new commit components

Компонент авторизации через соц сети вынес в папку common

new commit components
Компонент авторизации через соц сети вынес в папку common
Dmitryi
1 parent bb1ff629
Showing 76 changed files with 7942 additions and 18 deletions Show diff stats
common/components/nodge/eauth/.gitignore
common/components/nodge/eauth/CHANGELOG.md
common/components/nodge/eauth/LICENSE
common/components/nodge/eauth/README.md
common/components/nodge/eauth/composer.json
common/components/nodge/eauth/src/Bootstrap.php
common/components/nodge/eauth/src/EAuth.php
common/components/nodge/eauth/src/ErrorException.php
common/components/nodge/eauth/src/IAuthService.php
common/components/nodge/eauth/src/RedirectWidget.php
common/components/nodge/eauth/src/ServiceBase.php
common/components/nodge/eauth/src/Widget.php
common/components/nodge/eauth/src/assets/WidgetAssetBundle.php
common/components/nodge/eauth/src/assets/css/eauth.css
common/components/nodge/eauth/src/assets/images/auth-src.png
common/components/nodge/eauth/src/assets/images/auth.png
common/components/nodge/eauth/src/assets/js/eauth.js
common/components/nodge/eauth/src/messages/blank/eauth.php
common/components/nodge/eauth/src/messages/de/eauth.php
common/components/nodge/eauth/src/messages/en/eauth.php
+vendor
+composer.lock
+composer.phar
 \ No newline at end of file
+Yii2 EAuth Change Log
+=====================
+
+### 2.3.0 (17.10.2015)
+* Added InstagramOAuth2Service (#61)
+* Fixed default token lifetime (#53)
+* Replace array() with [] (#54)
+* Remove deprecated Google OpenID service (#56)
+* Remove deprecated Yandex OpenID service
+
+### 2.2.4 (27.07.2015)
+* Fixed typo in `oauth2/Service.php` (#34)
+* Added German translation
+* Added `email` attribute to `LinkedinOAuth2Service.php`
+
+### 2.2.3 (15.07.2014)
+* Added ability to call public api methods (without access token) (#28)
+
+### 2.2.2 (15.07.2014)
+* Fixed wrong redirect_uri when popup is used
+
+### 2.2.1 (25.04.2014)
+* Fix missing query params in callback urls (#26)
+* Follow Yii2 code style
+
+### 2.2.0 (19.04.2014)
+* Support for PHPoAuthLib v0.3 (#22)
+* Support for Yii2 beta
+* Internal state implementation replaced to PHPoAuthLib storage
+
+### 2.1.5 (24.03.2014)
+* Fixed Yii2 refactor (#17)
+* PSR-4
+
+### 2.1.4 (11.03.2014)
+* Fixed wrong callbackUrl in oauth\ServiceBase when UrlManager uses prettyUrl=false and showScript=false (#12)
+* Fixed Yii::t() calls according to Yii2 i18n Named Placeholders (#14)
+* Fixed Yii2 refactor #2630 (#15)
+
+### 2.1.3 (30.01.2014)
+* Yii2 update (Request methods has been refactored).
+
+### 2.1.2 (17.01.2014)
+* Fixed typo in oauth2\ServiceProxy
+
+### 2.1.1 (07.01.2014)
+* Fixed scope validation for OAuth services.
+
+### 2.1.0 (22.12.2013)
+* Reorganize project with new namespace.
+* Assets bundle has been moved.
+* Fixed typo in HttpClient (#8).
+* Added default User-Agent header to HttpClient.
+* Disabled CSRF validation for OpenID callbacks.
+* Optimized icons file.
+* Added SteamOpenIDService.
+* Improved redirect widget.
+
+### 2.0.3 (26.10.2013)
+* Fixed redirect_uri when not using url rule (#2).
+* Fixed hasValidAccessToken() method for OAuth1 services (#3).
+* Fixed auto login cookie (#4).
+
+### 2.0.2 (12.10.2013)
+* Fixed ServiceProxy constructor to match its interface (#1).
+* Added HttpClient with logging support and curl/streams fallback.
+* TokenStorage and HttpClient are configurable now.
+
+### 2.0.1 (08.09.2013)
+* Fixed package versions in the composer.json.
+* Fixed directories names.
+* Added support for custom scope separator in OAuth2 services.
+* Added support for additional headers for OAuth2 requests.
+* Added method to get error from access token response.
+* Added GitHubOAuth2Service.
+* Added LinkedinOAuth2Service.
+* Added MailruOAuth2Service.
+* Added OdnoklassnikiOAuth2Service.
+* Added LiveOAuth2Service.
+* Added YahooOpenIDService.
+
+### Version 2.0.0 (03.09.2013)
+* Use curl for http requests by default.
+* getIsAuthenticated() function now looks up for existing access token for all OAuth services.
+* Added support for oauth_expires_in to OAuth1 services.
+* Added error handlers to OAuth1 services.
+* Added support for refresh tokens to OAuth2 ServiceProxy.
+* Added an option to disable OAuth2 state validation.
+
+### 31.08.2013
+* Reorganize directories. Separate root directory by service type.
+* Fixed OAuthService::getCallbackUrl(). Now returns url without GET arguments.
+* Fixed typos in OAuth services.
+* Fixed OpenID loadAttributes functions.
+* OAuth2 display mode handling moved to the base class.
+* Added OAuthService::getAccessTokenData() method to access to valid access_token and related data.
+* Added token default lifetime setting.
+* Added "state" argument handling for OAuth2 services to improve security.
+* Updated OpenID library. Fixed error with stream requests.
+* Added VKontakteOAuth2Service.
+* Added GoogleOAuth2Service.
+* Added GoogleOAuth2Service.
+* Added YandexOAuth2Service.
+* Added session token storage using Yii session.
+
+### 30.08.2013
+* Initial release for Yii2.
+Copyright (c) 2011, Maxim Zemskov
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 \ No newline at end of file
+Yii2 EAuth extension
+====================
+
+EAuth extension allows to authenticate users with accounts on other websites.
+Supported protocols: OpenID, OAuth 1.0 and OAuth 2.0.
+
+EAuth is an extension to provide a unified (does not depend on the selected service) method to authenticate the user. The extension itself does not perform login, does not register the user and does not bind the user accounts from different providers.
+
+* [Demo](http://nodge.ru/yii-eauth/demo2/)
+* [Demo project](https://github.com/Nodge/yii2-eauth-demo/)
+* [Installation](#installation)
+* [Version for yii 1.1](https://github.com/Nodge/yii-eauth/)
+
+### Why own extension and not a third-party service?
+The implementation of the authorization on your own server has several advantages:
+
+* Full control over the process: What will be written in the authorization window, what data we get, etc.
+* Ability to change the appearance of the widget.
+* When logging in via OAuth, it is possible to invoke methods on the API.
+* Fewer dependencies on third-party services - more reliable application.
+
+
+### The extension allows you to:
+
+* Ignore the nuances of authorization through the different types of services and use the class based adapters for each service.
+* Get a unique user ID that can be used to register the user in your application.
+* Extend the standard authorization classes to obtain additional data about the user.
+* Work with the API of social networks by extending the authorization classes.
+* Set up a list of supported services, customize the appearance of the widget, use the popup window without closing your application.
+
+
+### Extension includes:
+
+* The component that contains utility functions.
+* A widget that displays a list of services in the form of icons and allowing authorization in the popup window.
+* Base classes to create your own services.
+* Ready to authenticate via Google, Twitter, Facebook and other providers.
+
+
+### Included services:
+
+* OpenID:
+	* Yahoo
+	* Steam
+* OAuth1:
+	* Twitter
+	* LinkedIn
+* OAuth2:
+	* Google
+	* Facebook
+	* Live
+	* GitHub
+	* LinkedIn
+	* Instagram
+	* Yandex (ru)
+	* VKontake (ru)
+	* Mail.ru (ru)
+	* Odnoklassniki (ru)
+
+
+### Resources
+
+* [Yii EAuth](https://github.com/Nodge/yii2-eauth)
+* [Demo](http://nodge.ru/yii-eauth/demo2/)
+* [Demo project](https://github.com/Nodge/yii2-eauth-demo/)
+* [Yii Framework](http://yiiframework.com/)
+* [OpenID](http://openid.net/)
+* [OAuth](http://oauth.net/)
+* [OAuth 2.0](http://oauth.net/2/)
+* [LightOpenID](https://github.com/iignatov/LightOpenID)
+* [PHPoAuthLib](https://github.com/Lusitanian/PHPoAuthLib)
+
+
+### Requirements
+
+* Yii 2.0 or above
+* curl php extension
+* LightOpenId
+* PHPoAuthLib
+
+
+# Installation
+
+This library can be found on [Packagist](https://packagist.org/packages/nodge/yii2-eauth).
+The recommended way to install this is through [composer](http://getcomposer.org).
+
+Edit your `composer.json` and add:
+
+```json
+{
+		"require": {
+				"nodge/yii2-eauth": "~2.0"
+		}
+}
+```
+
+And install dependencies:
+
+```bash
+$ curl -sS https://getcomposer.org/installer | php
+$ php composer.phar install
+```
+
+
+# Usage
+
+## Demo project
+
+The source code of the [demo](http://nodge.ru/yii-eauth/demo2/) is available [here](https://github.com/Nodge/yii2-eauth-demo/).
+
+
+## Basic setup
+
+### Configuration
+
+Add the following in your config:
+
+```php
+<?php
+...
+	'components' => [
+		'eauth' => [
+			'class' => 'nodge\eauth\EAuth',
+			'popup' => true, // Use the popup window instead of redirecting.
+			'cache' => false, // Cache component name or false to disable cache. Defaults to 'cache' on production environments.
+			'cacheExpire' => 0, // Cache lifetime. Defaults to 0 - means unlimited.
+			'httpClient' => [
+				// uncomment this to use streams in safe_mode
+				//'useStreamsFallback' => true,
+			],
+			'services' => [ // You can change the providers and their classes.
+				'google' => [
+					// register your app here: https://code.google.com/apis/console/
+					'class' => 'nodge\eauth\services\GoogleOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+					'title' => 'Google',
+				],
+				'twitter' => [
+					// register your app here: https://dev.twitter.com/apps/new
+					'class' => 'nodge\eauth\services\TwitterOAuth1Service',
+					'key' => '...',
+					'secret' => '...',
+				],
+				'yandex' => [
+					// register your app here: https://oauth.yandex.ru/client/my
+					'class' => 'nodge\eauth\services\YandexOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+					'title' => 'Yandex',
+				],
+				'facebook' => [
+					// register your app here: https://developers.facebook.com/apps/
+					'class' => 'nodge\eauth\services\FacebookOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+				],
+				'yahoo' => [
+					'class' => 'nodge\eauth\services\YahooOpenIDService',
+					//'realm' => '*.example.org', // your domain, can be with wildcard to authenticate on subdomains.
+				],
+				'linkedin' => [
+					// register your app here: https://www.linkedin.com/secure/developer
+					'class' => 'nodge\eauth\services\LinkedinOAuth1Service',
+					'key' => '...',
+					'secret' => '...',
+					'title' => 'LinkedIn (OAuth1)',
+				],
+				'linkedin_oauth2' => [
+					// register your app here: https://www.linkedin.com/secure/developer
+					'class' => 'nodge\eauth\services\LinkedinOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+					'title' => 'LinkedIn (OAuth2)',
+				],
+				'github' => [
+					// register your app here: https://github.com/settings/applications
+					'class' => 'nodge\eauth\services\GitHubOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+				],
+				'live' => [
+					// register your app here: https://account.live.com/developers/applications/index
+					'class' => 'nodge\eauth\services\LiveOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+				],
+				'steam' => [
+					'class' => 'nodge\eauth\services\SteamOpenIDService',
+					//'realm' => '*.example.org', // your domain, can be with wildcard to authenticate on subdomains.
+				],
+				'instagram' => [
+					// register your app here: https://instagram.com/developer/register/
+					'class' => 'nodge\eauth\services\InstagramOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+				],
+				'vkontakte' => [
+					// register your app here: https://vk.com/editapp?act=create&site=1
+					'class' => 'nodge\eauth\services\VKontakteOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+				],
+				'mailru' => [
+					// register your app here: http://api.mail.ru/sites/my/add
+					'class' => 'nodge\eauth\services\MailruOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+				],
+				'odnoklassniki' => [
+					// register your app here: http://dev.odnoklassniki.ru/wiki/pages/viewpage.action?pageId=13992188
+					// ... or here: http://www.odnoklassniki.ru/dk?st.cmd=appsInfoMyDevList&st._aid=Apps_Info_MyDev
+					'class' => 'nodge\eauth\services\OdnoklassnikiOAuth2Service',
+					'clientId' => '...',
+					'clientSecret' => '...',
+					'clientPublic' => '...',
+					'title' => 'Odnoklas.',
+					],
+			],
+		],
+		
+		'i18n' => [
+			'translations' => [
+				'eauth' => [
+					'class' => 'yii\i18n\PhpMessageSource',
+					'basePath' => '@eauth/messages',
+				],
+			],
+		],
+
+		// (optionally) you can configure pretty urls
+		'urlManager' => [
+			'enablePrettyUrl' => true,
+			'showScriptName' => false,
+			'rules' => [
+				'login/<service:google|facebook|etc>' => 'site/login',
+			],
+		],
+
+		// (optionally) you can configure logging
+		'log' => [
+			'targets' => [
+				[
+					'class' => 'yii\log\FileTarget',
+					'logFile' => '@app/runtime/logs/eauth.log',
+					'categories' => ['nodge\eauth\*'],
+					'logVars' => [],
+				],
+			],
+		],
+		...
+	],
+...
+```
+
+### User model
+
+You need to modify your User model to login with EAuth services.
+Example from demo project:
+
+```php
+<?php
+...
+	/**
+	 * @var array EAuth attributes
+	 */
+	public $profile;
+
+	public static function findIdentity($id) {
+		if (Yii::$app->getSession()->has('user-'.$id)) {
+			return new self(Yii::$app->getSession()->get('user-'.$id));
+		}
+		else {
+			return isset(self::$users[$id]) ? new self(self::$users[$id]) : null;
+		}
+	}
+
+	/**
+	 * @param \nodge\eauth\ServiceBase $service
+	 * @return User
+	 * @throws ErrorException
+	 */
+	public static function findByEAuth($service) {
+		if (!$service->getIsAuthenticated()) {
+			throw new ErrorException('EAuth user should be authenticated before creating identity.');
+		}
+
+		$id = $service->getServiceName().'-'.$service->getId();
+		$attributes = [
+			'id' => $id,
+			'username' => $service->getAttribute('name'),
+			'authKey' => md5($id),
+			'profile' => $service->getAttributes(),
+		];
+		$attributes['profile']['service'] = $service->getServiceName();
+		Yii::$app->getSession()->set('user-'.$id, $attributes);
+		return new self($attributes);
+	}
+...
+```
+
+Then you can access to EAuth attributes through:
+
+```php
+<?php
+	$identity = Yii::$app->getUser()->getIdentity();
+	if (isset($identity->profile)) {
+		VarDumper::dump($identity->profile, 10, true);
+	}
+```
+
+### Controller
+
+Attach OpenID Controller behavior to disable CSRF validation for OpenID callbacks.
+Or you can disable CSRF validation by yourself.
+
+```php
+<?php
+...
+	public function behaviors() {
+				return [
+					'eauth' => [
+						// required to disable csrf validation on OpenID requests
+						'class' => \nodge\eauth\openid\ControllerBehavior::className(),
+						'only' => ['login'],
+					],
+				];
+			}
+...
+```
+
+Add the following to your Login action:
+
+```php
+<?php
+...
+	public function actionLogin() {
+		$serviceName = Yii::$app->getRequest()->getQueryParam('service');
+		if (isset($serviceName)) {
+			/** @var $eauth \nodge\eauth\ServiceBase */
+			$eauth = Yii::$app->get('eauth')->getIdentity($serviceName);
+			$eauth->setRedirectUrl(Yii::$app->getUser()->getReturnUrl());
+			$eauth->setCancelUrl(Yii::$app->getUrlManager()->createAbsoluteUrl('site/login'));
+
+			try {
+				if ($eauth->authenticate()) {
+//					var_dump($eauth->getIsAuthenticated(), $eauth->getAttributes()); exit;
+
+					$identity = User::findByEAuth($eauth);
+					Yii::$app->getUser()->login($identity);
+
+					// special redirect with closing popup window
+					$eauth->redirect();
+				}
+				else {
+					// close popup window and redirect to cancelUrl
+					$eauth->cancel();
+				}
+			}
+			catch (\nodge\eauth\ErrorException $e) {
+				// save error to show it later
+				Yii::$app->getSession()->setFlash('error', 'EAuthException: '.$e->getMessage());
+
+				// close popup window and redirect to cancelUrl
+//				$eauth->cancel();
+				$eauth->redirect($eauth->getCancelUrl());
+			}
+		}
+
+		// default authorization code through login/password ..
+	}
+...
+```
+
+### View
+
+```php
+...
+<?php
+	if (Yii::$app->getSession()->hasFlash('error')) {
+		echo '<div class="alert alert-danger">'.Yii::$app->getSession()->getFlash('error').'</div>';
+	}
+?>
+...
+<p class="lead">Do you already have an account on one of these sites? Click the logo to log in with it here:</p>
+<?php echo \nodge\eauth\Widget::widget(['action' => 'site/login']); ?>
+...
+```
+
+
+## Extending
+
+To receive all the necessary data to your application, you can override the base class of any provider.
+Base classes are stored in `@eauth/src/services`.
+Examples of extended classes can be found in `@eauth/src/services/extended/`.
+
+After overriding the base class, you need to update your configuration file with a new class name.
+
+
+## Working with OAuth API
+
+You can extend base classes with necessary methods and then write something like this:
+
+```php
+<?php
+	/** @var $eauth EAuthServiceBase */
+	$eauth = Yii::$app->eauth->getIdentity('facebook');
+
+	// to get protected resources user should be authenticated:
+	if ($eauth->getIsAuthenticated()) {
+		$eauth->callProtectedApiMethod();
+		$eauth->callAnotherProtectedApiMethod();
+	}
+
+	// or you can get public resources at any time:
+	$eauth->callPublicApiMethod();
+	$eauth->callAnotherPublicApiMethod();
+```
+
+Example of an API call method:
+
+```php
+<?php
+	class FacebookOAuth2Service extends \nodge\eauth\services\FacebookOAuth2Service
+	{
+		public function fooApiMethod($bar) {
+			$api_method = 'me'; // ex. for Facebook this results to https://graph.facebook.com/me
+
+			// get protected resource
+			$response = $this->makeSignedRequest($api_method, [
+				'query' => [ 'foo' => 'bar' ], // GET arguments
+				'data' => [ 'foo' => 'bar' ], // POST arguments
+				'headers' => [ 'X-Foo' => 'bar' ], // Extra HTTP headers
+			]);
+
+			// you can get public resources with the same API:
+			//$response = $this->makeRequest($api_method, $options);
+
+			// process $response
+			$data = process($response);
+
+			// return results
+			return $data;
+		}
+	}
+```
+
+API calls are performed if the current user has a valid access token (saved during the authentication).
+You can save access_token to your database by using custom token storage in your config:
+
+```php
+<?php
+...
+	'components' => [
+		'eauth' => [
+			'class' => 'nodge\eauth\EAuth',
+			'tokenStorage' => [
+				'class' => '@app\eauth\DatabaseTokenStorage',
+			],
+		],
+		...
+	],
+...
+```
+
+
+## Translation
+
+To use translations, add the following in your config:
+
+```php
+<?php
+...
+	'components' => [
+		'i18n' => [
+			'translations' => [
+				'eauth' => [
+					'class' => 'yii\i18n\PhpMessageSource',
+					'basePath' => '@eauth/messages',
+				],
+			],
+		],
+		...
+	],
+...
+```
+
+Available translations can be found in `@eauth/src/messages`.
+
+
+# License
+
+The extension was released under the [New BSD License](http://www.opensource.org/licenses/bsd-license.php), so you'll find the latest version on [GitHub](https://github.com/Nodge/yii2-eauth).
+{
+	"name": "nodge/yii2-eauth",
+	"description": "Yii2 EAuth Extension. EAuth allows to authenticate users with accounts on other websites (Google, Facebook, Twitter, etc).",
+	"keywords": ["yii2", "extension", "eauth", "openid", "oauth", "authentication"],
+	"homepage": "https://github.com/Nodge/yii2-eauth",
+	"type": "yii2-extension",
+	"license": "New BSD License",
+	"authors": [
+		{
+			"name": "Maxim Zemskov",
+			"email": "nodge@yandex.ru",
+			"homepage": "http://nodge.ru/"
+		}
+	],
+	"support": {
+		"source": "https://github.com/nodge/yii2-eauth"
+	},
+	"autoload": {
+		"psr-4": {
+			"common\modules\nodge\\eauth\\": "src/"
+		}
+	},
+	"require": {
+		"php": ">=5.4.0",
+		"lib-curl": "*",
+		"yiisoft/yii2": "*",
+		"lusitanian/oauth": "~0.3.0",
+		"nodge/lightopenid": "~1.1.0"
+	},
+	"extra": {
+		"bootstrap": "common\modules\nodge\\eauth\\Bootstrap"
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * Extension class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\modules\nodge\eauth\src\eauth;
+
+use Yii;
+use yii\base\Application;
+use yii\base\BootstrapInterface;
+
+/**
+ * This is the bootstrap class for the yii2-eauth extension.
