ | |||
| [](https://packagist.org/packages/auth0/auth0-php) | |||
| [](https://packagist.org/packages/auth0/auth0-php) | |||
|
|
|||
| The Auth0 PHP SDK was created to provide straight-forward and tested methods for accessing Authentication and Management API endpoints. This README provides the basics for getting started along with a few simple examples of how to use the SDK. | |||
There was a problem hiding this comment.
Suggested change: The Auth0 PHP SDK provides straight-forward and tested methods for accessing Authentication and Management API endpoints. This README describes how to get started and provides simple examples of how to use the SDK.
README.md
Outdated
| @@ -7,290 +7,505 @@ | |||
| [](https://packagist.org/packages/auth0/auth0-php) | |||
| [](https://packagist.org/packages/auth0/auth0-php) | |||
|
|
|||
| The Auth0 PHP SDK was created to provide straight-forward and tested methods for accessing Authentication and Management API endpoints. This README provides the basics for getting started along with a few simple examples of how to use the SDK. | |||
|
|
|||
| For a more detailed guide on how to install this in an existing project or to download a pre-configured seed project: | |||
There was a problem hiding this comment.
Suggested change: For more details about how to install this SDK into an existing project or how to download a preconfigured seed project, see:
README.md
Outdated
| ## Installation | ||
|
|
||
| Installing via composer | ||
| We recommend installing the SDK with [Composer](https://getcomposer.org/doc/00-intro.md). If you have Composer installed globally, it's as simple as: |
There was a problem hiding this comment.
Suggested change: We recommend installing the PHP SDK with Composer. If you already have Composer installed globally, run the following:
README.md
Outdated
|
|
||
| ## Security Upgrade Notes 5.1.0+ | ||
| Include the Composer autoload file in your project and you're ready to use the SDK: |
There was a problem hiding this comment.
Suggested change: Include the Composer autoload file in your project to use the SDK:
README.md
Outdated
|
|
||
| ### Decoding and verifying tokens | ||
| 1. Go to [auth0.com/signup](https://auth0.com/signup) and create your account |
There was a problem hiding this comment.
Suggested change: Go to auth0.com/signup and create your account.
README.md
Outdated
|
|
||
| ### from 0.6.6 | ||
| - Maintain the minimum PHP version (found under `require.php` in `composer.json`) | ||
| - Code to the [PSR-2 standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md) |
There was a problem hiding this comment.
Suggested change: Add a period at the end of the sentence.
README.md
Outdated
| ### from 0.6.6 | ||
| - Maintain the minimum PHP version (found under `require.php` in `composer.json`) | ||
| - Code to the [PSR-2 standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md) | ||
| - Write tests and run them with `composer test` |
There was a problem hiding this comment.
Suggested change: Add a period at the end of the sentence.
README.md
Outdated
| - Maintain the minimum PHP version (found under `require.php` in `composer.json`) | ||
| - Code to the [PSR-2 standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md) | ||
| - Write tests and run them with `composer test` | ||
| - Keep PRs focused and change the minimum number of lines to achieve your goal |
There was a problem hiding this comment.
Suggested change: Add a period at the end of the sentence.
README.md
Outdated
| 4. Configure the callback url to point `{your-base-url}\callback.php`. | ||
| 5. Open `examples/{example-name}/config.php` and replace all placeholder parameters. | ||
| 6. On your browser, open the Auth0 example project. Make sure `index.php` is being loaded. | ||
| - download this CA database `https://curl.haxx.se/ca/cacert.pem` to `c:/cacert.pem` |
There was a problem hiding this comment.
Suggested change: Download this CA database https://curl.haxx.se/ca/cacert.pem to c:/cacert.pem.
README.md
Outdated
| 5. Open `examples/{example-name}/config.php` and replace all placeholder parameters. | ||
| 6. On your browser, open the Auth0 example project. Make sure `index.php` is being loaded. | ||
| - download this CA database `https://curl.haxx.se/ca/cacert.pem` to `c:/cacert.pem` | ||
| - edit your php.ini and add `openssl.cafile=c:/cacert.pem` (it should point to the file you downloaded) |
There was a problem hiding this comment.
Suggested change: Edit your php.ini and add openssl.cafile=c:/cacert.pem. (It should point to the file you downloaded.)
|
Anywhere you have the docs site URL |
|
@jeffreylees - This is not a docs page so that's not possible :) |
|
Oh, I’m an idiot, thanks for not also being an idiot :D
… On May 2, 2018, at 5:42 PM, Josh Cunningham ***@***.***> wrote:
@jeffreylees <https://github.com/jeffreylees> - This is not a docs page so that's not possible :)
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub <#253 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACnNXH5NeNJYQb2-8UuUhU9JFapQPSwWks5tuihLgaJpZM4TvttX>.
|
|
@tamigoodall - All fixed up, great suggestions, thank you! |
|
|
||
| For more details about how to install this SDK into an existing project or how to download a preconfigured seed project, see: | ||
|
|
||
| * [Basic PHP application quickstart](https://auth0.com/docs/quickstart/webapp/php/) |
README.md
Outdated
| AUTH0_MANAGEMENT_AUDIENCE="https://${AUTH0_DOMAIN}/api/v2/" | ||
|
|
||
| # API token for accessing the Management API (not required for authentication calls) | ||
| AUTH0_MANAGEMENT_API_TOKEN="App token goes here" |
|
|
||
| ## Usage - Authentication API | ||
|
|
||
| This SDK provides easy-to-implement methods to access the [Authentication API](https://auth0.com/docs/api/authentication). Some common authentication operations are explained below with examples. For additional information and capabilities, please see the methods in the `\Auth0\SDK\API\Authentication` class. Avoid using any methods marked `@deprecated` as they will be removed in the next major version and may not be enabled for your account. |
There was a problem hiding this comment.
