承接 retrochaos/trustpilot-authenticator 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

retrochaos/trustpilot-authenticator

Composer 安装命令:

composer require retrochaos/trustpilot-authenticator

包简介

A PHP library for obtaining Trustpilot API access tokens

README 文档

README

A PHP library for obtaining access tokens for the Trustpilot Business User OAuth API.

Originally developed and open-sourced by moneymaxim.

Fully modernised to:

  • Use Symfony HTTP Client
  • Support all current Trustpilot OAuth grant types
  • Provide type-safe error handling
  • Provide refresh & revoke support

Install

Install via Composer:

composer require retrochaos/trustpilot-authenticator

The package has no external dependencies other than Symfony’s HTTP client (automatically installed).

Supported OAuth Flows

This library supports all Trustpilot Business OAuth grant types:

Flow Method
Password (legacy, deprecated but still works for old apps) requestPasswordAccessToken()
Client Credentials (server-to-server) requestClientCredentialsAccessToken()
Authorization Code (interactive user login) requestAuthorizationCodeAccessToken()
Refresh Token refreshAccessToken()
Revoke Refresh Token revokeRefreshToken()
Build Authorization URL buildAuthorizationUrl()

Usage

Create the authenticator

use Trustpilot\Api\Authenticator\Authenticator;

$authenticator = new Authenticator();

1. Password Grant (Deprecated by Trustpilot)

Useful only for older Trustpilot applications pre-February 2025.

$token = $authenticator->requestPasswordAccessToken(
    $apiKey,
    $apiSecret,
    $username,
    $password
);

$token->getToken();           // string
$token->getExpiry();          // DateTimeInterface
$token->getRefreshToken();    // ?string

The alias getAccessToken() still works for backwards compatibility.

2. Client Credentials Grant (Recommended)

Best for server-to-server integrations.

$token = $authenticator->requestClientCredentialsAccessToken(
    $apiKey,
    $apiSecret
);

3. Authorization Code Grant (Interactive User Login)

Step 1 — Redirect the user to login

$url = $authenticator->buildAuthorizationUrl(
    $apiKey,
    $redirectUri,
    $state = 'optional-state',
    ['business-user-access-read', 'another-scope']
);

// Redirect the browser:
header("Location: $url");
exit;

Step 2 — Exchange the returned code for a real access token

$token = $authenticator->requestAuthorizationCodeAccessToken(
    $apiKey,
    $apiSecret,
    $_GET['code'],
    $redirectUri
);

4. Refresh an Access Token

$newToken = $authenticator->refreshAccessToken(
    $apiKey,
    $apiSecret,
    $oldToken->getRefreshToken()
);

5. Revoke a Refresh Token

$authenticator->revokeRefreshToken($refreshToken);

6. buildAuthorizationUrl()

buildAuthorizationUrl() constructs a Trustpilot-compatible login URL for the Authorization Code OAuth flow.

Signature

public function buildAuthorizationUrl(
    string $clientId,
    string $redirectUri,
    ?string $state = null,
    array $scopes = []
): string

Parameters

Parameter Description
clientId Your Trustpilot API key
redirectUri URL that Trustpilot redirects the user back to
state Optional anti-CSRF or session identifier
scopes Optional list of OAuth scopes as an array of strings

Example

$url = $authenticator->buildAuthorizationUrl(
    $apiKey,
    'https://example.com/oauth/callback',
    'session-123',
    ['business-user-access-read']
);

echo $url;

Example output:

https://authenticate.trustpilot.com?client_id=YOUR_KEY&redirect_uri=https%3A%2F%2Fexample.com%2Foauth%2Fcallback&response_type=code&state=session-123&scope=business-user-access-read

What you do with it

  • Redirect the user to the URL
  • Trustpilot handles login
  • Trustpilot redirects them back to your app with ?code=...
  • Exchange that code using requestAuthorizationCodeAccessToken()

Error Handling

All errors throw a single exception type:

use Trustpilot\Api\Authenticator\AuthenticatorException;

try {
    $token = $authenticator->requestClientCredentialsAccessToken($apiKey, $apiSecret);
} catch (AuthenticatorException $e) {
    // Network errors
    // Invalid credentials
    // Invalid OAuth grant
    // HTTP 4xx/5xx
    // Malformed responses
    echo $e->getMessage();
}

AccessToken Object

Every method returns an AccessToken instance:

$token->getToken();        // string
$token->getExpiry();       // DateTimeInterface
$token->getRefreshToken(); // ?string
$token->isExpired();       // bool

Tests

A full PHPUnit test harness is included and covers:

  • Successful authentication flows
  • Error codes (400/401/403/500)
  • Network exceptions
  • Refresh & revoke
  • Authorization URL generation

Run tests with:

vendor/bin/phpunit

License

MIT License — feel free to use, modify, and contribute.

retrochaos/trustpilot-authenticator 适用场景与选型建议

retrochaos/trustpilot-authenticator 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 24 次下载、GitHub Stars 达 0, 最近一次更新时间为 2024 年 02 月 20 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 retrochaos/trustpilot-authenticator 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 retrochaos/trustpilot-authenticator 我们能提供哪些服务?
定制开发 / 二次开发

基于 retrochaos/trustpilot-authenticator 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 24
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 7
  • 依赖项目数: 1
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 7
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2024-02-20