+ */
+class Bootstrap implements BootstrapInterface
+{
+	/**
+	 * @inheritdoc
+	 */
+	public function bootstrap($app)
+	{
+		Yii::setAlias('@eauth', __DIR__);
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * EAuth class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src;
+
+use Yii;
+use yii\base\Object;
+use yii\helpers\ArrayHelper;
+use yii\helpers\Url;
+
+/**
+ * The EAuth class provides simple authentication via OpenID and OAuth providers.
+ *
+ * @package application.extensions.eauth
+ */
+class EAuth extends Object
+{
+
+	/**
+	 * @var array Authorization services and their settings.
+	 */
+	protected $services = [];
+
+	/**
+	 * @var boolean Whether to use popup window for the authorization dialog.
+	 */
+	protected $popup = true;
+
+	/**
+	 * @var string|bool Cache component name to use. False to disable cache.
+	 */
+	public $cache = null;
+
+	/**
+	 * @var integer the number of seconds in which the cached value will expire. 0 means never expire.
+	 */
+	public $cacheExpire = 0;
+
+	/**
+	 * @var string popup redirect view with custom js code
+	 */
+	protected $redirectWidget = '\\nodge\\eauth\\RedirectWidget';
+
+	/**
+	 * @var array TokenStorage class.
+	 */
+	protected $tokenStorage = [
+		'class' => 'nodge\eauth\oauth\SessionTokenStorage',
+	];
+
+	/**
+	 * @var array HttpClient class.
+	 */
+	protected $httpClient = [
+		'class' => 'nodge\eauth\oauth\HttpClient',
+//		'useStreamsFallback' => false,
+	];
+
+	/**
+	 * Initialize the component.
+	 */
+	public function init()
+	{
+		parent::init();
+
+		// set default cache on production environments
+		if (!isset($this->cache) && YII_ENV_PROD) {
+			$this->cache = 'cache';
+		}
+	}
+
+	/**
+	 * @param array $services
+	 */
+	public function setServices($services)
+	{
+		$this->services = $services;
+	}
+
+	/**
+	 * Returns services settings declared in the authorization classes.
+	 * For perfomance reasons it uses cache to store settings array.
+	 *
+	 * @return \stdClass[] services settings.
+	 */
+	public function getServices()
+	{
+		$services = false;
+		if (!empty($this->cache) && Yii::$app->has($this->cache)) {
+			/** @var $cache \yii\caching\Cache */
+			$cache = Yii::$app->get($this->cache);
+			$services = $cache->get('EAuth.services');
+		}
+
+		if (false === $services || !is_array($services)) {
+			$services = [];
+			foreach ($this->services as $service => $options) {
+				/** @var $class ServiceBase */
+				$class = $this->getIdentity($service);
+				$services[$service] = (object)[
+					'id' => $class->getServiceName(),
+					'title' => $class->getServiceTitle(),
+					'type' => $class->getServiceType(),
+					'jsArguments' => $class->getJsArguments(),
+				];
+			}
+			if (isset($cache)) {
+				$cache->set('EAuth.services', $services, $this->cacheExpire);
+			}
+		}
+		return $services;
+	}
+
+	/**
+	 * @param bool $usePopup
+	 */
+	public function setPopup($usePopup)
+	{
+		$this->popup = $usePopup;
+	}
+
+	/**
+	 * @return bool
+	 */
+	public function getPopup()
+	{
+		return $this->popup;
+	}
+
+	/**
+	 * @param string|bool $cache
+	 */
+	public function setCache($cache)
+	{
+		$this->cache = $cache;
+	}
+
+	/**
+	 * @return string|bool
+	 */
+	public function getCache()
+	{
+		return $this->cache;
+	}
+
+	/**
+	 * @param int $cacheExpire
+	 */
+	public function setCacheExpire($cacheExpire)
+	{
+		$this->cacheExpire = $cacheExpire;
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getCacheExpire()
+	{
+		return $this->cacheExpire;
+	}
+
+	/**
+	 * @param string $redirectWidget
+	 */
+	public function setRedirectWidget($redirectWidget)
+	{
+		$this->redirectWidget = $redirectWidget;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getRedirectWidget()
+	{
+		return $this->redirectWidget;
+	}
+
+	/**
+	 * @param array $config
+	 */
+	public function setTokenStorage(array $config)
+	{
+		$this->tokenStorage = ArrayHelper::merge($this->tokenStorage, $config);
+	}
+
+	/**
+	 * @return array
+	 */
+	public function getTokenStorage()
+	{
+		return $this->tokenStorage;
+	}
+
+	/**
+	 * @param array $config
+	 */
+	public function setHttpClient(array $config)
+	{
+		$this->httpClient = ArrayHelper::merge($this->httpClient, $config);
+	}
+
+	/**
+	 * @return array
+	 */
+	public function getHttpClient()
+	{
+		return $this->httpClient;
+	}
+
+	/**
+	 * Returns the settings of the service.
+	 *
+	 * @param string $service the service name.
+	 * @return \stdClass the service settings.
+	 * @throws ErrorException
+	 */
+	protected function getService($service)
+	{
+		$service = strtolower($service);
+		$services = $this->getServices();
+		if (!isset($services[$service])) {
+			throw new ErrorException(Yii::t('eauth', 'Undefined service name: {service}.', ['service' => $service]), 500);
+		}
+		return $services[$service];
+	}
+
+	/**
+	 * Returns the type of the service.
+	 *
+	 * @param string $service the service name.
+	 * @return string the service type.
+	 */
+	public function getServiceType($service)
+	{
+		$service = $this->getService($service);
+		return $service->type;
+	}
+
+	/**
+	 * Returns the service identity class.
+	 *
+	 * @param string $service the service name.
+	 * @return IAuthService the identity class.
+	 * @throws ErrorException
+	 */
+	public function getIdentity($service)
+	{
+		$service = strtolower($service);
+		if (!isset($this->services[$service])) {
+			throw new ErrorException(Yii::t('eauth', 'Undefined service name: {service}.', ['service' => $service]), 500);
+		}
+		$service = $this->services[$service];
+
+		$service['component'] = $this;
+
+		/** @var $identity IAuthService */
+		$identity = Yii::createObject($service);
+		return $identity;
+	}
+
+	/**
+	 * Redirects to url. If the authorization dialog opened in the popup window,
+	 * it will be closed instead of redirect. Set $jsRedirect=true if you want
+	 * to redirect anyway.
+	 *
+	 * @param mixed $url url to redirect. Can be route or normal url. See {@link CHtml::normalizeUrl}.
+	 * @param boolean $jsRedirect whether to use redirect while popup window is used. Defaults to true.
+	 * @param array $params
+	 */
+	public function redirect($url, $jsRedirect = true, $params = [])
+	{
+		/** @var RedirectWidget $widget */
+		$widget = Yii::createObject([
+			'class' => $this->redirectWidget,
+			'url' => Url::to($url),
+			'redirect' => $jsRedirect,
+			'params' => $params
+		]);
+		ob_start();
+		$widget->run();
+		$output = ob_get_clean();
+		$response = Yii::$app->getResponse();
+		$response->content = $output;
+		$response->send();
+		exit();
+	}
+
+	/**
+	 * Serialize the identity class.
+	 *
+	 * @param ServiceBase $identity the class instance.
+	 * @return string serialized value.
+	 */
+	public function toString($identity)
+	{
+		return serialize($identity);
+	}
+
+	/**
+	 * Serialize the identity class.
+	 *
+	 * @param string $identity serialized value.
+	 * @return ServiceBase the class instance.
+	 */
+	public function fromString($identity)
+	{
+		return unserialize($identity);
+	}
+
+}
+<?php
+/**
+ * ErrorException class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\modules\nodge\eauth\src\eauth;
+
+class ErrorException extends \yii\base\ErrorException
+{
+
+}
 \ No newline at end of file
+<?php
+/**
+ * IAuthService interface file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\modules\nodge\eauth\src\eauth;
+
+/**
+ * IAuthService is the interface for all service types and providers.
+ *
+ * @package application.extensions.eauth
+ */
+interface IAuthService
+{
+
+	/**
+	 * Returns service name(id).
+	 */
+	public function getServiceName();
+
+	/**
+	 * Returns service title.
+	 */
+	public function getServiceTitle();
+
+	/**
+	 * Returns service type (e.g. OpenID, OAuth).
+	 */
+	public function getServiceType();
+
+	/**
+	 * Returns arguments for the jQuery.eauth() javascript function.
+	 */
+	public function getJsArguments();
+
+
+	/**
+	 * Sets {@link EAuth} application component
+	 *
+	 * @param EAuth $component the application auth component.
+	 */
+	public function setComponent($component);
+
+	/**
+	 * Returns the {@link EAuth} application component.
+	 */
+	public function getComponent();
+
+
+	/**
+	 * Sets redirect url after successful authorization.
+	 *
+	 * @param string $url url to redirect.
+	 */
+	public function setRedirectUrl($url);
+
+	/**
+	 * Returns the redirect url after successful authorization.
+	 */
+	public function getRedirectUrl();
+
+
+	/**
+	 * Sets redirect url after unsuccessful authorization (e.g. user canceled).
+	 *
+	 * @param string $url url to redirect.
+	 */
+	public function setCancelUrl($url);
+
+	/**
+	 * Returns the redirect url after unsuccessful authorization (e.g. user canceled).
+	 */
+	public function getCancelUrl();
+
+
+	/**
+	 * Authenticate the user.
+	 */
+	public function authenticate();
+
+	/**
+	 * Whether user was successfuly authenticated.
+	 */
+	public function getIsAuthenticated();
+
+
+	/**
+	 * Redirect to the url. If url is null, {@link redirectUrl} will be used.
+	 *
+	 * @param string $url url to redirect.
+	 */
+	public function redirect($url = null);
+
+	/**
+	 * Redirect to the {@link cancelUrl} or simply close the popup window.
+	 */
+	public function cancel();
+
+
+	/**
+	 * Returns the user unique id.
+	 */
+	public function getId();
+
+	/**
+	 * Returns the array that contains all available authorization attributes.
+	 */
+	public function getAttributes();
+
+	/**
+	 * Returns the authorization attribute value.
+	 *
+	 * @param string $key the attribute name.
+	 * @param mixed $default the default value.
+	 */
+	public function getAttribute($key, $default = null);
+
+	/**
+	 * Whether the authorization attribute exists.
+	 *
+	 * @param string $key the attribute name.
+	 */
+	public function hasAttribute($key);
+
+}
 \ No newline at end of file
+<?php
+/**
+ * AuthRedirectWidget class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\modules\nodge\eauth\src\eauth;
+
+use \Yii;
+use yii\helpers\ArrayHelper;
+
+/**
+ * The EAuthRedirectWidget widget displays the redirect page after returning from provider.
+ *
+ * @package application.extensions.eauth
+ */
+class RedirectWidget extends Widget
+{
+
+	/**
+	 * @var mixed the widget mode. Default to "login".
+	 */
+	public $url = null;
+
+	/**
+	 * @var boolean whether to use redirect inside the popup window.
+	 */
+	public $redirect = true;
+
+	/**
+	 * @var string
+	 */
+	public $view = 'redirect';
+
+	/**
+	 * @var array
+	 */
+	public $params = [];
+
+	/**
+	 * Executes the widget.
+	 */
+	public function run()
+	{
+		echo $this->render($this->view,
+			ArrayHelper::merge([
+				'id' => $this->getId(),
+				'url' => $this->url,
+				'redirect' => $this->redirect,
+			], $this->params)
+		);
+	}
+}
+<?php
+/**
+ * ServiceBase class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\modules\nodge\eauth\src\eauth;
+
+use Yii;
+use yii\base\Object;
+use yii\helpers\Url;
+
+/**
+ * EAuthServiceBase is a base class for providers.
+ *
+ * @package application.extensions.eauth
+ */
+abstract class ServiceBase extends Object implements IAuthService
+{
+
+	/**
+	 * @var string the service name.
+	 */
+	protected $name;
+
+	/**
+	 *
+	 * @var string the service title to display in views.
+	 */
+	protected $title;
+
+	/**
+	 * @var string the service type (e.g. OpenID, OAuth).
+	 */
+	protected $type;
+
+	/**
+	 * @var array arguments for the jQuery.eauth() javascript function.
+	 */
+	protected $jsArguments = [];
+
+	/**
+	 * @var array authorization attributes.
+	 * @see getAttribute
+	 * @see getItem
+	 */
+	protected $attributes = [];
+
+	/**
+	 * @var boolean whether user was successfuly authenticated.
+	 * @see getIsAuthenticated
+	 */
+	protected $authenticated = false;
+
+	/**
+	 * @var boolean whether is attributes was fetched.
+	 */
+	private $fetched = false;
+
+	/**
+	 * @var EAuth the {@link EAuth} application component.
+	 */
+	private $component;
+
+	/**
+	 * @var string the redirect url after successful authorization.
+	 */
+	private $redirectUrl = '';
+
+	/**
+	 * @var string the redirect url after unsuccessful authorization (e.g. user canceled).
+	 */
+	private $cancelUrl = '';
+
+	/**
+	 * PHP getter magic method.
+	 * This method is overridden so that service attributes can be accessed like properties.
+	 *
+	 * @param string $name property name.
+	 * @return mixed property value.
+	 * @see getAttribute
+	 */
+	public function __get($name)
+	{
+		if ($this->hasAttribute($name)) {
+			return $this->getAttribute($name);
+		} else {
+			return parent::__get($name);
+		}
+	}
+
+	/**
+	 * Checks if a attribute value is null.
+	 * This method overrides the parent implementation by checking
+	 * if the attribute is null or not.
+	 *
+	 * @param string $name the attribute name.
+	 * @return boolean whether the attribute value is null.
+	 */
+	public function __isset($name)
+	{
+		if ($this->hasAttribute($name)) {
+			return true;
+		} else {
+			return parent::__isset($name);
+		}
+	}
+
+	/**
+	 * Initialize the component.
+	 * Sets the default {@link redirectUrl} and {@link cancelUrl}.
+	 */
+	public function init()
+	{
+		parent::init();
+
+		$this->setRedirectUrl(Yii::$app->getUser()->getReturnUrl());
+
+		$service = Yii::$app->getRequest()->getQueryParam('service');
+		$cancelUrl = Url::to(['', 'service' => $service], true);
+
+		$this->setCancelUrl($cancelUrl);
+	}
+
+	/**
+	 * Returns service name(id).
+	 *
+	 * @return string the service name(id).
+	 */
+	public function getServiceName()
+	{
+		return $this->name;
+	}
+
+	/**
+	 * Returns service title.
+	 *
+	 * @return string the service title.
+	 */
+	public function getServiceTitle()
+	{
+		return Yii::t('eauth', $this->title);
+	}
+
+	/**
+	 * Returns service type (e.g. OpenID, OAuth).
+	 *
+	 * @return string the service type (e.g. OpenID, OAuth).
+	 */
+	public function getServiceType()
+	{
+		return $this->type;
+	}
+
+	/**
+	 * Returns arguments for the jQuery.eauth() javascript function.
+	 *
+	 * @return array the arguments for the jQuery.eauth() javascript function.
+	 */
+	public function getJsArguments()
+	{
+		return $this->jsArguments;
+	}
+
+	/**
+	 * Sets {@link EAuth} application component
+	 *
+	 * @param EAuth $component the application auth component.
+	 */
+	public function setComponent($component)
+	{
+		$this->component = $component;
+	}
+
+	/**
+	 * Returns the {@link EAuth} application component.
+	 *
+	 * @return EAuth the {@link EAuth} application component.
+	 */
+	public function getComponent()
+	{
+		return $this->component;
+	}
+
+	/**
+	 * Sets redirect url after successful authorization.
+	 *
+	 * @param string $url to redirect.
+	 */
+	public function setRedirectUrl($url)
+	{
+		$this->redirectUrl = $url;
+	}
+
+	/**
+	 * @return string the redirect url after successful authorization.
+	 */
+	public function getRedirectUrl()
+	{
+		return $this->redirectUrl;
+	}
+
+	/**
+	 * Sets redirect url after unsuccessful authorization (e.g. user canceled).
+	 *
+	 * @param string $url
+	 */
+	public function setCancelUrl($url)
+	{
+		$this->cancelUrl = $url;
+	}
+
+	/**
+	 * @return string the redirect url after unsuccessful authorization (e.g. user canceled).
+	 */
+	public function getCancelUrl()
+	{
+		return $this->cancelUrl;
+	}
+
+	/**
+	 * @param string $title
+	 */
+	public function setTitle($title)
+	{
+		$this->title = $title;
+	}
+
+	/**
+	 * Authenticate the user.
+	 *
+	 * @return boolean whether user was successfuly authenticated.
+	 */
+	public function authenticate()
+	{
+		return $this->getIsAuthenticated();
+	}
+
+	/**
+	 * Whether user was successfuly authenticated.
+	 *
+	 * @return boolean whether user was successfuly authenticated.
+	 */
+	public function getIsAuthenticated()
+	{
+		return $this->authenticated;
+	}
+
+	/**
+	 * Redirect to the url. If url is null, {@link redirectUrl} will be used.
+	 *
+	 * @param string $url url to redirect.
+	 * @param array $params
+	 */
+	public function redirect($url = null, $params = [])
+	{
+		$this->component->redirect(isset($url) ? $url : $this->redirectUrl, true, $params);
+	}
+
+	/**
+	 * Redirect to the {@link cancelUrl} or simply close the popup window.
+	 */
+	public function cancel($url = null)
+	{
+		$this->component->redirect(isset($url) ? $url : $this->cancelUrl, !$this->component->popup);
+	}
+
+	/**
+	 * Fetch attributes array.
+	 *
+	 * @return boolean whether the attributes was successfully fetched.
+	 */
+	protected function fetchAttributes()
+	{
+		return true;
+	}
+
+	/**
+	 * Fetch attributes array.
+	 * This function is internally used to handle fetched state.
+	 */
+	protected function _fetchAttributes()
+	{
+		if (!$this->fetched) {
+			$this->fetched = true;
+			$result = $this->fetchAttributes();
+			if (isset($result)) {
+				$this->fetched = $result;
+			}
+		}
+	}
+
+	/**
+	 * Returns the user unique id.
+	 *
+	 * @return mixed the user id.
+	 */
+	public function getId()
+	{
+		$this->_fetchAttributes();
+		return $this->attributes['id'];
+	}
+
+	/**
+	 * Returns the array that contains all available authorization attributes.
+	 *
+	 * @return array the attributes.
+	 */
+	public function getAttributes()
+	{
+		$this->_fetchAttributes();
+		$attributes = [];
+		foreach ($this->attributes as $key => $val) {
+			$attributes[$key] = $this->getAttribute($key);
+		}
+		return $attributes;
+	}
+
+	/**
+	 * Returns the authorization attribute value.
+	 *
+	 * @param string $key the attribute name.
+	 * @param mixed $default the default value.
+	 * @return mixed the attribute value.
+	 */
+	public function getAttribute($key, $default = null)
+	{
+		$this->_fetchAttributes();
+		$getter = 'get' . $key;
+		if (method_exists($this, $getter)) {
+			return $this->$getter();
+		} else {
+			return isset($this->attributes[$key]) ? $this->attributes[$key] : $default;
+		}
+	}
+
+	/**
+	 * Whether the authorization attribute exists.
+	 *
+	 * @param string $key the attribute name.
+	 * @return boolean true if attribute exists, false otherwise.
+	 */
+	public function hasAttribute($key)
+	{
+		$this->_fetchAttributes();
+		return isset($this->attributes[$key]);
+	}
+
+	/**
+	 * @return bool
+	 */
+	public function getIsInsidePopup()
+	{
+		return isset($_GET['js']);
+	}
+}
+<?php
+/**
+ * Widget class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\modules\nodge\eauth\src\eauth;
+
+use Yii;
+
+/**
+ * The EAuthWidget widget prints buttons to authenticate user with OpenID and OAuth providers.
+ *
+ * @package application.extensions.eauth
+ */
+class Widget extends \yii\base\Widget
+{
+
+	/**
+	 * @var string EAuth component name.
+	 */
+	public $component = 'eauth';
+
+	/**
+	 * @var array the services.
+	 * @see EAuth::getServices()
+	 */
+	public $services = null;
+
+	/**
+	 * @var array predefined services. If null then use all services. Default is null.
+	 */
+	public $predefinedServices = null;
+
+	/**
+	 * @var boolean whether to use popup window for authorization dialog. Javascript required.