Avoid using any methods marked
@deprecated
A warning should be added for "public but internal methods". Does that apply for this SDK as well?
There was a problem hiding this comment.
No. WP is like that because the hooks system needs a public function to call.
README.md
Outdated
|
|
||
| This SDK provides easy-to-implement methods to access the [Authentication API](https://auth0.com/docs/api/authentication). Some common authentication operations are explained below with examples. For additional information and capabilities, please see the methods in the `\Auth0\SDK\API\Authentication` class. Avoid using any methods marked `@deprecated` as they will be removed in the next major version and may not be enabled for your account. | ||
|
|
||
| The examples below assume that you followed the installation steps above and are using a `.env` file and loader to store credentials. |
There was a problem hiding this comment.
I guess you meant something like the https://github.com/josegonzalez/php-dotenv you mentioned before. Maybe it's easier to copy-paste that paragraph here for people skipping that section and going straight to authentication.
There was a problem hiding this comment.
I'll add a direct link to the top. I'd rather not repeat steps here as the getenv() function is used throughout.
|
|
||
| The PHP SDK handles most of the previous steps. Your application needs to: | ||
|
|
||
| 1. Determine a log in action (for example: click a link, visit walled content, etc.) and call `Auth0::login()` |
There was a problem hiding this comment.
visit walled content
what do you mean?
|
|
||
| In order to use the Management API, you must authenticate one of two ways: | ||
|
|
||
| - For temporary access or testing, you can [manually generate an API token](https://auth0.com/docs/api/management/v2/tokens#get-a-token-manually) and save it in your `.env` file |
There was a problem hiding this comment.
I'd add a warning stating that the tokens cannot be revoked once generated, and that they will be valid until the expiration time specified on the text field next to the "regenerate token" button of the MGMT API's settings page. The doc page is already linked so that's OK.
There was a problem hiding this comment.
I'll leave the details to that docs link
README.md
Outdated
| In order to use the Management API, you must authenticate one of two ways: | ||
|
|
||
| - For temporary access or testing, you can [manually generate an API token](https://auth0.com/docs/api/management/v2/tokens#get-a-token-manually) and save it in your `.env` file | ||
| - For extended access, you can create and execute and Client Credentials grant (detailed above) when access is required |
There was a problem hiding this comment.
if by "above" you meant the doc, say instead "detailed in the link above" as this sounds more like "above in this readme"
There was a problem hiding this comment.
It does mean "above in this readme" but I'll add a link as well 👍
| The auth0 domain, is the one you pick when you created your auth0 account. | ||
| You need to set this callback url in your app allowed callbacks. | ||
| The app token is used in the 'create user' page and needs `create:users` scope. To create one, you need to use the token generator in the [API V2 documentation page](https://auth0.com/docs/apiv2) | ||
| The `Management` class stores access to endpoints as properties of its instances. The best way to see what endpoints are covered is to read through the `\Auth0\SDK\API\Management::__construct()` method. |
There was a problem hiding this comment.
I'm not saying you're lazy for not listing them, but a short list would probably be better. Check how I'm doing that in java. This comment is tied to the "official API documentation" one above
There was a problem hiding this comment.
Thank you for not saying I'm lazy ... this already took more than a day (not including review comments 😆 )!
I need to generate a list of what's covered but I don't think it's essential for this re-write. I have this task captured on my end.
README.md
Outdated
| - `APP_CLIENT_ID` - Client ID for the test Application | ||
| - `APP_CLIENT_SECRET` - Client Secret for the test Application | ||
| - `GLOBAL_CLIENT_ID` - Client ID for your tenant (found in Tenant > Settings > Advanced) | ||
| - `GLOBAL_CLIENT_SECRET` - Client Secret for your tenant (found in Tenant > Settings > Advanced) |
There was a problem hiding this comment.
Just below this I'd add "note that the .env file is added to the .gitignore file so it's not commited." or something like that :D
README.md
Outdated
|
|
||
| ## Configure example | ||
| This is a common issue with latest PHP versions under windows (related to a incompatibility between windows and openssl CAs database). |
There was a problem hiding this comment.
Windows OS (capital, bold)
README.md
Outdated
| @@ -95,7 +95,7 @@ echo 'My Auth0 domain is ' . getenv('AUTH0_DOMAIN') . '!'; | |||
|
|
|||
| This SDK provides easy-to-implement methods to access the [Authentication API](https://auth0.com/docs/api/authentication). Some common authentication operations are explained below with examples. For additional information and capabilities, please see the methods in the `\Auth0\SDK\API\Authentication` class. Avoid using any methods marked `@deprecated` as they will be removed in the next major version and may not be enabled for your account. | |||
|
|
|||
| The examples below assume that you followed the installation steps above and are using a `.env` file and loader to store credentials. | |||
| The examples below assume that you followed the steps in the [Installation section](#installation) section above and are using a `.env` file and loader to store credentials. | |||
|
This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Complete re-write of the main README file for this repo. Highlights:
Fixes #248, #217