+	 */
+	public $popup = null;
+
+	/**
+	 * @var string the action to use for dialog destination. Default: the current route.
+	 */
+	public $action = null;
+
+	/**
+	 * @var boolean include the CSS file. Default is true.
+	 * If this is set false, you are responsible to explicitly include the necessary CSS file in your page.
+	 */
+	public $assetBundle = 'nodge\\eauth\\assets\\WidgetAssetBundle';
+
+	/**
+	 * Initializes the widget.
+	 * This method is called by {@link CBaseController::createWidget}
+	 * and {@link CBaseController::beginWidget} after the widget's
+	 * properties have been initialized.
+	 */
+	public function init()
+	{
+		parent::init();
+
+		// EAuth component
+		/** @var $component \nodge\eauth\EAuth */
+		$component = Yii::$app->get($this->component);
+
+		// Some default properties from component configuration
+		if (!isset($this->services)) {
+			$this->services = $component->getServices();
+		}
+
+		if (is_array($this->predefinedServices)) {
+			$_services = [];
+			foreach ($this->predefinedServices as $_serviceName) {
+				if (isset($this->services[$_serviceName])) {
+					$_services[$_serviceName] = $this->services[$_serviceName];
+				}
+			}
+			$this->services = $_services;
+		}
+
+		if (!isset($this->popup)) {
+			$this->popup = $component->popup;
+		}
+
+		// Set the current route, if it is not set.
+		if (!isset($this->action)) {
+			$this->action = '/' . Yii::$app->requestedRoute;
+		}
+	}
+
+	/**
+	 * Executes the widget.
+	 * This method is called by {@link CBaseController::endWidget}.
+	 */
+	public function run()
+	{
+		parent::run();
+		echo $this->render('widget', [
+			'id' => $this->getId(),
+			'services' => $this->services,
+			'action' => $this->action,
+			'popup' => $this->popup,
+			'assetBundle' => $this->assetBundle,
+		]);
+	}
+}
+<?php
+/**
+ * @link http://www.yiiframework.com/
+ * @copyright Copyright (c) 2008 Yii Software LLC
+ * @license http://www.yiiframework.com/license/
+ */
+
+namespace nodge\eauth\assets;
+
+use yii\web\AssetBundle;
+
+/**
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @since 2.0
+ */
+class WidgetAssetBundle extends AssetBundle
+{
+	public $sourcePath = '@eauth/assets';
+	public $css = [
+		'css/eauth.css',
+	];
+	public $js = [
+		'js/eauth.js',
+	];
+	public $depends = [
+		'yii\web\JqueryAsset',
+	];
+}
+
+.eauth {
+	overflow: hidden;
+}
+
+.eauth-list {
+	margin: -1em 0 0;
+	padding: 0;
+	list-style: none;
+}
+
+.eauth-service {
+	display: inline-block;
+	vertical-align: top;
+	margin: 1em 1em 0 0;
+}
+
+.eauth-service-link {
+	position: relative;
+	display: block;
+	width: 60px;
+	padding-top: 34px;
+	text-align: center;
+}
+
+.eauth-service-link:before,
+.eauth-service-link:after {
+	content: '';
+	position: absolute;
+	top: 0;
+	left: 50%;
+	width: 32px;
+	height: 32px;
+	margin-left: -16px;
+	background: url("../images/auth.png") 0 0 no-repeat;
+}
+
+.eauth-service-link:after {
+	display: none;
+}
+
+.eauth-service-link:hover:after {
+	display: block;
+}
+
+/* --- Services --- */
+
+.eauth-service-id-google_oauth .eauth-service-link:before {
+	background-position: 0 -34px;
+}
+
+.eauth-service-id-yandex_oauth .eauth-service-link:before {
+	background-position: 0 -102px;
+}
+
+.eauth-service-id-twitter .eauth-service-link:before {
+	background-position: 0 -68px;
+}
+
+.eauth-service-id-vkontakte .eauth-service-link:before {
+	background-position: 0 -136px;
+}
+
+.eauth-service-id-facebook .eauth-service-link:before {
+	background-position: 0 -170px;
+}
+
+.eauth-service-id-mailru .eauth-service-link:before {
+	background-position: 0 -204px;
+}
+
+.eauth-service-id-moikrug .eauth-service-link:before {
+	background-position: 0 -238px;
+}
+
+.eauth-service-id-odnoklassniki .eauth-service-link:before {
+	background-position: 0 -272px;
+}
+
+.eauth-service-id-linkedin .eauth-service-link:before,
+.eauth-service-id-linkedin_oauth2 .eauth-service-link:before {
+	background-position: 0 -306px;
+}
+
+.eauth-service-id-github .eauth-service-link:before {
+	background-position: 0 -340px;
+}
+
+.eauth-service-id-live .eauth-service-link:before {
+	background-position: 0 -372px;
+}
+
+.eauth-service-id-yahoo .eauth-service-link:before {
+	background-position: 0 -406px;
+}
+
+.eauth-service-id-steam .eauth-service-link:before {
+	background-position: 0 -440px;
+}
+
+.eauth-service-id-instagram .eauth-service-link:before {
+	background-position: 0 -474px;
+}
 \ No newline at end of file
+/*
+ * Yii EAuth extension.
+ * @author Maxim Zemskov
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+(function ($) {
+	var popup,
+		defaults = {
+			popup: {
+				width: 450,
+				height: 380
+			}
+		};
+
+	function openPopup(options) {
+		if (popup != null)
+			popup.close();
+
+		var redirect_uri,
+			url = redirect_uri = options.url;
+
+		url += url.indexOf('?') >= 0 ? '&' : '?';
+		if (url.indexOf('redirect_uri=') === -1)
+			url += 'redirect_uri=' + encodeURIComponent(redirect_uri) + '&';
+		url += 'js=';
+
+		var centerWidth = (window.screen.width - options.popup.width) / 2,
+			centerHeight = (window.screen.height - options.popup.height) / 2;
+
+		popup = window.open(url, "yii_eauth_popup", "width=" + options.popup.width + ",height=" + options.popup.height + ",left=" + centerWidth + ",top=" + centerHeight + ",resizable=yes,scrollbars=no,toolbar=no,menubar=no,location=no,directories=no,status=yes");
+		popup.focus();
+	}
+
+	$.fn.eauth = function (services) {
+		$(this).on('click', '[data-eauth-service]', function (e) {
+			e.preventDefault();
+
+			var service = $(this).data('eauthService'),
+				options = $.extend({
+					url: this.href
+				}, defaults, services[service]);
+
+			openPopup(options);
+		});
+	};
+})(jQuery);
+<?php
+
+return [
+	'Undefined service name: {service}.' => '{service}',
+	'Invalid response http code: {code}.' => '{code}',
+	'Invalid response format.' => '',
+	'Unable to complete the authentication because the required data was not received.' => '{provider}',
+	'Unable to complete the request because the user was not authenticated.' => '',
+
+	'Redirecting back to the application...' => '',
+	'Click here to return to the application.' => '',
+
+	'Google' => 'Google',
+	'Twitter' => 'Twitter',
+	'Yandex' => 'Yandex',
+	'VK.com' => 'VK.com',
+	'Facebook' => 'Facebook',
+	'Mail.ru' => 'Mail.ru',
+	'Moikrug.ru' => 'Moikrug.ru',
+	'Odnoklassniki' => 'Odnoklassniki',
+	'LinkedIn' => 'LinkedIn',
+	'GitHub' => 'GitHub',
+];
 \ No newline at end of file
+<?php
+
+return [
+	'Undefined service name: {service}.' => 'Undefinierter Servicename: {service}',
+	'Invalid response http code: {code}.' => 'Ungültiger HTTP Code: {code}',
+	'Invalid response format.' => 'Ungültiges Antwortformat.',
+	'Unable to complete the authentication because the required data was not received.' => 'Die Authentifizierung konnte nicht durchgeführt werden, da keine Daten empfangen wurden.',
+	'Unable to complete the request because the user was not authenticated.' => 'Die Anfrage konnte nicht durchgeführt werden, da der Nutzer nicht authentifiziert war.',
+
+	'Redirecting back to the application...' => 'Weiterleitung zur Applikation...',
+	'Click here to return to the application.' => 'Klicke hier um zur Applikation zurückzukehren',
+
+	'Google' => 'Google',
+	'Twitter' => 'Twitter',
+	'Yandex' => 'Yandex',
+	'VK.com' => 'VK.com',
+	'Facebook' => 'Facebook',
+	'Mail.ru' => 'Mail.ru',
+	'Moikrug.ru' => 'Moikrug.ru',
+	'Odnoklassniki' => 'Odnoklassniki',
+	'LinkedIn' => 'LinkedIn',
+	'GitHub' => 'GitHub',
+];
 \ No newline at end of file
+<?php
+
+return [
+	'Undefined service name: {service}.' => 'Undefined service name: {service}.',
+	'Invalid response http code: {code}.' => 'Invalid response http code: {code}.',
+	'Invalid response format.' => 'Invalid response format.',
+	'Unable to complete the authentication because the required data was not received.' => 'Unable to complete the authentication because the required data was not received.',
+	'Unable to complete the request because the user was not authenticated.' => 'Unable to complete the request because the user was not authenticated.',
+
+	'Redirecting back to the application...' => 'Redirecting back to the application...',
+	'Click here to return to the application.' => 'Click here to return to the application.',
+
+	'Google' => 'Google',
+	'Twitter' => 'Twitter',
+	'Yandex' => 'Yandex',
+	'VK.com' => 'VK.com',
+	'Facebook' => 'Facebook',
+	'Mail.ru' => 'Mail.ru',
+	'Moikrug.ru' => 'Moikrug.ru',
+	'Odnoklassniki' => 'Odnoklassniki',
+	'LinkedIn' => 'LinkedIn',
+	'GitHub' => 'GitHub',
+];
 \ No newline at end of file
+<?php
+
+return [
+	'Undefined service name: {service}.' => 'Авторизация с помощью {service} не поддерживается.',
+	'Invalid response http code: {code}.' => 'Неверный ответ от сервера авторизации: {code}.',
+	'Invalid response format.' => 'Сервер авторизации вернул данные в неправильном формате.',
+	'Unable to complete the authentication because the required data was not received.' => 'Невозможно завершить авторизацию пользователя, потому что {provider} не передает необходимую информацию.',
+	'Unable to complete the request because the user was not authenticated.' => 'Невозможно выполнить защищенный запрос, потому что пользователь не был авторизован.',
+
+	'Redirecting back to the application...' => 'Перенаправление обратно в приложение...',
+	'Click here to return to the application.' => 'Нажмите сюда чтобы вернуться обратно в приложение.',
+
+	'Google' => 'Google',
+	'Twitter' => 'Twitter',
+	'Yandex' => 'Яндекс',
+	'VK.com' => 'ВКонтакте',
+	'Facebook' => 'Facebook',
+	'Mail.ru' => 'Mail.ru',
+	'Moikrug.ru' => 'Мой круг',
+	'Odnoklassniki' => 'Одноклассники',
+	'LinkedIn' => 'LinkedIn',
+	'GitHub' => 'GitHub',
+];
 \ No newline at end of file
+<?php
+
+return [
+	'Undefined service name: {service}.' => 'Авторизація за допомогою {service} не підтримується.',
+	'Invalid response http code: {code}.' => 'Невірна відповідь від сервера авторизації: {code}.',
+	'Invalid response format.' => 'Сервер авторизації повернув данні в невірному форматі.',
+	'Unable to complete the authentication because the required data was not received.' => 'Неможливо завершити авторизацію користувача, так як {provider} не передає необхідну інформацію.',
+	'Unable to complete the request because the user was not authenticated.' => 'Неможливо виконати захищений запит, так як користувач не був авторизований.',
+
+	'Redirecting back to the application...' => 'Redirecting back to the application...',
+	'Click here to return to the application.' => 'Click here to return to the application.',
+
+	'Google' => 'Google',
+	'Twitter' => 'Twitter',
+	'Yandex' => 'Яндекс',
+	'VK.com' => 'ВКонтакте',
+	'Facebook' => 'Facebook',
+	'Mail.ru' => 'Mail.ru',
+	'Moikrug.ru' => 'Мой круг',
+	'Odnoklassniki' => 'Одноклассники',
+	'LinkedIn' => 'LinkedIn',
+	'GitHub' => 'GitHub',
+];
+<?php
+/**
+ * HttpClient class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\oauth;
+
+use Yii;
+use OAuth\Common\Http\Client\AbstractClient;
+use OAuth\Common\Http\Exception\TokenResponseException;
+use OAuth\Common\Http\Uri\UriInterface;
+
+/**
+ * Client implementation for cURL
+ */
+class HttpClient extends AbstractClient
+{
+
+	/**
+	 *  If true, explicitly sets cURL to use SSL version 3. Use this if cURL
+	 *  compiles with GnuTLS SSL.
+	 *
+	 * @var bool
+	 */
+	protected $forceSSL3 = false;
+
+	/**
+	 * If true and you are working in safe_mode environment or inside open_basedir
+	 * it will use streams instead of curl.
+	 *
+	 * @var bool
+	 */
+	protected $useStreamsFallback = false;
+
+	/**
+	 * @var UriInterface
+	 */
+	protected $endpoint;
+
+	/**
+	 * @var mixed
+	 */
+	protected $requestBody;
+
+	/**
+	 * @var array
+	 */
+	protected $extraHeaders = [];
+
+	/**
+	 * @var string
+	 */
+	protected $method = 'POST';
+
+	/**
+	 * @param bool $force
+	 */
+	public function setForceSSL3($force)
+	{
+		$this->forceSSL3 = $force;
+	}
+
+	/**
+	 * @return boolean
+	 */
+	public function getForceSSL3()
+	{
+		return $this->forceSSL3;
+	}
+
+	/**
+	 * @param bool $useStreamsFallback
+	 */
+	public function setUseStreamsFallback($useStreamsFallback)
+	{
+		$this->useStreamsFallback = $useStreamsFallback;
+	}
+
+	/**
+	 * @return bool
+	 */
+	public function getUseStreamsFallback()
+	{
+		return $this->useStreamsFallback;
+	}
+
+	/**
+	 * Any implementing HTTP providers should send a request to the provided endpoint with the parameters.
+	 * They should return, in string form, the response body and throw an exception on error.
+	 *
+	 * @param UriInterface $endpoint
+	 * @param mixed $requestBody
+	 * @param array $extraHeaders
+	 * @param string $method
+	 * @return string
+	 */
+	public function retrieveResponse(UriInterface $endpoint, $requestBody, array $extraHeaders = [], $method = 'POST')
+	{
+		$this->endpoint = $endpoint;
+		$this->requestBody = $requestBody;
+		$this->extraHeaders = $extraHeaders;
+		$this->method = $method;
+
+		if ($this->useStreamsFallback && !$this->allowFollowLocation()) {
+			return $this->streams();
+		}
+
+		return $this->curl();
+	}
+
+	/**
+	 * @return bool
+	 */
+	protected function allowFollowLocation()
+	{
+		return !ini_get('safe_mode') && !ini_get('open_basedir');
+	}
+
+	/**
+	 *
+	 */
+	protected function prepareRequest()
+	{
+		$this->method = strtoupper($this->method);
+		$this->normalizeHeaders($this->extraHeaders);
+
+		if ($this->method === 'GET' && !empty($this->requestBody)) {
+			throw new \InvalidArgumentException('No body expected for "GET" request.');
+		}
+
+		if (!isset($this->extraHeaders['Content-type']) && $this->method === 'POST' && is_array($this->requestBody)) {
+			$this->extraHeaders['Content-type'] = 'Content-type: application/x-www-form-urlencoded';
+		}
+
+		// Some of services requires User-Agent header (e.g. GitHub)
+		if (!isset($this->extraHeaders['User-Agent'])) {
+			$this->extraHeaders['User-Agent'] = 'User-Agent: yii2-eauth';
+		}
+
+		$this->extraHeaders['Host'] = 'Host: ' . $this->endpoint->getHost();
+		$this->extraHeaders['Connection'] = 'Connection: close';
+
+		if (YII_DEBUG) {
+			Yii::trace('EAuth http request: ' . PHP_EOL . var_export([
+					'url' => $this->endpoint->getAbsoluteUri(),
+					'method' => $this->method,
+					'headers' => $this->extraHeaders,
+					'body' => $this->requestBody,
+				], true), __NAMESPACE__);
+		}
+
+		if (is_array($this->requestBody)) {
+			$this->requestBody = http_build_query($this->requestBody, null, '&');
+		}
+	}
+
+	/**
+	 * @return string
+	 * @throws TokenResponseException
+	 */
+	protected function curl()
+	{
+		$this->prepareRequest();
+
+		$ch = curl_init();
+		curl_setopt($ch, CURLOPT_URL, $this->endpoint->getAbsoluteUri());
+		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+
+		if ($this->method === 'POST' || $this->method === 'PUT') {
+			if ($this->method === 'PUT') {
+				curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT');
+			} else {
+				curl_setopt($ch, CURLOPT_POST, true);
+			}
+			curl_setopt($ch, CURLOPT_POSTFIELDS, $this->requestBody);
+		} else {
+			curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $this->method);
+		}
+
+		if ($this->allowFollowLocation() && $this->maxRedirects > 0) {
+			curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+			curl_setopt($ch, CURLOPT_MAXREDIRS, $this->maxRedirects);
+		}
+
+		curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+		curl_setopt($ch, CURLOPT_HEADER, false);
+		curl_setopt($ch, CURLOPT_HTTPHEADER, $this->extraHeaders);
+
+		if ($this->forceSSL3) {
+			curl_setopt($ch, CURLOPT_SSLVERSION, 3);
+		}
+
+		$response = curl_exec($ch);
+		$responseCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+
+		if (YII_DEBUG) {
+			Yii::trace('EAuth http response: ' . PHP_EOL . var_export($response, true), __NAMESPACE__);
+		}
+
+		if (false === $response) {
+			$errNo = curl_errno($ch);
+			$errStr = curl_error($ch);
+			curl_close($ch);
+
+			if (empty($errStr)) {
+				$errStr = 'Failed to request resource.';
+			} else {
+				$errStr = 'cURL Error # ' . $errNo . ': ' . $errStr;
+			}
+
+			Yii::error('EAuth curl error (' . $responseCode . '): ' . $errStr, __NAMESPACE__);
+			throw new TokenResponseException($errStr, $responseCode);
+		}
+
+		curl_close($ch);
+
+		return $response;
+	}
+
+	/**
+	 * @return string
+	 * @throws TokenResponseException
+	 */
+	protected function streams()
+	{
+		$this->prepareRequest();
+
+		$context = stream_context_create([
+			'http' => [
+				'method' => $this->method,
+				'header' => array_values($this->extraHeaders),
+				'content' => $this->requestBody,
+				'protocol_version' => '1.1',
+				'user_agent' => 'Yii2 EAuth Client',
+				'max_redirects' => $this->maxRedirects,
+				'timeout' => $this->timeout,
+			],
+		]);
+
+		$level = error_reporting(0);
+		$response = file_get_contents($this->endpoint->getAbsoluteUri(), false, $context);
+		error_reporting($level);
+
+		if (YII_DEBUG) {
+			Yii::trace('EAuth http response: ' . PHP_EOL . var_export($response, true), __NAMESPACE__);
+		}
+
+		if (false === $response) {
+			$lastError = error_get_last();
+
+			if (is_null($lastError)) {
+				$errStr = 'Failed to request resource.';
+			} else {
+				$errStr = $lastError['message'];
+			}
+
+			Yii::error('EAuth streams error: ' . $errStr, __NAMESPACE__);
+			throw new TokenResponseException($errStr);
+		}
+
+		return $response;
+	}
+
+}
+<?php
+/**
+ * OAuthService class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\oauth;
+
+use Yii;
+use OAuth\Common\Http\Uri\Uri;
+use OAuth\Common\Http\Client\ClientInterface;
+use OAuth\Common\Token\TokenInterface;
+use OAuth\Common\Storage\TokenStorageInterface;
+use nodge\eauth\EAuth;
+use nodge\eauth\IAuthService;
+use nodge\eauth\ErrorException;
+use yii\helpers\ArrayHelper;
+use yii\helpers\Url;
+
+/**
+ * EOAuthService is a base class for all OAuth providers.
+ *
+ * @package application.extensions.eauth
+ */
+abstract class ServiceBase extends \nodge\eauth\ServiceBase implements IAuthService
+{
+
+	/**
+	 * @var string Base url for API calls.
+	 */
+	protected $baseApiUrl;
+
+	/**
+	 * @var int Default token lifetime. Used when service wont provide expires_in param.
+	 */
+	protected $tokenDefaultLifetime = null;
+
+	/**
+	 * @var array TokenStorage class. Null means default value from EAuth component config.
+	 */
+	protected $tokenStorage;
+
+	/**
+	 * @var array HttpClient class. Null means default value from EAuth component config.
+	 */
+	protected $httpClient;
+
+	/**
+	 * @var TokenStorageInterface
+	 */
+	private $_tokenStorage;
+
+	/**
+	 * @var ClientInterface
+	 */
+	private $_httpClient;
+
+	/**
+	 * Initialize the component.
+	 *
+	 * @param EAuth $component the component instance.
+	 * @param array $options properties initialization.
+	 */
+//	public function init($component, $options = []) {
+//		parent::init($component, $options);
+//	}
+
+	/**
+	 * For OAuth we can check existing access token.
+	 * Useful for API calls.
+	 *
+	 * @return bool
+	 * @throws ErrorException
+	 */
+	public function getIsAuthenticated()
+	{
+		if (!$this->authenticated) {
+			try {
+				$proxy = $this->getProxy();
+				$this->authenticated = $proxy->hasValidAccessToken();
+			} catch (\OAuth\Common\Exception\Exception $e) {
+				throw new ErrorException($e->getMessage(), $e->getCode(), 1, $e->getFile(), $e->getLine(), $e);
+			}
+		}
+		return parent::getIsAuthenticated();
+	}
+
+	/**
+	 * @return \nodge\eauth\oauth1\ServiceProxy|\nodge\eauth\oauth2\ServiceProxy
+	 */
+	abstract protected function getProxy();
+
+	/**
+	 * @return string the current url
+	 */
+	protected function getCallbackUrl()
+	{
+		return Url::to('', true);
+	}
+
+	/**
+	 * @param array $config
+	 */
+	public function setTokenStorage(array $config)
+	{
+		$this->tokenStorage = ArrayHelper::merge($this->tokenStorage, $config);
+	}
+
+	/**
+	 * @return TokenStorageInterface
+	 */
+	protected function getTokenStorage()
+	{
+		if (!isset($this->_tokenStorage)) {
+			$config = $this->tokenStorage;
+			if (!isset($config)) {
+				$config = $this->getComponent()->getTokenStorage();
+			}
+			$this->_tokenStorage = Yii::createObject($config);
+		}
+		return $this->_tokenStorage;
+	}
+
+	/**
+	 * @param array $config
+	 */
+	public function setHttpClient(array $config)
+	{
+		$this->httpClient = ArrayHelper::merge($this->httpClient, $config);
+	}
+
+	/**
+	 * @return ClientInterface
+	 */
+	protected function getHttpClient()
+	{
+		if (!isset($this->_httpClient)) {
+			$config = $this->httpClient;
+			if (!isset($config)) {
+				$config = $this->getComponent()->getHttpClient();
+			}
+			$this->_httpClient = Yii::createObject($config);
+		}
+		return $this->_httpClient;
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getTokenDefaultLifetime()
+	{
+		return $this->tokenDefaultLifetime;
+	}
+
+	/**
+	 * Returns the protected resource.
+	 *
+	 * @param string $url url to request.
+	 * @param array $options HTTP request options. Keys: query, data, headers.
+	 * @param boolean $parseResponse Whether to parse response.
+	 * @return mixed the response.
+	 * @throws ErrorException
+	 */
+	public function makeSignedRequest($url, $options = [], $parseResponse = true)
+	{
+		if (!$this->getIsAuthenticated()) {
+			throw new ErrorException(Yii::t('eauth', 'Unable to complete the signed request because the user was not authenticated.'), 401);
+		}
+
+		if (stripos($url, 'http') !== 0) {
+			$url = $this->baseApiUrl . $url;
+		}
+
+		$url = new Uri($url);
+		if (isset($options['query'])) {
+			foreach ($options['query'] as $key => $value) {
+				$url->addToQuery($key, $value);
+			}
+		}
+
+		$data = isset($options['data']) ? $options['data'] : [];
+		$method = !empty($data) ? 'POST' : 'GET';
+		$headers = isset($options['headers']) ? $options['headers'] : [];
+
+		$response = $this->getProxy()->request($url, $method, $data, $headers);
+
+		if ($parseResponse) {
+			$response = $this->parseResponseInternal($response);
+		}
+
+		return $response;
+	}
+
+	/**
+	 * Returns the public resource.
+	 *
+	 * @param string $url url to request.
+	 * @param array $options HTTP request options. Keys: query, data, headers.
+	 * @param boolean $parseResponse Whether to parse response.
+	 * @return mixed the response.
+	 */
+	public function makeRequest($url, $options = [], $parseResponse = true) {
+		if (stripos($url, 'http') !== 0) {
+			$url = $this->baseApiUrl . $url;
+		}
+
+		$url = new Uri($url);
+		if (isset($options['query'])) {
+			foreach ($options['query'] as $key => $value) {
+				$url->addToQuery($key, $value);
+			}
+		}
+
+		$data = isset($options['data']) ? $options['data'] : [];
+		$method = !empty($data) ? 'POST' : 'GET';
+
+		$headers = isset($options['headers']) ? $options['headers'] : [];
+		$headers = array_merge($this->getProxy()->getExtraApiHeaders(), $headers);
+
+		$response = $this->getHttpClient()->retrieveResponse($url, $data, $headers, $method);
+		if ($parseResponse) {
+			$response = $this->parseResponseInternal($response);
+		}
+
+		return $response;
+	}
+
+	/**
+	 * Parse response and check for errors.
+	 *
+	 * @param string $response
+	 * @return mixed
+	 * @throws ErrorException
+	 */
+	protected function parseResponseInternal($response)
+	{
+		try {
+			$result = $this->parseResponse($response);
+			if (!isset($result)) {
+				throw new ErrorException(Yii::t('eauth', 'Invalid response format.'), 500);
+			}
+
+			$error = $this->fetchResponseError($result);
+			if (isset($error) && !empty($error['message'])) {
+				throw new ErrorException($error['message'], $error['code']);
+			}
+
+			return $result;
+		} catch (\Exception $e) {
+			throw new ErrorException($e->getMessage(), $e->getCode());
+		}
+	}
+
+	/**
+	 * @param string $response
+	 * @return mixed
+	 */
+	protected function parseResponse($response)
+	{
+		return json_decode($response, true);
+	}
+
+	/**
+	 * Returns the error array.
+	 *
+	 * @param array $response
+	 * @return array the error array with 2 keys: code and message. Should be null if no errors.
+	 */
+	protected function fetchResponseError($response)
+	{
+		if (isset($response['error'])) {
+			return [
+				'code' => 500,
+				'message' => 'Unknown error occurred.',
+			];
+		}
+		return null;
+	}
+
+	/**
+	 * @return array|null An array with valid access_token information.
+	 */
+	protected function getAccessTokenData()
+	{
+		if (!$this->getIsAuthenticated()) {
+			return null;
+		}
+
+		$token = $this->getProxy()->getAccessToken();
+		if (!isset($token)) {
+			return null;
+		}
+
+		return [
+			'access_token' => $token->getAccessToken(),
+			'refresh_token' => $token->getRefreshToken(),
+			'expires' => $token->getEndOfLife(),
+			'params' => $token->getExtraParams(),
+		];
+	}
+
+	/**
+	 * @param array $data
+	 * @return string|null
+	 */
+	public function getAccessTokenResponseError($data)
+	{
+		return isset($data['error']) ? $data['error'] : null;
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * SessionTokenStorage class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\oauth;
+
+use Yii;
+use OAuth\Common\Storage\TokenStorageInterface;
+use OAuth\Common\Token\TokenInterface;
+use OAuth\Common\Storage\Exception\TokenNotFoundException;
+use OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException;
+
+/**
+ * Stores a token in a PHP session.
+ */
+class SessionTokenStorage implements TokenStorageInterface
+{
+
+	const SESSION_TOKEN_PREFIX = 'eauth-token-';
+	const SESSION_STATE_PREFIX = 'eauth-state-';
+
+	/**
+	 * @var
+	 */
+	protected $componentName;
+
+	/**
+	 * @param string $componentName
+	 */
+	public function __construct($componentName = 'session')
+	{
+		$this->componentName = $componentName;
+	}
+
+	/**
+	 * @return null|object
+	 */
+	protected function getSession()
+	{
+		return Yii::$app->get($this->componentName);
+	}
+
+	/**
+	 * @param string $service
+	 * @return TokenInterface
+	 * @throws TokenNotFoundException
+	 */
+	public function retrieveAccessToken($service)
+	{
+		if ($this->hasAccessToken($service)) {
+			return $this->getSession()->get(self::SESSION_TOKEN_PREFIX . $service);
+		}
+		throw new TokenNotFoundException('Token not found in session, are you sure you stored it?');
+	}
+
+	/**
+	 * @param string $service
+	 * @param TokenInterface $token
+	 * @return TokenInterface
+	 */
+	public function storeAccessToken($service, TokenInterface $token)
+	{
+		$this->getSession()->set(self::SESSION_TOKEN_PREFIX . $service, $token);
+		return $token;
+	}
+
+	/**
+	 * @param string $service
+	 * @return bool
+	 */
+	public function hasAccessToken($service)
+	{
+		return $this->getSession()->has(self::SESSION_TOKEN_PREFIX . $service);
+	}
+
+	/**
+	 * Delete the users token. Aka, log out.
+	 *
+	 * @param string $service
+	 * @return TokenStorageInterface
+	 */
+	public function clearToken($service)
+	{
+		$this->getSession()->remove(self::SESSION_TOKEN_PREFIX . $service);
+		return $this;
+	}
+
+	/**
+	 * Delete *ALL* user tokens.
+	 *
+	 * @return TokenStorageInterface
+	 */
+	public function clearAllTokens()
+	{
+		$session = $this->getSession();
+		foreach ($session as $key => $value) {
+			if (strpos($key, self::SESSION_TOKEN_PREFIX) === 0) {
+				$session->remove($key);
+			}
+		}
+		return $this;
+	}
+
+	/**
+	 * Store the authorization state related to a given service
+	 *
+	 * @param string $service
+	 * @param string $state
+	 * @return TokenStorageInterface
+	 */
+	public function storeAuthorizationState($service, $state)
+	{
+		$this->getSession()->set(self::SESSION_STATE_PREFIX . $service, $state);
+		return $this;
+	}
+
+	/**
+	 * Check if an authorization state for a given service exists
+	 *
+	 * @param string $service
+	 * @return bool
+	 */
+	public function hasAuthorizationState($service)
+	{
+		return $this->getSession()->has(self::SESSION_STATE_PREFIX . $service);
+	}
+
+	/**
+	 * Retrieve the authorization state for a given service
+	 *
+	 * @param string $service
+	 * @return string
+	 * @throws AuthorizationStateNotFoundException
+	 */
+	public function retrieveAuthorizationState($service)
+	{
+		if ($this->hasAuthorizationState($service)) {
+			return $this->getSession()->get(self::SESSION_STATE_PREFIX . $service);
+		}
+		throw new AuthorizationStateNotFoundException('State not found in session, are you sure you stored it?');
+	}
+
+	/**
+	 * Clear the authorization state of a given service
+	 *
+	 * @param string $service
+	 * @return TokenStorageInterface
+	 */
+	public function clearAuthorizationState($service)
+	{
+		$this->getSession()->remove(self::SESSION_STATE_PREFIX . $service);
+		return $this;
+	}
+
+	/**
+	 * Delete *ALL* user authorization states. Use with care. Most of the time you will likely
+	 * want to use clearAuthorizationState() instead.
+	 *
+	 * @return TokenStorageInterface
+	 */
+	public function clearAllAuthorizationStates()
+	{
+		$session = $this->getSession();
+		foreach ($session as $key => $value) {
+			if (strpos($key, self::SESSION_STATE_PREFIX) === 0) {
+				$session->remove($key);
+			}
+		}
+		return $this;
+	}
+
+}
+<?php
+/**
+ * OAuth1 Service class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\oauth1;
+
+use Yii;
+use OAuth\Common\Exception\Exception as OAuthException;
+use OAuth\Common\Http\Uri\Uri;
+use OAuth\Common\Consumer\Credentials;
+use OAuth\OAuth1\Signature\Signature;
+use nodge\eauth\EAuth;
+use nodge\eauth\ErrorException;
+use nodge\eauth\IAuthService;
+use nodge\eauth\oauth\ServiceBase;
+
+/**
+ * EOAuthService is a base class for all OAuth providers.
+ *
+ * @package application.extensions.eauth
+ */
+abstract class Service extends ServiceBase implements IAuthService
+{
+
+	/**
+	 * @var string OAuth2 client id.
+	 */
+	protected $key;
+
+	/**
+	 * @var string OAuth2 client secret key.
+	 */
+	protected $secret;
+
+	/**
+	 * @var array Provider options. Must contain the keys: request, authorize, access.
+	 */
+	protected $providerOptions = [
+		'request' => '',
+		'authorize' => '',
+		'access' => '',
+	];
+
+	/**
+	 * @var ServiceProxy
+	 */
+	private $_proxy;
+
+	/**
+	 * Initialize the component.
+	 *
+	 * @param EAuth $component the component instance.
+	 * @param array $options properties initialization.
+	 */
+//	public function init($component, $options = []) {
+//		parent::init($component, $options);
+//	}
+
+	/**
+	 * @param string $key
+	 */
+	public function setKey($key)
+	{
+		$this->key = $key;
+	}
+
+	/**
+	 * @param string $secret
+	 */
+	public function setSecret($secret)
+	{
+		$this->secret = $secret;
+	}
+
+	/**
+	 * @return ServiceProxy
+	 */
+	protected function getProxy()
+	{
+		if (!isset($this->_proxy)) {
+			$storage = $this->getTokenStorage();
+			$httpClient = $this->getHttpClient();
+			$credentials = new Credentials($this->key, $this->secret, $this->getCallbackUrl());
+			$signature = new Signature($credentials);
+			$this->_proxy = new ServiceProxy($credentials, $httpClient, $storage, $signature, null, $this);
+		}
+		return $this->_proxy;
+	}
+
+	/**
+	 * Authenticate the user.
+	 *
+	 * @return boolean whether user was successfuly authenticated.
+	 * @throws ErrorException
+	 */
+	public function authenticate()
+	{
+		try {
+			$proxy = $this->getProxy();
+
+			if (!empty($_GET['oauth_token'])) {
+				$token = $proxy->retrieveAccessToken();
+
+				// This was a callback request, get the token now
+				$proxy->requestAccessToken($_GET['oauth_token'], $_GET['oauth_verifier'], $token->getRequestTokenSecret());
+
+				$this->authenticated = true;
+			} else if ($proxy->hasValidAccessToken()) {
+				$this->authenticated = true;
+			} else {
+				// extra request needed for oauth1 to request a request token :-)
+				$token = $proxy->requestRequestToken();
+				/** @var $url Uri */
+				$url = $proxy->getAuthorizationUri(['oauth_token' => $token->getRequestToken()]);
+				Yii::$app->getResponse()->redirect($url->getAbsoluteUri())->send();
+			}
+		} catch (OAuthException $e) {
+			throw new ErrorException($e->getMessage(), $e->getCode(), 1, $e->getFile(), $e->getLine(), $e);
+		}
+
+		return $this->getIsAuthenticated();
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getRequestTokenEndpoint()
+	{
+		return $this->providerOptions['request'];
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getAuthorizationEndpoint()
+	{
+		return $this->providerOptions['authorize'];
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getAccessTokenEndpoint()
+	{
+		return $this->providerOptions['access'];
+	}
+
+	/**
+	 * @return array
+	 */
+	public function getAccessTokenArgumentNames()
+	{
+		return [
+			'oauth_token' => 'oauth_token',
+			'oauth_token_secret' => 'oauth_token_secret',
+			'oauth_expires_in' => 'oauth_expires_in',
+		];
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * OAuth1 ServiceProxy class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\oauth1;
+
+use OAuth\Common\Consumer\CredentialsInterface;
+use OAuth\Common\Http\Client\ClientInterface;
+use OAuth\Common\Http\Exception\TokenResponseException;
+use OAuth\Common\Http\Uri\Uri;
+use OAuth\Common\Http\Uri\UriInterface;
+use OAuth\Common\Storage\TokenStorageInterface;
+use OAuth\Common\Token\TokenInterface;
+use OAuth\OAuth1\Service\AbstractService;
+use OAuth\OAuth1\Signature\SignatureInterface;
+use OAuth\OAuth1\Token\StdOAuth1Token;
+
+class ServiceProxy extends AbstractService
+{
+
+	/**
+	 * @var Service the currently used service class
+	 */
+	protected $service;
+
+	/**
+	 * {@inheritDoc}
+	 */
+	public function __construct(
+		CredentialsInterface $credentials,
+		ClientInterface $httpClient,
+		TokenStorageInterface $storage,
+		SignatureInterface $signature,
+		UriInterface $baseApiUri = null,
+		Service $service
+	)
+	{
+		$this->service = $service;
+		parent::__construct($credentials, $httpClient, $storage, $signature, $baseApiUri);
+	}
+
+	/**
+	 * @return string
+	 */
+	public function service()
+	{
+		return $this->service->getServiceName();
+	}
+
+	/**
+	 * @return StdOAuth1Token
+	 */
+	public function retrieveAccessToken()
+	{
+		return $this->storage->retrieveAccessToken($this->service());
+	}
+
+	/**
+	 *
+	 */
+	public function hasValidAccessToken()
+	{
+		$serviceName = $this->service();
+
+		if (!$this->storage->hasAccessToken($serviceName)) {
+			return false;
+		}
+
+		/** @var $token StdOAuth1Token */
+		$token = $this->storage->retrieveAccessToken($serviceName);
+
+		$params = $token->getExtraParams();
+		if (isset($params['is_request_token'])) {
+			return false;
+		}
+
+		return $this->checkTokenLifetime($token);
+	}
+
+	/**
+	 * @param TokenInterface $token
+	 * @return bool
+	 */
+	protected function checkTokenLifetime($token)
+	{
+		// assume that we have at least a minute to execute a queries.
+		return $token->getEndOfLife() - 60 > time()
+			|| $token->getEndOfLife() === TokenInterface::EOL_NEVER_EXPIRES
+			|| $token->getEndOfLife() === TokenInterface::EOL_UNKNOWN;
+	}
+
+	/**
+	 * @return null|TokenInterface
+	 */
+	public function getAccessToken()
+	{
+		if (!$this->hasValidAccessToken()) {
+			return null;
+		}
+
+		$serviceName = $this->service();
+		return $this->storage->retrieveAccessToken($serviceName);
+	}
+
+	/**
+	 * @return UriInterface
+	 */
+	public function getRequestTokenEndpoint()
+	{
+		return new Uri($this->service->getRequestTokenEndpoint());
+	}
+
+	/**
+	 * @return UriInterface
+	 */
+	public function getAuthorizationEndpoint()
+	{
+		return new Uri($this->service->getAuthorizationEndpoint());
+	}
+
+	/**
+	 * @return UriInterface
+	 */
+	public function getAccessTokenEndpoint()
+	{
+		return new Uri($this->service->getAccessTokenEndpoint());
+	}
+
+	/**
+	 * We need a separate request token parser only to verify the `oauth_callback_confirmed` parameter. For the actual
+	 * parsing we can just use the default access token parser.
+	 *
+	 * @param string $responseBody
+	 * @return StdOAuth1Token
+	 * @throws TokenResponseException
+	 */
+	protected function parseRequestTokenResponse($responseBody)
+	{
+		parse_str($responseBody, $data);
+
+		if (!isset($data) || !is_array($data)) {
+			throw new TokenResponseException('Unable to parse response.');
+		} else if (!isset($data['oauth_callback_confirmed']) || $data['oauth_callback_confirmed'] != 'true') {
+			throw new TokenResponseException('Error in retrieving token.');
+		}
+
+		$data['is_request_token'] = true;
+		return $this->parseAccessTokenResponse($data);
+	}
+
+	/**
+	 * @param string|array $responseBody
+	 * @return StdOAuth1Token
+	 * @throws TokenResponseException
+	 */
+	protected function parseAccessTokenResponse($responseBody)
+	{
+		if (!is_array($responseBody)) {
+			parse_str($responseBody, $data);
+
+			if (!isset($data) || !is_array($data)) {
+				throw new TokenResponseException('Unable to parse response.');
+			}
+		} else {
+			$data = $responseBody;
+		}
+
+		$error = $this->service->getAccessTokenResponseError($data);
+		if (isset($error)) {
+			throw new TokenResponseException('Error in retrieving token: "' . $error . '"');
+		}
+
+		$token = new StdOAuth1Token();
+		$names = $this->service->getAccessTokenArgumentNames();
+
+		$token->setRequestToken($data[$names['oauth_token']]);
+		$token->setRequestTokenSecret($data[$names['oauth_token_secret']]);
+		$token->setAccessToken($data[$names['oauth_token']]);
+		$token->setAccessTokenSecret($data[$names['oauth_token_secret']]);
+		unset($data[$names['oauth_token']], $data[$names['oauth_token_secret']]);
+
+		if (isset($data[$names['oauth_expires_in']])) {
+			$token->setLifeTime($data[$names['oauth_expires_in']]);
+			unset($data[$names['oauth_expires_in']]);
+		} else {
+			$token->setLifetime($this->service->getTokenDefaultLifetime());
+		}
+
+		$token->setExtraParams($data);
+
+		return $token;
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * OAuth2 Service class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\oauth2;
+
+use Yii;
+use yii\helpers\Url;
+use OAuth\Common\Exception\Exception as OAuthException;
+use OAuth\Common\Http\Uri\Uri;
+use OAuth\Common\Consumer\Credentials;
+use OAuth\OAuth2\Service\ServiceInterface;
+use nodge\eauth\EAuth;
+use nodge\eauth\ErrorException;
+use nodge\eauth\IAuthService;
+use nodge\eauth\oauth\ServiceBase;
+
+/**
+ * EOAuthService is a base class for all OAuth providers.
+ *
+ * @package application.extensions.eauth
+ */
+abstract class Service extends ServiceBase implements IAuthService
+{
+
+	/**
+	 * @var string OAuth2 client id.
+	 */
+	protected $clientId;
+
+	/**
+	 * @var string OAuth2 client secret key.
+	 */
+	protected $clientSecret;
+
+	/**
+	 * @var array OAuth scopes.
+	 */
+	protected $scopes = [];
+
+	/**
+	 * @var string
+	 */
+	protected $scopeSeparator = ' ';
+
+	/**
+	 * @var array Provider options. Must contain the keys: authorize, access_token.
+	 */
+	protected $providerOptions = [
+		'authorize' => '',
+		'access_token' => '',
+	];
+
+	/**
+	 * @var string Error key name in _GET options.
+	 */
+	protected $errorParam = 'error';
+
+	/**
+	 * @var string Error description key name in _GET options.
+	 */
+	protected $errorDescriptionParam = 'error_description';
+
+	/**
+	 * @var string Error code for access_denied response.
+	 */
+	protected $errorAccessDeniedCode = 'access_denied';
+
+	/**
+	 * @var string The display name for popup window. False to disable display mode.
+	 */
+	protected $popupDisplayName = 'popup';
+
+	/**
+	 * @var bool Whether to use the State param to improve security.
+	 */
+	protected $validateState = true;
+
+	/**
+	 * @var ServiceProxy
+	 */
+	private $_proxy;
+
+	/**
+	 * Initialize the component.
+	 *
+	 * @param EAuth $component the component instance.
+	 * @param array $options properties initialization.
+	 */
+//	public function init($component, $options = []) {
+//		parent::init($component, $options);
+//	}
+
+	/**
+	 * @param string $id
+	 */
+	public function setClientId($id)
+	{
+		$this->clientId = $id;
+	}
+
+	/**
+	 * @param string $secret
+	 */
+	public function setClientSecret($secret)
+	{
+		$this->clientSecret = $secret;
+	}
+
+	/**
+	 * @param string|array $scopes
+	 */
+	public function setScope($scopes)
+	{
+		if (!is_array($scopes)) {
+			$scopes = [$scopes];
+		}
+
+		$resolvedScopes = [];
+		$reflClass = new \ReflectionClass($this);
+		$constants = $reflClass->getConstants();
+
+		foreach ($scopes as $scope) {
+			$key = strtoupper('SCOPE_' . $scope);
+
+			// try to find a class constant with this name
+			if (array_key_exists($key, $constants)) {
+				$resolvedScopes[] = $constants[$key];
+			} else {
+				$resolvedScopes[] = $scope;
+			}
+		}
+
+		$this->scopes = $resolvedScopes;
+	}
+
+	/**
+	 * @param bool $validate
+	 */
+	public function setValidateState($validate)
+	{
+		$this->validateState = $validate;
+	}
+
+	/**
+	 * @return bool
+	 */
+	public function getValidateState()
+	{
+		return $this->validateState;
+	}
+
+	/**
+	 * @return ServiceProxy
+	 */
+	protected function getProxy()
+	{
+		if (!isset($this->_proxy)) {
+			$tokenStorage = $this->getTokenStorage();
+			$httpClient = $this->getHttpClient();
+			$credentials = new Credentials($this->clientId, $this->clientSecret, $this->getCallbackUrl());
+			$this->_proxy = new ServiceProxy($credentials, $httpClient, $tokenStorage, $this->scopes, null, $this);
+		}
+		return $this->_proxy;
+	}
+
+	/**
+	 * @return string the current url
+	 */
+	protected function getCallbackUrl()
+	{
+		if (isset($_GET['redirect_uri'])) {
+			$url = $_GET['redirect_uri'];
+		}
+		else {
+			$route = Yii::$app->getRequest()->getQueryParams();
+			array_unshift($route, '');
+
+			// Can not use these params in OAuth2 callbacks
+			foreach (['code', 'state', 'redirect_uri'] as $param) {
+				if (isset($route[$param])) {
+					unset($route[$param]);
+				}
+			}
+
+			$url = Url::to($route, true);
+		}
+
+		return $url;
+	}
+
+	/**
+	 * Authenticate the user.
+	 *
+	 * @return boolean whether user was successfuly authenticated.
+	 * @throws ErrorException
+	 */
+	public function authenticate()
+	{
+		if (!$this->checkError()) {
+			return false;
+		}
+
+		try {
+			$proxy = $this->getProxy();
+
+			if (!empty($_GET['code'])) {
+				// This was a callback request from a service, get the token
+				$proxy->requestAccessToken($_GET['code']);
+				$this->authenticated = true;
+			} else if ($proxy->hasValidAccessToken()) {
+				$this->authenticated = true;
+			} else {
+				/** @var $url Uri */
+				$url = $proxy->getAuthorizationUri();
+				Yii::$app->getResponse()->redirect($url->getAbsoluteUri())->send();
+			}
+		} catch (OAuthException $e) {
+			throw new ErrorException($e->getMessage(), $e->getCode(), 1, $e->getFile(), $e->getLine(), $e);
+		}
+
+		return $this->getIsAuthenticated();
+	}
+
+	/**
+	 * Check request params for error code and message.
+	 *
+	 * @return bool
+	 * @throws ErrorException
+	 */
+	protected function checkError()
+	{
+		if (isset($_GET[$this->errorParam])) {
+			$error_code = $_GET[$this->errorParam];
+			if ($error_code === $this->errorAccessDeniedCode) {
+				// access_denied error (user canceled)
+				$this->cancel();
+			} else {
+				$error = $error_code;
+				if (isset($_GET[$this->errorDescriptionParam])) {
+					$error = $_GET[$this->errorDescriptionParam] . ' (' . $error . ')';
+				}
+				throw new ErrorException($error);
+			}
+			return false;
+		}
+
+		return true;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getAuthorizationEndpoint()
+	{
+		$url = $this->providerOptions['authorize'];
+		if ($this->popupDisplayName !== false && $this->getIsInsidePopup()) {
+			$url = new Uri($url);
+			$url->addToQuery('display', $this->popupDisplayName);
+			$url = $url->getAbsoluteUri();
+		}
+		return $url;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getAccessTokenEndpoint()
+	{
+		return $this->providerOptions['access_token'];
+	}
+
+	/**
+	 * @param string $response
+	 * @return array
+	 */
+	public function parseAccessTokenResponse($response)
+	{
+		return json_decode($response, true);
+	}
+
+	/**
+	 * @return array
+	 */
+	public function getAccessTokenArgumentNames()
+	{
+		return [
+			'access_token' => 'access_token',
+			'expires_in' => 'expires_in',
+			'refresh_token' => 'refresh_token',
+		];
+	}
+
+	/**
+	 * Return any additional headers always needed for this service implementation's OAuth calls.
+	 *
+	 * @return array
+	 */
+	public function getExtraOAuthHeaders()
+	{
+		return [];
+	}
+
+	/**
+	 * Return any additional headers always needed for this service implementation's API calls.
+	 *
+	 * @return array
+	 */
+	public function getExtraApiHeaders()
+	{
+		return [];
+	}
+
+	/**
+	 * Returns a class constant from ServiceInterface defining the authorization method used for the API
+	 * Header is the sane default.
+	 *
+	 * @return int
+	 */
+	public function getAuthorizationMethod()
+	{
+		return ServiceInterface::AUTHORIZATION_METHOD_HEADER_OAUTH;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getScopeSeparator()
+	{
+		return $this->scopeSeparator;
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * OAuth2 ServiceProxy class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\oauth2;
+
+use OAuth\Common\Consumer\CredentialsInterface;
+use OAuth\Common\Http\Client\ClientInterface;
+use OAuth\Common\Http\Exception\TokenResponseException;
+use OAuth\Common\Http\Uri\Uri;
+use OAuth\Common\Http\Uri\UriInterface;
+use OAuth\Common\Storage\TokenStorageInterface;
+use OAuth\Common\Token\TokenInterface;
+use OAuth\OAuth2\Service\AbstractService;
+use OAuth\OAuth2\Token\StdOAuth2Token;
+
+class ServiceProxy extends AbstractService
+{
+
+	/**
+	 * @var Service the currently used service class
+	 */
+	protected $service;
+
+	/**
+	 * @param CredentialsInterface $credentials
+	 * @param ClientInterface $httpClient
+	 * @param TokenStorageInterface $storage
+	 * @param array $scopes
+	 * @param UriInterface $baseApiUri
+	 * @param Service $service
+	 */
+	public function __construct(
+		CredentialsInterface $credentials,
+		ClientInterface $httpClient,
+		TokenStorageInterface $storage,
+		$scopes = [],
+		UriInterface $baseApiUri = null,
+		Service $service
+	)
+	{
+		$this->service = $service;
+		parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri, $service->getValidateState());
+	}
+
+	/**
+	 * @return string
+	 */
+	public function service()
+	{
+		return $this->service->getServiceName();
+	}
+
+	/**
+	 * Validate scope
+	 *
+	 * @param string $scope
+	 * @return bool
+	 */
+	public function isValidScope($scope)
+	{
+		$reflectionClass = new \ReflectionClass(get_class($this->service));
+		return in_array($scope, $reflectionClass->getConstants(), true);
+	}
+
+	/**
+	 * @return bool
+	 */
+	public function hasValidAccessToken()
+	{
+		$serviceName = $this->service();
+
+		if (!$this->storage->hasAccessToken($serviceName)) {
+			return false;
+		}
+
+		/** @var $token StdOAuth2Token */
+		$token = $this->storage->retrieveAccessToken($serviceName);
+		$valid = $this->checkTokenLifetime($token);
+
+		if (!$valid) {
+			$refreshToken = $token->getRefreshToken();
+			if (isset($refreshToken)) {
+				$token = $this->refreshAccessToken($token);
+				return $this->checkTokenLifetime($token);
+			}
+		}
+
+		return $valid;
+	}
+
+	/**
+	 * @param TokenInterface $token
+	 * @return bool
+	 */
+	protected function checkTokenLifetime($token)
+	{
+		// assume that we have at least a minute to execute a queries.
+		return $token->getEndOfLife() - 60 > time()
+			|| $token->getEndOfLife() === TokenInterface::EOL_NEVER_EXPIRES
+			|| $token->getEndOfLife() === TokenInterface::EOL_UNKNOWN;
+	}
+
+	/**
+	 * @return null|TokenInterface
+	 */
+	public function getAccessToken()
+	{
+		if (!$this->hasValidAccessToken()) {
+			return null;
+		}
+
+		$serviceName = $this->service();
+		return $this->storage->retrieveAccessToken($serviceName);
+	}
+
+	/**
+	 * @return UriInterface
+	 */
+	public function getAuthorizationEndpoint()
+	{
+		return new Uri($this->service->getAuthorizationEndpoint());
+	}
+
+	/**
+	 * @return UriInterface
+	 */
+	public function getAccessTokenEndpoint()
+	{
+		return new Uri($this->service->getAccessTokenEndpoint());
+	}
+
+	/**
+	 * @param string $responseBody
+	 * @return StdOAuth2Token
+	 * @throws TokenResponseException
+	 */
+	protected function parseAccessTokenResponse($responseBody)
+	{
+		$data = $this->service->parseAccessTokenResponse($responseBody);
+
+		if (!isset($data) || !is_array($data)) {
+			throw new TokenResponseException('Unable to parse response.');
+		}
+
+		$error = $this->service->getAccessTokenResponseError($data);
+		if (isset($error)) {
+			throw new TokenResponseException('Error in retrieving token: "' . $error . '"');
+		}
+
+		$token = new StdOAuth2Token();
+		$names = $this->service->getAccessTokenArgumentNames();
+
+		$token->setAccessToken($data[$names['access_token']]);
+		unset($data[$names['access_token']]);
+
+		if (isset($data[$names['expires_in']])) {
+			$token->setLifeTime($data[$names['expires_in']]);
+			unset($data[$names['expires_in']]);
+		} else {
+			$token->setLifetime($this->service->getTokenDefaultLifetime());
+		}
+
+		if (isset($data[$names['refresh_token']])) {
+			$token->setRefreshToken($data[$names['refresh_token']]);
+			unset($data[$names['refresh_token']]);
+		}
+
+		$token->setExtraParams($data);
+
+		return $token;
+	}
+
+	/**
+	 * Return any additional headers always needed for this service implementation's OAuth calls.
+	 *
+	 * @return array
+	 */
+	protected function getExtraOAuthHeaders()
+	{
+		return $this->service->getExtraOAuthHeaders();
+	}
+
+	/**
+	 * Return any additional headers always needed for this service implementation's API calls.
+	 *
+	 * @return array
+	 */
+	protected function getExtraApiHeaders()
+	{
+		return $this->service->getExtraApiHeaders();
+	}
+
+	/**
+	 * Returns a class constant from ServiceInterface defining the authorization method used for the API
+	 * Header is the sane default.
+	 *
+	 * @return int
+	 */
+	protected function getAuthorizationMethod()
+	{
+		return $this->service->getAuthorizationMethod();
+	}
+
+	/**
+	 * Returns the url to redirect to for authorization purposes.
+	 *
+	 * @param array $additionalParameters
+	 * @return Uri
+	 */
+	public function getAuthorizationUri(array $additionalParameters = [])
+	{
+		$parameters = array_merge($additionalParameters, [
+			'type' => 'web_server',
+			'client_id' => $this->credentials->getConsumerId(),
+			'redirect_uri' => $this->credentials->getCallbackUrl(),
+			'response_type' => 'code',
+		]);
+
+		$parameters['scope'] = implode($this->service->getScopeSeparator(), $this->scopes);
+
+		if ($this->needsStateParameterInAuthUrl()) {
+			if (!isset($parameters['state'])) {
+				$parameters['state'] = $this->generateAuthorizationState();
+			}
+			$this->storeAuthorizationState($parameters['state']);
+		}
+
+		// Build the url
+		$url = clone $this->getAuthorizationEndpoint();
+		foreach ($parameters as $key => $val) {
+			$url->addToQuery($key, $val);
+		}
+
+		return $url;
+	}
+}
+<?php
+/**
+ * ControllerBehavior class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\openid;
+
+use Yii;
+use yii\base\Action;
+use yii\base\ActionFilter;
+
+/**
+ * @package application.extensions.eauth
+ */
+class ControllerBehavior extends ActionFilter
+{
+	/**
+	 * This method is invoked right before an action is to be executed (after all possible filters.)
+	 * You may override this method to do last-minute preparation for the action.
+	 *
+	 * @param Action $action the action to be executed.
+	 * @return boolean whether the action should continue to be executed.
+	 */
+	public function beforeAction($action)
+	{
+		$request = Yii::$app->getRequest();
+
+		if (in_array($request->getBodyParam('openid_mode', ''), ['id_res', 'cancel'])) {
+			$request->enableCsrfValidation = false;
+		}
+
+		return parent::beforeAction($action);
+	}
+}
+<?php
+/**
+ * OpenID Service class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\openid;
+
+use \Yii;
+use \LightOpenID;
+use yii\web\HttpException;
+use nodge\eauth\ServiceBase;
+use nodge\eauth\IAuthService;
+use nodge\eauth\ErrorException;
+
+/**
+ * EOpenIDService is a base class for all OpenID providers.
+ *
+ * @package application.extensions.eauth
+ */
+abstract class Service extends ServiceBase implements IAuthService
+{
+
+	/**
+	 * @var string a pattern that represents the part of URL-space for which an OpenID Authentication request is valid.
+	 * See the spec for more info: http://openid.net/specs/openid-authentication-2_0.html#realms
+	 * Note: a pattern can be without http(s):// part
+	 */
+	public $realm;
+
+	/**
+	 * @var LightOpenID the openid library instance.
+	 */
+	private $auth;
+
+	/**
+	 * @var string the OpenID authorization url.
+	 */
+	protected $url;
+
+	/**
+	 * @var array the OpenID required attributes.
+	 */
+	protected $requiredAttributes = [];
+
+	/**
+	 * @var array the OpenID optional attributes.
+	 */
+	protected $optionalAttributes = [];
+
+
+	/**
+	 * Initialize the component.
+	 */
+	public function init()
+	{
+		parent::init();
+		$this->auth = new LightOpenID(Yii::$app->getRequest()->getHostInfo());
+	}
+
+	/**
+	 * Authenticate the user.
+	 *
+	 * @return boolean whether user was successfuly authenticated.
+	 * @throws ErrorException
+	 * @throws HttpException
+	 */
+	public function authenticate()
+	{
+		if (!empty($_REQUEST['openid_mode'])) {
+			switch ($_REQUEST['openid_mode']) {
+				case 'id_res':
+					$this->id_res();
+					return true;
+					break;
+
+				case 'cancel':
+					$this->cancel();
+					break;
+
+				default:
+					throw new HttpException(400, Yii::t('yii', 'Your request is invalid.'));
+					break;
+			}
+		} else {
+			$this->request();
+		}
+
+		return false;
+	}
+
+	/**
+	 * @throws ErrorException
+	 */
+	protected function id_res()
+	{
+		try {
+			if ($this->auth->validate()) {
+				$this->attributes['id'] = $this->auth->identity;
+				$this->loadRequiredAttributes();
+				$this->loadOptionalAttributes();
+				$this->authenticated = true;
+			} else {
+				throw new ErrorException(Yii::t('eauth', 'Unable to complete the authentication because the required data was not received.', ['provider' => $this->getServiceTitle()]));
+			}
+		} catch (\Exception $e) {
+			throw new ErrorException($e->getMessage(), $e->getCode());
+		}
+	}
+
+	/**
+	 * @throws ErrorException
+	 */
+	protected function loadOptionalAttributes()
+	{
+		$attributes = $this->auth->getAttributes();
+		foreach ($this->optionalAttributes as $key => $attr) {
+			if (isset($attributes[$attr[1]])) {
+				$this->attributes[$key] = $attributes[$attr[1]];
+			}
+		}
+	}
+
+	/**
+	 *
+	 */
+	protected function loadRequiredAttributes()
+	{
+		$attributes = $this->auth->getAttributes();
+		foreach ($this->requiredAttributes as $key => $attr) {
+			if (isset($attributes[$attr[1]])) {
+				$this->attributes[$key] = $attributes[$attr[1]];
+			} else {
+				throw new ErrorException(Yii::t('eauth', 'Unable to complete the authentication because the required data was not received.', ['provider' => $this->getServiceTitle()]));
+			}
+		}
+	}
+
+	/**
+	 * @throws ErrorException
+	 */
+	protected function request()
+	{
+		$this->auth->identity = $this->url; //Setting identifier
+
+		$this->auth->required = []; //Try to get info from openid provider
+		foreach ($this->requiredAttributes as $attribute) {
+			$this->auth->required[$attribute[0]] = $attribute[1];
+		}
+		foreach ($this->optionalAttributes as $attribute) {
+			$this->auth->required[$attribute[0]] = $attribute[1];
+		}
+
+		$this->auth->realm = $this->getRealm();
+		$this->auth->returnUrl = Yii::$app->getRequest()->getHostInfo() . Yii::$app->getRequest()->getUrl(); //getting return URL
+
+		try {
+			$url = $this->auth->authUrl();
+			Yii::$app->getResponse()->redirect($url)->send();
+		} catch (\Exception $e) {
+			throw new ErrorException($e->getMessage(), $e->getCode());
+		}
+	}
+
+	/**
+	 * @return string
+	 */
+	protected function getRealm()
+	{
+		if (isset($this->realm)) {
+			if (!preg_match('#^[a-z]+\://#', $this->realm)) {
+				return 'http' . (Yii::$app->getRequest()->getIsSecureConnection() ? 's' : '') . '://' . $this->realm;
+			} else {
+				return $this->realm;
+			}
+		} else {
+			return Yii::$app->getRequest()->getHostInfo();
+		}
+	}
+}
+<?php
+/**
+ * FacebookOAuth2Service class file.
+ *
+ * Register application: https://developers.facebook.com/apps/
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+namespace common\components\nodge\eauth\src\services;
+use nodge\eauth\oauth2\Service;
+/**
+ * Facebook provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class FacebookOAuth2Service extends Service
+{
+	/**
+	 * Full list of scopes may be found here:
+	 * https://developers.facebook.com/docs/authentication/permissions/
+	 */
+	const SCOPE_EMAIL = 'email';
+	const SCOPE_USER_BIRTHDAY = 'user_birthday';
+	const SCOPE_USER_HOMETOWN = 'user_hometown';
+	const SCOPE_USER_LOCATION = 'user_location';
+	const SCOPE_USER_PHOTOS = 'user_photos';
+	protected $name = 'facebook';
+	protected $title = 'Facebook';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 585, 'height' => 290]];
+	protected $scopes = [];
+	protected $providerOptions = [
+		'authorize' => 'https://www.facebook.com/dialog/oauth',
+		'access_token' => 'https://graph.facebook.com/oauth/access_token',
+	];
+	protected $baseApiUrl = 'https://graph.facebook.com/';
+	protected $errorParam = 'error_code';
+	protected $errorDescriptionParam = 'error_message';
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('me');
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['name'];
+		$this->attributes['url'] = $info['link'];
+		return true;
+	}
+	/**
+	 * @return array
+	 */
+	public function getAccessTokenArgumentNames()
+	{
+		$names = parent::getAccessTokenArgumentNames();
+		$names['expires_in'] = 'expires';
+		return $names;
+	}
+	/**
+	 * @param string $response
+	 * @return array
+	 */
+	public function parseAccessTokenResponse($response)
+	{
+		// Facebook gives us a query string or json
+		if ($response[0] === '{') {
+			return json_decode($response, true);
+		}
+		else {
+			parse_str($response, $data);
+			return $data;
+		}
+	}
+	/**
+	 * Returns the error array.
+	 *
+	 * @param array $response
+	 * @return array the error array with 2 keys: code and message. Should be null if no errors.
+	 */
+	protected function fetchResponseError($response)
+	{
+		if (isset($response['error'])) {
+			return [
+				'code' => $response['error']['code'],
+				'message' => $response['error']['message'],
+			];
+		} else {
+			return null;
+		}
+	}
+	/**
+	 * @param array $data
+	 * @return string|null
+	 */
+	public function getAccessTokenResponseError($data)
+	{
+		$error = $this->fetchResponseError($data);
+		if (!$error) {
+			return null;
+		}
+		return $error['code'].': '.$error['message'];
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * GithubOAuth2Service class file.
+ *
+ * Register application: https://github.com/settings/applications
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use OAuth\Common\Token\TokenInterface;
+use OAuth\OAuth2\Service\ServiceInterface;
+use nodge\eauth\oauth2\Service;
+
+/**
+ * GitHub provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class GitHubOAuth2Service extends Service
+{
+
+	/**
+	 * Defined scopes, see http://developer.github.com/v3/oauth/ for definitions
+	 */
+	const SCOPE_USER = 'user';
+	const SCOPE_PUBLIC_REPO = 'public_repo';
+	const SCOPE_REPO = 'repo';
+	const SCOPE_DELETE_REPO = 'delete_repo';
+	const SCOPE_GIST = 'gist';
+
+	protected $name = 'github';
+	protected $title = 'GitHub';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 600, 'height' => 450]];
+
+	protected $scopes = [];
+	protected $providerOptions = [
+		'authorize' => 'https://github.com/login/oauth/authorize',
+		'access_token' => 'https://github.com/login/oauth/access_token',
+	];
+	protected $baseApiUrl = 'https://api.github.com/';
+
+	protected $tokenDefaultLifetime = TokenInterface::EOL_NEVER_EXPIRES;
+	protected $errorAccessDeniedCode = 'user_denied';
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('user');
+
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['login'];
+		$this->attributes['url'] = $info['html_url'];
+
+		return true;
+	}
+
+	/**
+	 * Used to configure response type -- we want JSON from github, default is query string format
+	 *
+	 * @return array
+	 */
+	public function getExtraOAuthHeaders()
+	{
+		return ['Accept' => 'application/json'];
+	}
+
+	/**
+	 * Required for GitHub API calls.
+	 *
+	 * @return array
+	 */
+	public function getExtraApiHeaders()
+	{
+		return ['Accept' => 'application/vnd.github.beta+json'];
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getAuthorizationMethod()
+	{
+		return ServiceInterface::AUTHORIZATION_METHOD_QUERY_STRING;
+	}
+
+	/**
+	 * Returns the error array.
+	 *
+	 * @param array $response
+	 * @return array the error array with 2 keys: code and message. Should be null if no errors.
+	 */
+	protected function fetchResponseError($response)
+	{
+		if (isset($response['message'])) {
+			return [
+				'code' => isset($response['error']) ? $response['code'] : 0,
+				'message' => $response['message'],
+			];
+		} else {
+			return null;
+		}
+	}
+
+}
 \ No newline at end of file
+<?php
+/**
+ * GoogleOAuth2Service class file.
+ *
+ * Register application: https://code.google.com/apis/console/
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use nodge\eauth\oauth2\Service;
+
+/**
+ * Google provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class GoogleOAuth2Service extends Service
+{
+
+	/**
+	 * Defined scopes - More scopes are listed here:
+	 * https://developers.google.com/oauthplayground/
+	 */
+
+	// Basic
+	const SCOPE_EMAIL = 'email';
+	const SCOPE_PROFILE = 'profile';
+
+	const SCOPE_USERINFO_EMAIL = 'https://www.googleapis.com/auth/userinfo.email';
+	const SCOPE_USERINFO_PROFILE = 'https://www.googleapis.com/auth/userinfo.profile';
+
+	// Google+
+	const SCOPE_GPLUS_ME = 'https://www.googleapis.com/auth/plus.me';
+	const SCOPE_GPLUS_LOGIN = 'https://www.googleapis.com/auth/plus.login';
+
+	// Google Drive
+	const SCOPE_DOCUMENTSLIST = 'https://docs.google.com/feeds/';
+	const SCOPE_SPREADSHEETS = 'https://spreadsheets.google.com/feeds/';
+	const SCOPE_GOOGLEDRIVE = 'https://www.googleapis.com/auth/drive';
+	const SCOPE_DRIVE_APPS = 'https://www.googleapis.com/auth/drive.appdata';
+	const SCOPE_DRIVE_APPS_READ_ONLY = 'https://www.googleapis.com/auth/drive.apps.readonly';
+	const SCOPE_GOOGLEDRIVE_FILES = 'https://www.googleapis.com/auth/drive.file';
+	const SCOPE_DRIVE_METADATA_READ_ONLY = 'https://www.googleapis.com/auth/drive.metadata.readonly';
+	const SCOPE_DRIVE_READ_ONLY = 'https://www.googleapis.com/auth/drive.readonly';
+	const SCOPE_DRIVE_SCRIPTS = 'https://www.googleapis.com/auth/drive.scripts';
+
+	// Adwords
+	const SCOPE_ADSENSE = 'https://www.googleapis.com/auth/adsense';
+	const SCOPE_ADWORDS = 'https://adwords.google.com/api/adwords/';
+	const SCOPE_GAN = 'https://www.googleapis.com/auth/gan'; // google affiliate network...?
+
+	// Google Analytics
+	const SCOPE_ANALYTICS = 'https://www.googleapis.com/auth/analytics';
+	const SCOPE_ANALYTICS_EDIT = 'https://www.googleapis.com/auth/analytics.edit';
+	const SCOPE_ANALYTICS_MANAGE_USERS = 'https://www.googleapis.com/auth/analytics.manage.users';
+	const SCOPE_ANALYTICS_READ_ONLY = 'https://www.googleapis.com/auth/analytics.readonly';
+
+	// Other services
+	const SCOPE_BOOKS = 'https://www.googleapis.com/auth/books';
+	const SCOPE_BLOGGER = 'https://www.googleapis.com/auth/blogger';
+	const SCOPE_CALENDAR = 'https://www.googleapis.com/auth/calendar';
+	const SCOPE_CONTACT = 'https://www.google.com/m8/feeds/';
+	const SCOPE_CHROMEWEBSTORE = 'https://www.googleapis.com/auth/chromewebstore.readonly';
+	const SCOPE_GMAIL = 'https://mail.google.com/mail/feed/atom';
+	const SCOPE_PICASAWEB = 'https://picasaweb.google.com/data/';
+	const SCOPE_SITES = 'https://sites.google.com/feeds/';
+	const SCOPE_URLSHORTENER = 'https://www.googleapis.com/auth/urlshortener';
+	const SCOPE_WEBMASTERTOOLS = 'https://www.google.com/webmasters/tools/feeds/';
+	const SCOPE_TASKS = 'https://www.googleapis.com/auth/tasks';
+
+	// Cloud services
+	const SCOPE_CLOUDSTORAGE = 'https://www.googleapis.com/auth/devstorage.read_write';
+	const SCOPE_CONTENTFORSHOPPING = 'https://www.googleapis.com/auth/structuredcontent'; // what even is this
+	const SCOPE_USER_PROVISIONING = 'https://apps-apis.google.com/a/feeds/user/';
+	const SCOPE_GROUPS_PROVISIONING = 'https://apps-apis.google.com/a/feeds/groups/';
+	const SCOPE_NICKNAME_PROVISIONING = 'https://apps-apis.google.com/a/feeds/alias/';
+
+	// Old
+	const SCOPE_ORKUT = 'https://www.googleapis.com/auth/orkut';
+	const SCOPE_GOOGLELATITUDE =
+		'https://www.googleapis.com/auth/latitude.all.best https://www.googleapis.com/auth/latitude.all.city';
+	const SCOPE_OPENID = 'openid';
+
+	// YouTube
+	const SCOPE_YOUTUBE_GDATA = 'https://gdata.youtube.com';
+	const SCOPE_YOUTUBE_ANALYTICS_MONETARY = 'https://www.googleapis.com/auth/yt-analytics-monetary.readonly';
+	const SCOPE_YOUTUBE_ANALYTICS = 'https://www.googleapis.com/auth/yt-analytics.readonly';
+	const SCOPE_YOUTUBE = 'https://www.googleapis.com/auth/youtube';
+	const SCOPE_YOUTUBE_READ_ONLY = 'https://www.googleapis.com/auth/youtube.readonly';
+	const SCOPE_YOUTUBE_UPLOAD = 'https://www.googleapis.com/auth/youtube.upload';
+	const SCOPE_YOUTUBE_PATNER = 'https://www.googleapis.com/auth/youtubepartner';
+	const SCOPE_YOUTUBE_PARTNER_EDIT = 'https://www.googleapis.com/auth/youtubepartner-channel-edit';
+
+	// Google Glass
+	const SCOPE_GLASS_TIMELINE = 'https://www.googleapis.com/auth/glass.timeline';
+	const SCOPE_GLASS_LOCATION = 'https://www.googleapis.com/auth/glass.location';
+
+	protected $name = 'google_oauth';
+	protected $title = 'Google';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 500, 'height' => 450]];
+
+	protected $scopes = [self::SCOPE_USERINFO_PROFILE];
+	protected $providerOptions = [
+		'authorize' => 'https://accounts.google.com/o/oauth2/auth',
+		'access_token' => 'https://accounts.google.com/o/oauth2/token',
+	];
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('https://www.googleapis.com/oauth2/v1/userinfo');
+
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['name'];
+
+		if (!empty($info['link'])) {
+			$this->attributes['url'] = $info['link'];
+		}
+
+		/*if (!empty($info['gender']))
+			$this->attributes['gender'] = $info['gender'] == 'male' ? 'M' : 'F';
+		
+		if (!empty($info['picture']))
+			$this->attributes['photo'] = $info['picture'];
+		
+		$info['given_name']; // first name
+		$info['family_name']; // last name
+		$info['birthday']; // format: 0000-00-00
+		$info['locale']; // format: en*/
+	}
+
+	/**
+	 * Returns the protected resource.
+	 *
+	 * @param string $url url to request.
+	 * @param array $options HTTP request options. Keys: query, data, referer.
+	 * @param boolean $parseResponse Whether to parse response.
+	 * @return mixed the response.
+	 */
+	public function makeSignedRequest($url, $options = [], $parseResponse = true)
+	{
+		if (!isset($options['query']['alt'])) {
+			$options['query']['alt'] = 'json';
+		}
+		return parent::makeSignedRequest($url, $options, $parseResponse);
+	}
+
+	/**
+	 * Returns the error array.
+	 *
+	 * @param array $response
+	 * @return array the error array with 2 keys: code and message. Should be null if no errors.
+	 */
+	protected function fetchResponseError($response)
+	{
+		if (isset($response['error'])) {
+			return [
+				'code' => $response['error']['code'],
+				'message' => $response['error']['message'],
+			];
+		} else {
+			return null;
+		}
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * FacebookOAuth2Service class file.
+ *
+ * Register application: https://instagram.com/developer/register/
+ *
+ * @author PhucPNT. <mail@phucpnt.com>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use nodge\eauth\oauth2\Service;
+use OAuth\Common\Token\TokenInterface;
+use OAuth\OAuth2\Service\ServiceInterface;
+
+/**
+ * Instagram provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class InstagramOAuth2Service extends Service
+{
+
+	/**
+	 * Defined scopes
+	 * @link https://instagram.com/developer/authentication/
+	 */
+	const SCOPE_BASIC = 'basic';
+	const SCOPE_COMMENTS = 'comments';
+	const SCOPE_RELATIONSHIPS = 'relationships';
+	const SCOPE_LIKES = 'likes';
+
+	protected $name = 'instagram';
+	protected $title = 'Instagram';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 900, 'height' => 550]];
+	protected $popupDisplayName = false;
+
+	protected $scopes = [self::SCOPE_BASIC];
+	protected $providerOptions = [
+	  'authorize' => 'https://api.instagram.com/oauth/authorize/',
+	  'access_token' => 'https://api.instagram.com/oauth/access_token',
+	];
+	protected $baseApiUrl = 'https://api.instagram.com/v1/';
+
+	protected $tokenDefaultLifetime = TokenInterface::EOL_NEVER_EXPIRES;
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('users/self');
+		$data = $info['data'];
+
+		$this->attributes = array_merge($this->attributes, [
+		  'id' => $data['id'],
+		  'username' => $data['username'],
+		  'full_name' => $data['full_name'],
+		  'profile_picture' => $data['profile_picture'],
+		  'bio' => $data['bio'],
+		  'website' => $data['website'],
+		  'counts' => $data['counts']
+		]);
+
+		return true;
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getAuthorizationMethod()
+	{
+		return ServiceInterface::AUTHORIZATION_METHOD_QUERY_STRING;
+	}
+
+	/**
+	 * Returns the protected resource.
+	 *
+	 * @param string $url url to request.
+	 * @param array $options HTTP request options. Keys: query, data, referer.
+	 * @param boolean $parseResponse Whether to parse response.
+	 * @return mixed the response.
+	 */
+	public function makeSignedRequest($url, $options = [], $parseResponse = true)
+	{
+		$options['query']['format'] = 'json';
+		return parent::makeSignedRequest($url, $options, $parseResponse);
+	}
+
+}
 \ No newline at end of file
+<?php
+/**
+ * LinkedinOAuthService class file.
+ *
+ * Register application: https://www.linkedin.com/secure/developer
+ * Note: Integration URL should be filled with a valid callback url.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use nodge\eauth\oauth1\Service;
+
+/**
+ * LinkedIn provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class LinkedinOAuth1Service extends Service
+{
+
+	protected $name = 'linkedin';
+	protected $title = 'LinkedIn';
+	protected $type = 'OAuth1';
+	protected $jsArguments = ['popup' => ['width' => 900, 'height' => 550]];
+
+	protected $providerOptions = [
+		'request' => 'https://api.linkedin.com/uas/oauth/requestToken',
+		'authorize' => 'https://www.linkedin.com/uas/oauth/authenticate', // https://www.linkedin.com/uas/oauth/authorize
+		'access' => 'https://api.linkedin.com/uas/oauth/accessToken',
+	];
+	protected $baseApiUrl = 'http://api.linkedin.com/v1/';
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('people/~:(id,first-name,last-name,public-profile-url)', [
+			'query' => [
+				'format' => 'json',
+			],
+		]);
+
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['firstName'] . ' ' . $info['lastName'];
+		$this->attributes['url'] = $info['publicProfileUrl'];
+
+		return true;
+	}
+
+	/**
+	 * Returns the error array.
+	 *
+	 * @param array $response
+	 * @return array the error array with 2 keys: code and message. Should be null if no errors.
+	 */
+	protected function fetchResponseError($response)
+	{
+		if (isset($response['error-code'])) {
+			return [
+				'code' => $response['error-code'],
+				'message' => $response['message'],
+			];
+		} else if (isset($response['errorCode'])) {
+			return [
+				'code' => $response['errorCode'],
+				'message' => $response['message'],
+			];
+		}
+		return null;
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * LinkedinOAuth2Service class file.
+ *
+ * Register application: https://www.linkedin.com/secure/developer
+ * Note: Integration URL should be filled with a valid callback url.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use OAuth\OAuth2\Service\ServiceInterface;
+use nodge\eauth\oauth2\Service;
+
+/**
+ * LinkedIn provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class LinkedinOAuth2Service extends Service
+{
+
+	/**
+	 * Defined scopes
+	 *
+	 * @link http://developer.linkedin.com/documents/authentication#granting
+	 */
+	const SCOPE_R_BASICPROFILE = 'r_basicprofile';
+	const SCOPE_R_FULLPROFILE = 'r_fullprofile';
+	const SCOPE_R_EMAILADDRESS = 'r_emailaddress';
+	const SCOPE_R_NETWORK = 'r_network';
+	const SCOPE_R_CONTACTINFO = 'r_contactinfo';
+	const SCOPE_RW_NUS = 'rw_nus';
+	const SCOPE_RW_GROUPS = 'rw_groups';
+	const SCOPE_W_MESSAGES = 'w_messages';
+
+	protected $name = 'linkedin_oauth2';
+	protected $title = 'LinkedIn';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 900, 'height' => 550]];
+
+	protected $scopes = [self::SCOPE_R_BASICPROFILE];
+	protected $providerOptions = [
+		'authorize' => 'https://www.linkedin.com/uas/oauth2/authorization',
+		'access_token' => 'https://www.linkedin.com/uas/oauth2/accessToken',
+	];
+	protected $baseApiUrl = 'https://api.linkedin.com/v1/';
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('people/~:(id,first-name,last-name,public-profile-url)', [
+			'query' => [
+				'format' => 'json',
+			],
+		]);
+
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['firstName'] . ' ' . $info['lastName'];
+		$this->attributes['url'] = $info['publicProfileUrl'];
+		$this->attributes['email'] = $info['emailAddress'];
+		return true;
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getAuthorizationMethod()
+	{
+		return ServiceInterface::AUTHORIZATION_METHOD_QUERY_STRING_V2;
+	}
+}
+<?php
+/**
+ * LiveOAuth2Service class file.
+ *
+ * Register application: https://account.live.com/developers/applications/index
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use OAuth\OAuth2\Service\ServiceInterface;
+use nodge\eauth\oauth2\Service;
+
+/**
+ * Microsoft Live provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class LiveOAuth2Service extends Service
+{
+
+	const SCOPE_BASIC = 'wl.basic';
+	const SCOPE_OFFLINE = 'wl.offline_access';
+	const SCOPE_SIGNIN = 'wl.signin';
+	const SCOPE_BIRTHDAY = 'wl.birthday';
+	const SCOPE_CALENDARS = 'wl.calendars';
+	const SCOPE_CALENDARS_UPDATE = 'wl.calendars_update';
+	const SCOPE_CONTACTS_BIRTHDAY = 'wl.contacts_birthday';
+	const SCOPE_CONTACTS_CREATE = 'wl.contacts_create';
+	const SCOPE_CONTACTS_CALENDARS = 'wl.contacts_calendars';
+	const SCOPE_CONTACTS_PHOTOS = 'wl.contacts_photos';
+	const SCOPE_CONTACTS_SKYDRIVE = 'wl.contacts_skydrive';
+	const SCOPE_EMAILS = 'wl.emails';
+	const sCOPE_EVENTS_CREATE = 'wl.events_create';
+	const SCOPE_MESSENGER = 'wl.messenger';
+	const SCOPE_PHONE_NUMBERS = 'wl.phone_numbers';
+	const SCOPE_PHOTOS = 'wl.photos';
+	const SCOPE_POSTAL_ADDRESSES = 'wl.postal_addresses';
+	const SCOPE_SHARE = 'wl.share';
+	const SCOPE_SKYDRIVE = 'wl.skydrive';
+	const SCOPE_SKYDRIVE_UPDATE = 'wl.skydrive_update';
+	const SCOPE_WORK_PROFILE = 'wl.work_profile';
+	const SCOPE_APPLICATIONS = 'wl.applications';
+	const SCOPE_APPLICATIONS_CREATE = 'wl.applications_create';
+
+	protected $name = 'live';
+	protected $title = 'Live';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 500, 'height' => 600]];
+
+	protected $scopes = [self::SCOPE_BASIC];
+	protected $providerOptions = [
+		'authorize' => 'https://login.live.com/oauth20_authorize.srf',
+		'access_token' => 'https://login.live.com/oauth20_token.srf',
+	];
+	protected $baseApiUrl = 'https://apis.live.net/v5.0/';
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('me');
+
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['name'];
+		$this->attributes['url'] = 'https://profile.live.com/cid-' . $info['id'] . '/';
+
+		$this->attributes['email'] = $info['emails']['account'];
+		$this->attributes['first_name'] = $info['first_name'];
+		$this->attributes['last_name'] = $info['last_name'];
+		$this->attributes['gender'] = $info['gender'];
+		$this->attributes['locale'] = $info['locale'];
+
+		return true;
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getAuthorizationMethod()
+	{
+		return ServiceInterface::AUTHORIZATION_METHOD_QUERY_STRING;
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * MailruOAuth2Service class file.
+ *
+ * Register application: http://api.mail.ru/sites/my/add
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use nodge\eauth\oauth2\Service;
+
+/**
+ * Mail.Ru provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class MailruOAuth2Service extends Service
+{
+
+	protected $name = 'mailru';
+	protected $title = 'Mail.ru';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 580, 'height' => 400]];
+
+	protected $scopes = [];
+	protected $providerOptions = [
+		'authorize' => 'https://connect.mail.ru/oauth/authorize',
+		'access_token' => 'https://connect.mail.ru/oauth/token',
+	];
+	protected $baseApiUrl = 'http://www.appsmail.ru/platform/api';
+
+	protected function fetchAttributes()
+	{
+		$tokenData = $this->getAccessTokenData();
+
+		$info = $this->makeSignedRequest('/', [
+			'query' => [
+				'uids' => $tokenData['params']['x_mailru_vid'],
+				'method' => 'users.getInfo',
+				'app_id' => $this->clientId,
+			],
+		]);
+
+		$info = $info[0];
+
+		$this->attributes['id'] = $info['uid'];
+		$this->attributes['name'] = $info['first_name'] . ' ' . $info['last_name'];
+		$this->attributes['url'] = $info['link'];
+
+		return true;
+	}
+
+	/**
+	 * Returns the protected resource.
+	 *
+	 * @param string $url url to request.
+	 * @param array $options HTTP request options. Keys: query, data, referer.
+	 * @param boolean $parseResponse Whether to parse response.
+	 * @return mixed the response.
+	 */
+	public function makeSignedRequest($url, $options = [], $parseResponse = true)
+	{
+		$token = $this->getAccessTokenData();
+		if (isset($token)) {
+			$options['query']['secure'] = 1;
+			$options['query']['session_key'] = $token['access_token'];
+			$params = '';
+			ksort($options['query']);
+			foreach ($options['query'] as $k => $v) {
+				$params .= $k . '=' . $v;
+			}
+			$options['query']['sig'] = md5($params . $this->clientSecret);
+		}
+		return parent::makeSignedRequest($url, $options, $parseResponse);
+	}
+
+	/**
+	 * Returns the error array.
+	 *
+	 * @param array $response
+	 * @return array the error array with 2 keys: code and message. Should be null if no errors.
+	 */
+	protected function fetchResponseError($response)
+	{
+		if (isset($response['error'])) {
+			return [
+				'code' => $response['error']['error_code'],
+				'message' => $response['error']['error_msg'],
+			];
+		} else {
+			return null;
+		}
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * OdnoklassnikiOAuthService class file.
+ *
+ * Register application: http://dev.odnoklassniki.ru/wiki/pages/viewpage.action?pageId=13992188
+ * Manage your applications: http://www.odnoklassniki.ru/dk?st.cmd=appsInfoMyDevList&st._aid=Apps_Info_MyDev
+ * Note: Enabling this service a little more difficult because of the authorization policy of the service.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use nodge\eauth\oauth2\Service;
+
+/**
+ * Odnoklassniki.Ru provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class OdnoklassnikiOAuth2Service extends Service
+{
+
+	const SCOPE_VALUABLE_ACCESS = 'VALUABLE ACCESS';
+	const SCOPE_SET_STATUS = 'SET STATUS';
+	const SCOPE_PHOTO_CONTENT = 'PHOTO CONTENT';
+
+	protected $name = 'odnoklassniki';
+	protected $title = 'Odnoklassniki';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 680, 'height' => 500]];
+
+	protected $clientPublic;
+	protected $scopes = [];
+	protected $scopeSeparator = ';';
+	protected $providerOptions = [
+		'authorize' => 'http://www.odnoklassniki.ru/oauth/authorize',
+		'access_token' => 'http://api.odnoklassniki.ru/oauth/token.do',
+	];
+	protected $baseApiUrl = 'http://api.odnoklassniki.ru/fb.do';
+
+	protected $tokenDefaultLifetime = 1500; // about 25 minutes
+	protected $validateState = false;
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('', [
+			'query' => [
+				'method' => 'users.getCurrentUser',
+				'format' => 'JSON',
+				'application_key' => $this->clientPublic,
+				'client_id' => $this->clientId,
+			],
+		]);
+
+		$this->attributes['id'] = $info['uid'];
+		$this->attributes['name'] = $info['first_name'] . ' ' . $info['last_name'];
+
+		return true;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getClientPublic()
+	{
+		return $this->clientPublic;
+	}
+
+	/**
+	 * @param string $clientPublic
+	 */
+	public function setClientPublic($clientPublic)
+	{
+		$this->clientPublic = $clientPublic;
+	}
+
+	/**
+	 * Returns the protected resource.
+	 *
+	 * @param string $url url to request.
+	 * @param array $options HTTP request options. Keys: query, data, referer.
+	 * @param boolean $parseResponse Whether to parse response.
+	 * @return mixed the response.
+	 */
+	public function makeSignedRequest($url, $options = [], $parseResponse = true)
+	{
+		$token = $this->getAccessTokenData();
+		if (isset($token)) {
+			$params = '';
+			ksort($options['query']);
+			foreach ($options['query'] as $k => $v) {
+				$params .= $k . '=' . $v;
+			}
+			$options['query']['sig'] = md5($params . md5($token['access_token'] . $this->clientSecret));
+			$options['query']['access_token'] = $token['access_token'];
+		}
+		return parent::makeSignedRequest($url, $options, $parseResponse);
+	}
+
+	/**
+	 * Returns the error array.
+	 *
+	 * @param array $response
+	 * @return array the error array with 2 keys: code and message. Should be null if no errors.
+	 */
+	protected function fetchResponseError($response)
+	{
+		if (isset($response['error_code'])) {
+			return [
+				'code' => $response['error_code'],
+				'message' => $response['error_msg'],
+			];
+		} else {
+			return null;
+		}
+	}
+
+}
+<?php
+/**
+ * SteamOpenIDService class file.
+ *
+ * @author Dmitry Ananichev <a@qozz.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use nodge\eauth\openid\Service;
+
+/**
+ * Steam provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class SteamOpenIDService extends Service
+{
+
+	protected $name = 'steam';
+	protected $title = 'Steam';
+	protected $type = 'OpenID';
+	protected $jsArguments = ['popup' => ['width' => 990, 'height' => 615]];
+
+	protected $url = 'http://steamcommunity.com/openid/';
+
+	protected function fetchAttributes()
+	{
+		if (isset($this->attributes['id'])) {
+			$urlChunks = explode('/', $this->attributes['id']);
+			if ($count = count($urlChunks)) {
+				$name = $urlChunks[$count - 1];
+				$this->attributes['name'] = $name;
+			}
+		}
+	}
+
+}
 \ No newline at end of file
+<?php
+/**
+ * TwitterOAuthService class file.
+ *
+ * Register application: https://dev.twitter.com/apps/new
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use OAuth\OAuth1\Token\TokenInterface;
+use nodge\eauth\oauth1\Service;
+
+
+/**
+ * Twitter provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class TwitterOAuth1Service extends Service
+{
+
+	protected $name = 'twitter';
+	protected $title = 'Twitter';
+	protected $type = 'OAuth1';
+	protected $jsArguments = ['popup' => ['width' => 900, 'height' => 550]];
+
+	protected $providerOptions = [
+		'request' => 'https://api.twitter.com/oauth/request_token',
+		'authorize' => 'https://api.twitter.com/oauth/authenticate', //https://api.twitter.com/oauth/authorize
+		'access' => 'https://api.twitter.com/oauth/access_token',
+	];
+	protected $baseApiUrl = 'https://api.twitter.com/1.1/';
+	protected $tokenDefaultLifetime = TokenInterface::EOL_NEVER_EXPIRES;
+
+	/**
+	 * @return bool
+	 */
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('account/verify_credentials.json');
+
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['name'];
+		$this->attributes['url'] = 'http://twitter.com/account/redirect_by_id?id=' . $info['id_str'];
+
+		$this->attributes['username'] = $info['screen_name'];
+		$this->attributes['language'] = $info['lang'];
+		$this->attributes['timezone'] = timezone_name_from_abbr('', $info['utc_offset'], date('I'));
+		$this->attributes['photo'] = $info['profile_image_url'];
+
+		return true;
+	}
+
+	/**
+	 * Authenticate the user.
+	 *
+	 * @return boolean whether user was successfuly authenticated.
+	 */
+	public function authenticate()
+	{
+		if (isset($_GET['denied'])) {
+			$this->cancel();
+		}
+
+		return parent::authenticate();
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * VKontakteOAuth2Service class file.
+ *
+ * Register application: http://vk.com/editapp?act=create&site=1
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use nodge\eauth\oauth2\Service;
+use OAuth\OAuth2\Service\ServiceInterface;
+
+/**
+ * VKontakte provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class VKontakteOAuth2Service extends Service
+{
+
+	const SCOPE_FRIENDS = 'friends';
+
+	protected $name = 'vkontakte';
+	protected $title = 'VK.com';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 585, 'height' => 350]];
+
+	protected $scopes = [self::SCOPE_FRIENDS];
+	protected $providerOptions = [
+		'authorize' => 'http://api.vk.com/oauth/authorize',
+		'access_token' => 'https://api.vk.com/oauth/access_token',
+	];
+	protected $baseApiUrl = 'https://api.vk.com/method/';
+
+	protected function fetchAttributes()
+	{
+		$tokenData = $this->getAccessTokenData();
+		$info = $this->makeSignedRequest('users.get.json', [
+			'query' => [
+				'uids' => $tokenData['params']['user_id'],
+				'fields' => '', // uid, first_name and last_name is always available
+				'fields' => 'nickname, sex, bdate, city, country, timezone, photo, photo_medium, photo_big, photo_rec',
+			],
+		]);
+
+		$info = $info['response'][0];
+
+		$this->attributes['id'] = $info['uid'];
+		$this->attributes['name'] = $info['first_name'] . ' ' . $info['last_name'];
+		$this->attributes['url'] = 'http://vk.com/id' . $info['uid'];
+
+		if (!empty($info['nickname']))
+			$this->attributes['username'] = $info['nickname'];
+		else
+			$this->attributes['username'] = 'id'.$info['uid'];
+
+		$this->attributes['gender'] = $info['sex'] == 1 ? 'F' : 'M';
+
+		$this->attributes['city'] = $info['city'];
+		$this->attributes['country'] = $info['country'];
+
+		$this->attributes['timezone'] = timezone_name_from_abbr('', $info['timezone']*3600, date('I'));;
+
+		$this->attributes['photo'] = $info['photo'];
+		$this->attributes['photo_medium'] = $info['photo_medium'];
+		$this->attributes['photo_big'] = $info['photo_big'];
+		$this->attributes['photo_rec'] = $info['photo_rec'];
+
+		return true;
+	}
+
+	/**
+	 * Returns the error array.
+	 *
+	 * @param array $response
+	 * @return array the error array with 2 keys: code and message. Should be null if no errors.
+	 */
+	protected function fetchResponseError($response)
+	{
+		if (isset($response['error'])) {
+			return [
+				'code' => is_string($response['error']) ? 0 : $response['error']['error_code'],
+//				'message' => is_string($response['error']) ? $response['error'] : $response['error']['error_msg'],
+//				'message' => is_string($response['error']) ? $response['error'] : $response['error']['error_msg'],
+			];
+		} else {
+			return null;
+		}
+	}
+
+	/**
+	 * @param array $data
+	 * @return string|null
+	 */
+	public function getAccessTokenResponseError($data)
+	{
+		if (!isset($data['error'])) {
+			return null;
+		}
+		$error = $data['error'];
+		if (isset($data['error_description'])) {
+			$error .= ': ' . $data['error_description'];
+		}
+		return $error;
+	}
+
+	/**
+	 * Returns a class constant from ServiceInterface defining the authorization method used for the API.
+	 *
+	 * @return int
+	 */
+	public function getAuthorizationMethod()
+	{
+		return ServiceInterface::AUTHORIZATION_METHOD_QUERY_STRING;
+	}
+
+}
 \ No newline at end of file
+<?php
+/**
+ * YahooOpenIDService class file.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use nodge\eauth\openid\Service;
+
+/**
+ * Yahoo provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class YahooOpenIDService extends Service
+{
+
+	protected $name = 'yahoo';
+	protected $title = 'Yahoo';
+	protected $type = 'OpenID';
+	protected $jsArguments = ['popup' => ['width' => 880, 'height' => 520]];
+
+	protected $url = 'https://me.yahoo.com';
+	protected $requiredAttributes = [
+		'name' => ['fullname', 'namePerson'],
+		'login' => ['nickname', 'namePerson/friendly'],
+		'email' => ['email', 'contact/email'],
+	];
+	protected $optionalAttributes = [
+		'language' => ['language', 'pref/language'],
+		'gender' => ['gender', 'person/gender'],
+		'timezone' => ['timezone', 'pref/timezone'],
+		'image' => ['image', 'media/image/default'],
+	];
+
+	/*protected function fetchAttributes() {
+		$this->attributes['fullname'] = $this->attributes['name'].' '.$this->attributes['lastname'];
+		return true;
+	}*/
+}
 \ No newline at end of file
+<?php
+/**
+ * YandexOAuth2Service class file.
+ *
+ * Register application: https://oauth.yandex.ru/client/my
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace common\components\nodge\eauth\src\services;
+
+use OAuth\Common\Token\TokenInterface;
+use nodge\eauth\oauth2\Service;
+
+/**
+ * Yandex OAuth provider class.
+ *
+ * @package application.extensions.eauth.services
+ */
+class YandexOAuth2Service extends Service
+{
+
+	protected $name = 'yandex_oauth';
+	protected $title = 'Yandex';
+	protected $type = 'OAuth2';
+	protected $jsArguments = ['popup' => ['width' => 500, 'height' => 450]];
+	protected $tokenDefaultLifetime = TokenInterface::EOL_NEVER_EXPIRES;
+
+	protected $scope = [];
+	protected $providerOptions = [
+		'authorize' => 'https://oauth.yandex.ru/authorize',
+		'access_token' => 'https://oauth.yandex.ru/token',
+	];
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('https://login.yandex.ru/info');
+
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['real_name'];
+		//$this->attributes['login'] = $info['display_name'];
+		//$this->attributes['email'] = $info['emails'][0];
+		//$this->attributes['email'] = $info['default_email'];
+		$this->attributes['gender'] = ($info['sex'] == 'male') ? 'M' : 'F';
+
+		return true;
+	}
+
+}
 \ No newline at end of file
+<?php
+/**
+ * An example of extending the provider class.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\services\extended;
+
+class FacebookOAuth2Service extends \nodge\eauth\services\FacebookOAuth2Service
+{
+
+	protected $scopes = [
+		self::SCOPE_EMAIL,
+		self::SCOPE_USER_BIRTHDAY,
+		self::SCOPE_USER_HOMETOWN,
+		self::SCOPE_USER_LOCATION,
+		self::SCOPE_USER_PHOTOS,
+	];
+
+	/**
+	 * http://developers.facebook.com/docs/reference/api/user/
+	 *
+	 * @see FacebookOAuth2Service::fetchAttributes()
+	 */
+	protected function fetchAttributes()
+	{
+		$this->attributes = $this->makeSignedRequest('me');
+		return true;
+	}
+}
+<?php
+/**
+ * An example of extending the provider class.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\services\extended;
+
+class GitHubOAuth2Service extends \nodge\eauth\services\GitHubOAuth2Service
+{
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('user');
+
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['login'];
+		$this->attributes['url'] = $info['html_url'];
+
+		$this->attributes['following'] = $info['following'];
+		$this->attributes['followers'] = $info['followers'];
+		$this->attributes['public_repos'] = $info['public_repos'];
+		$this->attributes['public_gists'] = $info['public_gists'];
+		$this->attributes['avatar_url'] = $info['avatar_url'];
+
+		return true;
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * An example of extending the provider class.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\services\extended;
+
+class MailruOAuth2Service extends \nodge\eauth\services\MailruOAuth2Service
+{
+
+	protected function fetchAttributes()
+	{
+		$tokenData = $this->getAccessTokenData();
+
+		$info = $this->makeSignedRequest('/', [
+			'query' => [
+				'uids' => $tokenData['params']['x_mailru_vid'],
+				'method' => 'users.getInfo',
+				'app_id' => $this->clientId,
+			],
+		]);
+
+		$info = $info[0];
+
+		$this->attributes['id'] = $info['uid'];
+		$this->attributes['name'] = $info['first_name'] . ' ' . $info['last_name'];
+		$this->attributes['first_name'] = $info['first_name'];
+		$this->attributes['last_name'] = $info['last_name'];
+		$this->attributes['url'] = $info['link'];
+		$this->attributes['photo'] = $info['pic'];
+
+		return true;
+	}
+
+}
+<?php
+/**
+ * An example of extending the provider class.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\services\extended;
+
+class OdnoklassnikiOAuth2Service extends \nodge\eauth\services\OdnoklassnikiOAuth2Service
+{
+
+	protected $scopes = [self::SCOPE_VALUABLE_ACCESS];
+
+	protected function fetchAttributes()
+	{
+		parent::fetchAttributes();
+
+		$info = $this->makeSignedRequest('', [
+			'query' => [
+				'method' => 'users.getInfo',
+				'uids' => $this->attributes['id'],
+				'fields' => 'url_profile',
+				'format' => 'JSON',
+				'application_key' => $this->clientPublic,
+				'client_id' => $this->clientId,
+			],
+		]);
+
+		preg_match('/\d+\/{0,1}$/', $info[0]->url_profile, $matches);
+		$this->attributes['id'] = (int)$matches[0];
+		$this->attributes['url'] = $info[0]->url_profile;
+
+		return true;
+	}
+
+
+	/**
+	 * @param string $link
+	 * @param string $message
+	 * @return array
+	 */
+	public function wallPost($link, $message)
+	{
+		return $this->makeSignedRequest('', [
+			'query' => [
+				'application_key' => $this->clientPublic,
+				'method' => 'share.addLink',
+				'format' => 'JSON',
+				'linkUrl' => $link,
+				'comment' => $message,
+			],
+		]);
+	}
+
+}
+<?php
+/**
+ * An example of extending the provider class.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\services\extended;
+
+class TwitterOAuth1Service extends \nodge\eauth\services\TwitterOAuth1Service
+{
+
+	protected function fetchAttributes()
+	{
+		$info = $this->makeSignedRequest('account/verify_credentials.json');
+
+		$this->attributes['id'] = $info['id'];
+		$this->attributes['name'] = $info['name'];
+		$this->attributes['url'] = 'http://twitter.com/account/redirect_by_id?id=' . $info['id_str'];
+
+		$this->attributes['username'] = $info['screen_name'];
+		$this->attributes['language'] = $info['lang'];
+		$this->attributes['timezone'] = timezone_name_from_abbr('', $info['utc_offset'], date('I'));
+		$this->attributes['photo'] = $info['profile_image_url'];
+
+		return true;
+	}
+
+	/**
+	 * Returns the error array.
+	 *
+	 * @param array $response
+	 * @return array the error array with 2 keys: code and message. Should be null if no errors.
+	 */
+	protected function fetchResponseError($response)
+	{
+		if (isset($response['errors'])) {
+			$first = reset($response['errors']);
+			return [
+				'code' => $first['code'],
+				'message' => $first['message'],
+			];
+		}
+		return null;
+	}
+}
 \ No newline at end of file
+<?php
+/**
+ * An example of extending the provider class.
+ *
+ * @author Maxim Zemskov <nodge@yandex.ru>
+ * @link http://github.com/Nodge/yii2-eauth/
+ * @license http://www.opensource.org/licenses/bsd-license.php
+ */
+
+namespace nodge\eauth\services\extended;
+
+class VKontakteOAuth2Service extends \nodge\eauth\services\VKontakteOAuth2Service
+{
+
+	// protected $scope = 'friends';
+
+	protected function fetchAttributes()
+	{
+		$tokenData = $this->getAccessTokenData();
+		$info = $this->makeSignedRequest('users.get.json', [
+			'query' => [
+				'uids' => $tokenData['params']['user_id'],
+				'fields' => '', // uid, first_name and last_name is always available
+				'fields' => 'nickname, sex, bdate, city, country, timezone, photo, photo_medium, photo_big, photo_rec',
+			],
+		]);
+
+		$info = $info['response'][0];
+
+		$this->attributes = $info;
+		$this->attributes['id'] = $info['uid'];
+		$this->attributes['name'] = $info['first_name'] . ' ' . $info['last_name'];
+		$this->attributes['url'] = 'http://vk.com/id' . $info['uid'];
+
+		if (!empty($info['nickname'])) {
+			$this->attributes['username'] = $info['nickname'];
+		} else {
+			$this->attributes['username'] = 'id' . $info['uid'];
+		}
+
+		$this->attributes['gender'] = $info['sex'] == 1 ? 'F' : 'M';
+
+		if (!empty($info['timezone'])) {
+			$this->attributes['timezone'] = timezone_name_from_abbr('', $info['timezone'] * 3600, date('I'));
+		}
+
+		return true;
+	}
+}
+<?php
+
+use yii\web\View;
+
+/** @var $this View */
+/** @var $url string */
+/** @var $redirect bool */
+/** @var $url string */
+
+?><!DOCTYPE html>
+<html>
+<head>
+	<script type="text/javascript">
+		<?php 
+			$code = 'if (window.opener) {';
+			$code .= 'window.close();';
+			if ($redirect) {
+				$code .= 'window.opener.location = \''.addslashes($url).'\';';
+			}
+			$code .= '}';
+			$code .= 'else {';
+			if ($redirect) {
+				$code .= 'window.location = \''.addslashes($url).'\';';
+			}
+			$code .= '}';
+			echo $code;
+		?>
+	</script>
+</head>
+<body>
+
+<h2 id="title" style="display:none;">
+	<?php echo \Yii::t('eauth', 'Redirecting back to the application...'); ?>
+</h2>
+
+<h3 id="link">
+	<a href="<?php echo $url; ?>">
+		<?php echo \Yii::t('eauth', 'Click here to return to the application.'); ?>
+	</a>
+</h3>
+
+<script type="text/javascript">
+	document.getElementById('title').style.display = '';
+	document.getElementById('link').style.display = 'none';
+</script>
+
+</body>
+</html>
 \ No newline at end of file
+<?php
+
+use yii\helpers\Html;
+use yii\web\View;
+
+/** @var $this View */
+/** @var $id string */
+/** @var $services stdClass[] See EAuth::getServices() */
+/** @var $action string */
+/** @var $popup bool */
+/** @var $assetBundle string Alias to AssetBundle */
+
+Yii::createObject(['class' => $assetBundle])->register($this);
+
+// Open the authorization dilalog in popup window.
+if ($popup) {
+	$options = [];
+	foreach ($services as $name => $service) {
+		$options[$service->id] = $service->jsArguments;
+	}
+	$this->registerJs('$("#' . $id . '").eauth(' . json_encode($options) . ');');
+}
+
+?>
+<div class="eauth" id="<?php echo $id; ?>">
+	<ul class="eauth-list">
+		<?php
+		foreach ($services as $name => $service) {
+			echo '<li class="eauth-service eauth-service-id-' . $service->id . '">';
+			echo Html::a($service->title, [$action, 'service' => $name], [
+				'class' => 'eauth-service-link',
+				'data-eauth-service' => $service->id,
+			]);
+			echo '</li>';
+		}
+		?>
+	</ul>
+</div>
+# LightOpenID Change Log
+
+
+## v1.1.2 (January 15, 2013)
+
+`fix` Fixed a bug in the proxy configuration.  
+
+
+## v1.1.1 (December 21, 2012)
+
+`add` Added support for overriding the initial URL XRDS lookup.  
+
+
+## v1.1.0 (December 02, 2012)
+
+`add` Added support for connecting through a proxy.  
+`add` Added support for an OpenID+OAuth hybrid protocol.  
+`add` Added SSL-validation support for HEAD-requests.  
+`fix` Fixed a bug in the attribute exchange implementation.  
+`fix` Fixed a bug in stream defaults after a HEAD request.  
+
+
+## v1.0.0 (June 08, 2012)
+`fix` Fixed a bug causing validation failure when using streams.
+Copyright (c) 2010, Mewp
+
+Permission is hereby granted, free of charge, to any person obtaining a copy 
+of this software and associated documentation files (the "Software"), to deal 
+in the Software without restriction, including without limitation the rights 
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
+copies of the Software, and to permit persons to whom the Software is 
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in 
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 
+THE SOFTWARE.
 \ No newline at end of file
+# LightOpenID
+
+Lightweight PHP5 library for easy OpenID authentication.
+
+* `Version....:` [**1.1.2** :arrow_double_down:][1]
+                 ( *see [the change log][2] for details* )
+* `Released on:` January 15, 2013
+* `Source code:` [Gitorious :link:][3]
+                 &nbsp;
+                 [GitHub :octocat:][4]
+* `Homepage...:` http://code.google.com/p/lightopenid/
+* `Author.....:` Mewp (http://mewp.s4w.pl/)
+
+[1]: https://github.com/iignatov/LightOpenID/archive/master.zip
+[2]: http://github.com/iignatov/LightOpenID/blob/master/CHANGELOG.md
+[3]: http://gitorious.org/lightopenid
+[4]: http://github.com/iignatov/LightOpenID
+
+
+## Quick start
+
+### Sign-on with OpenID in just 2 steps:
+  
+  1. Authentication with the provider:
+
+     ```php
+     $openid = new LightOpenID('my-host.example.org');
+     
+     $openid->identity = 'ID supplied by user';
+     
+     header('Location: ' . $openid->authUrl());
+     ```
+  2. Verification:
+
+     ```php
+     $openid = new LightOpenID('my-host.example.org');
+     
+     if ($openid->mode) {
+       echo $openid->validate() ? 'Logged in.' : 'Failed!';
+     }
+     ```
+
+### Support for AX and SREG extensions:
+  
+  To use the AX and SREG extensions, specify `$openid->required` and/or `$openid->optional` 
+  before calling `$openid->authUrl()`. These are arrays, with values being AX schema paths 
+  (the 'path' part of the URL). For example:
+
+  ```php
+  $openid->required = array('namePerson/friendly', 'contact/email');
+  $openid->optional = array('namePerson/first');
+  ```
+
+  Note that if the server supports only SREG or OpenID 1.1, these are automaticaly mapped 
+  to SREG names. To get the values use:
+
+  ```php  
+  $openid->getAttributes();
+  ```
+
+  For more information see [USAGE.md](http://github.com/iignatov/LightOpenID/blob/master/USAGE.md).
+
+
+## Requirements
+
+This library requires PHP >= 5.1.2 with cURL or HTTP/HTTPS stream wrappers enabled.
+
+
+## Features
+
+* Easy to use - you can code a functional client in less than ten lines of code.
+* Uses cURL if avaiable, PHP-streams otherwise.
+* Supports both OpenID 1.1 and 2.0.
+* Supports Yadis discovery.
+* Supports only stateless/dumb protocol.
+* Works with PHP >= 5.
+* Generates no errors with `error_reporting(E_ALL | E_STRICT)`.
+
+
+## Links
+
+* [JavaScript OpenID Selector](http://code.google.com/p/openid-selector/) -
+  simple user interface that can be used with LightOpenID.
+* [HybridAuth](http://hybridauth.sourceforge.net/) -
+  easy to install and use social sign on PHP library, which uses LightOpenID.
+* [OpenID Dev Specifications](http://openid.net/developers/specs/) -
+  documentation for the OpenID extensions and related topics.
+
+
+## License
+
+[LightOpenID](http://github.com/iignatov/LightOpenID)
+is an open source software available under the
+[MIT License](http://opensource.org/licenses/mit-license.php).
+# LightOpenID Quick Start
+
+
+## Sign-on with OpenID is a two step process:
+  
+  1. Step one is authentication with the provider:
+
+     ```php
+     $openid = new LightOpenID('my-host.example.org');
+     
+     $openid->identity = 'ID supplied by the user';
+     
+     header('Location: ' . $openid->authUrl());
+     ```
+
+     The provider then sends various parameters via GET, one of which is `openid_mode`.
+ 
+  2. Step two is verification:
+
+     ```php
+     $openid = new LightOpenID('my-host.example.org');
+     
+     if ($openid->mode) {
+       echo $openid->validate() ? 'Logged in.' : 'Failed!';
+     }
+     ```
+
+
+### Notes:
+
+  Change 'my-host.example.org' to your domain name. Do NOT use `$_SERVER['HTTP_HOST']`
+  for that, unless you know what you're doing.
+     
+  Optionally, you can set `$returnUrl` and `$realm` (or `$trustRoot`, which is an alias).
+  The default values for those are:
+
+  ```php
+  $openid->realm = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'];
+  $openid->returnUrl = $openid->realm . $_SERVER['REQUEST_URI'];
+  ```
+
+  If you don't know their meaning, refer to any OpenID tutorial, or specification.
+
+
+## Basic configuration options:
+
+<table>
+  <tr>
+    <th>name</th>
+    <th>description</th>
+  </tr>
+  <tr>
+    <td>identity</td>
+    <td>
+      Sets (or gets) the identity supplied by an user. Set it
+      before calling authUrl(), and get after validate().
+    </td>
+  </tr>
+  <tr>
+    <td>returnUrl</td>
+    <td>
+      Users will be redirected to this url after they complete 
+      authentication with their provider. Default: current url.
+    </td>
+  </tr>
+  <tr>
+    <td>realm</td>
+    <td>
+      The realm user is signing into. Providers usually say 
+      "You are sgning into $realm". Must be in the same domain
+      as returnUrl. Usually, this should be the host part of
+      your site's url. And that's the default.
+    </td>
+  </tr>
+  <tr>
+    <td>required and optional</td>
+    <td>
+      Attempts to fetch more information about an user.
+      See <a href="#common-ax-attributes">Common AX attributes</a>.
+    </td>
+  </tr>
+  <tr>
+    <td>verify_peer</td>
+    <td>
+      When using https, attempts to verify peer's certificate.
+      See <a href="http://php.net/manual/en/function.curl-setopt.php">CURLOPT_SSL_VERIFYPEER</a>.
+    </td>
+  </tr>
+  <tr>
+    <td>cainfo and capath</td>
+    <td>
+      When verify_peer is true, sets the CA info file and directory.
+      See <a href="http://php.net/manual/en/function.curl-setopt.php">CURLOPT_SSL_CAINFO</a>
+      and <a href="http://php.net/manual/en/function.curl-setopt.php">CURLOPT_SSL_CAPATH</a>.
+    </td>
+  </tr>
+</table>
+
+
+## AX and SREG extensions are supported:
+
+  To use them, specify `$openid->required` and/or `$openid->optional` before calling
+  `$openid->authUrl()`. These are arrays, with values being AX schema paths (the 'path'
+  part of the URL). For example:
+
+  ```php
+  $openid->required = array('namePerson/friendly', 'contact/email');
+  $openid->optional = array('namePerson/first');
+  ```
+
+  Note that if the server supports only SREG or OpenID 1.1, these are automaticaly mapped 
+  to SREG names, so that user doesn't have to know anything about the server.
+  To get the values, use `$openid->getAttributes()`.
+
+
+### Common AX attributes
+
+  Here is a list of the more common AX attributes (from [axschema.org](http://www.axschema.org/types/)):
+
+  Name                    | Meaning
+  ------------------------|---------------
+  namePerson/friendly     | Alias/Username
+  contact/email           | Email
+  namePerson              | Full name
+  birthDate               | Birth date
+  person/gender           | Gender
+  contact/postalCode/home | Postal code
+  contact/country/home    | Country
+  pref/language           | Language
+  pref/timezone           | Time zone
+
+  Note that even if you mark some field as required, there is no guarantee that you'll get any
+  information from a provider. Not all providers support all of these attributes, and some don't
+  support these extensions at all.
+
+  Google, for example, completely ignores optional parameters, and for the required ones, it supports,
+  according to [it's website](http://code.google.com/apis/accounts/docs/OpenID.html):
+
+  * namePerson/first (first name)
+  * namePerson/last (last name)
+  * contact/country/home
+  * contact/email
+  * pref/language
+
+{
+	"name": "nodge/lightopenid",
+	"description": "Lightweight PHP5 library for easy OpenID authentication.",
+	"keywords": ["openid", "authentication"],
+	"homepage": "https://github.com/Nodge/LightOpenID",
+	"type": "library",
+	"license": "MIT License",
+	"authors": [
+		{
+			"name": "Mewp",
+			"homepage": "http://code.google.com/p/lightopenid/"
+		},
+		{
+			"name": "Ignat Ignatov",
+			"homepage": "https://github.com/iignatov/LightOpenID"
+		}
+	],
+	"require": {
+		"php": ">=5.2"
+	},
+	"autoload": {
+		"classmap": ["openid.php", "provider/provider.php"]
+	}
+}
 \ No newline at end of file
+<?php
+# Logging in with Google accounts requires setting special identity,
+# so this example shows how to do it.
+require 'openid.php';
+
+try {
+    # Change 'example.org' to your domain name.
+    $domain = 'example.org';
+    $openid = new LightOpenID($domain);
+    
+    if (!$openid->mode) {
+        if (isset($_GET['login'])) {
+            $openid->identity = 'https://www.google.com/accounts/o8/id';
+            header('Location: ' . $openid->authUrl());
+        }
+?>
+<form action="?login" method="post">
+    <button>Login with Google</button>
+</form>
+<?php
+    } elseif($openid->mode == 'cancel') {
+        echo 'User has canceled authentication!';
+    } else {
+        echo 'User ' . ($openid->validate() ? $openid->identity . ' has ' : 'has not ') . 'logged in.';
+    }
+} catch(ErrorException $e) {
+    echo $e->getMessage();
+}
+<?php
+# Logging in with Google Apps accounts requires setting special identity
+# and XRDS override, so this example shows how to do it.
+require 'openid.php';
+
+try {
+    # Change 'example.org' to your domain name.
+    $domain = 'example.org';
+    $openid = new LightOpenID($domain);
+    $openid->xrdsOverride = array(
+        '#^http://' . $domain . '/openid\?id=\d+$#',
+        'https://www.google.com/accounts/o8/site-xrds?hd=' . $domain
+    );
+    
+    if (!$openid->mode) {
+        if (isset($_GET['login'])) {
+            $openid->identity = 'https://www.google.com/accounts/o8/site-xrds?hd=' . $domain;
+            header('Location: ' . $openid->authUrl());
+        }
+?>
+<form action="?login" method="post">
+    <button>Login with Google</button>
+</form>
+<?php
+    } elseif($openid->mode == 'cancel') {
+        echo 'User has canceled authentication!';
+    } else {
+        echo 'User ' . ($openid->validate() ? $openid->identity . ' has ' : 'has not ') . 'logged in.';
+    }
+} catch(ErrorException $e) {
+    echo $e->getMessage();
+}
+<?php
+require 'openid.php';
+try {
+    # Change 'localhost' to your domain name.
+    $openid = new LightOpenID('localhost');
+    if(!$openid->mode) {
+        if(isset($_POST['openid_identifier'])) {
+            $openid->identity = $_POST['openid_identifier'];
+            # The following two lines request email, full name, and a nickname
+            # from the provider. Remove them if you don't need that data.
+            $openid->required = array('contact/email');
+            $openid->optional = array('namePerson', 'namePerson/friendly');
+            header('Location: ' . $openid->authUrl());
+        }
+?>
+<form action="" method="post">
+    OpenID: <input type="text" name="openid_identifier" /> <button>Submit</button>
+</form>
+<?php
+    } elseif($openid->mode == 'cancel') {
+        echo 'User has canceled authentication!';
+    } else {
+        echo 'User ' . ($openid->validate() ? $openid->identity . ' has ' : 'has not ') . 'logged in.';
+	print_r($openid->getAttributes());
+    }
+} catch(ErrorException $e) {
+    echo $e->getMessage();
+}
+<?php
+/**
+ * This class provides a simple interface for OpenID 1.1/2.0 authentication.
+ * 
+ * It requires PHP >= 5.1.2 with cURL or HTTP/HTTPS stream wrappers enabled.
+ *
+ * @version v1.1.2 2013-01-15
+ * @link http://gitorious.org/lightopenid Official Repo
+ * @link http://github.com/iignatov/LightOpenID GitHub Clone
+ * @author Mewp
+ * @copyright Copyright (c) 2010, Mewp
+ * @license http://www.opensource.org/licenses/mit-license.php MIT License
+ */
+class LightOpenID
+{
+    public $returnUrl
+         , $required = array()
+         , $optional = array()
+         , $verify_peer = null
+         , $capath = null
+         , $cainfo = null
+         , $data
+         , $oauth = array();
+    private $identity, $claimed_id;
+    protected $server, $version, $trustRoot, $aliases, $identifier_select = false
+            , $ax = false, $sreg = false, $setup_url = null, $headers = array(), $proxy = null
+            , $xrds_override_pattern = null, $xrds_override_replacement = null;
+    static protected $ax_to_sreg = array(
+        'namePerson/friendly'     => 'nickname',
+        'contact/email'           => 'email',
+        'namePerson'              => 'fullname',
+        'birthDate'               => 'dob',
+        'person/gender'           => 'gender',
+        'contact/postalCode/home' => 'postcode',
+        'contact/country/home'    => 'country',
+        'pref/language'           => 'language',
+        'pref/timezone'           => 'timezone',
+        );
+
+    function __construct($host, $proxy = null)
+    {
+        $this->trustRoot = (strpos($host, '://') ? $host : 'http://' . $host);
+        if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')
+            || (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])
+            && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
+        ) {
+            $this->trustRoot = (strpos($host, '://') ? $host : 'https://' . $host);
+        }
+
+        if(($host_end = strpos($this->trustRoot, '/', 8)) !== false) {
+            $this->trustRoot = substr($this->trustRoot, 0, $host_end);
+        }
+        
+        $this->set_proxy($proxy);
+
+        $uri = rtrim(preg_replace('#((?<=\?)|&)openid\.[^&]+#', '', $_SERVER['REQUEST_URI']), '?');
+        $this->returnUrl = $this->trustRoot . $uri;
+
+        $this->data = ($_SERVER['REQUEST_METHOD'] === 'POST') ? $_POST : $_GET;
+
+        if(!function_exists('curl_init') && !in_array('https', stream_get_wrappers())) {
+            throw new ErrorException('You must have either https wrappers or curl enabled.');
+        }
+    }
+
+    function __set($name, $value)
+    {
+        switch ($name) {
+        case 'identity':
+            if (strlen($value = trim((String) $value))) {
+                if (preg_match('#^xri:/*#i', $value, $m)) {
+                    $value = substr($value, strlen($m[0]));
+                } elseif (!preg_match('/^(?:[=@+\$!\(]|https?:)/i', $value)) {
+                    $value = "http://$value";
+                }
+                if (preg_match('#^https?://[^/]+$#i', $value, $m)) {
+                    $value .= '/';
+                }
+            }
+            $this->$name = $this->claimed_id = $value;
+            break;
+        case 'trustRoot':
+        case 'realm':
+            $this->trustRoot = trim($value);
+            break;
+        case 'xrdsOverride':
+            if (is_array($value)) {
+                list($pattern, $replacement) = $value;
+                $this->xrds_override_pattern = $pattern;
+                $this->xrds_override_replacement = $replacement;
+            } else {
+                trigger_error('Invalid value specified for "xrdsOverride".', E_USER_ERROR);
+            }
+            break;
+        }
+    }
+
+    function __get($name)
+    {
+        switch ($name) {
+        case 'identity':
+            # We return claimed_id instead of identity,
+            # because the developer should see the claimed identifier,
+            # i.e. what he set as identity, not the op-local identifier (which is what we verify)
+            return $this->claimed_id;
+        case 'trustRoot':
+        case 'realm':
+            return $this->trustRoot;
+        case 'mode':
+            return empty($this->data['openid_mode']) ? null : $this->data['openid_mode'];
+        }
+    }
+    
+    function set_proxy($proxy)
+    {
+        if (!empty($proxy)) {
+            // When the proxy is a string - try to parse it.
+            if (!is_array($proxy)) {
+                $proxy = parse_url($proxy);
+            }
+            
+            // Check if $proxy is valid after the parsing.
+            if ($proxy && !empty($proxy['host'])) {
+                // Make sure that a valid port number is specified.
+                if (array_key_exists('port', $proxy)) {
+                    if (!is_int($proxy['port'])) {
+                        $proxy['port'] = is_numeric($proxy['port']) ? intval($proxy['port']) : 0;
+                    }
+                    
+                    if ($proxy['port'] <= 0) {
+                        throw new ErrorException('The specified proxy port number is invalid.');
+                    }
+                }
+                
+                $this->proxy = $proxy;
+            }
+        }
+    }
+
+    /**
+     * Checks if the server specified in the url exists.
+     *
+     * @param $url url to check
+     * @return true, if the server exists; false otherwise
+     */
+    function hostExists($url)
+    {
+        if (strpos($url, '/') === false) {
+            $server = $url;
+        } else {
+            $server = @parse_url($url, PHP_URL_HOST);
+        }
+
+        if (!$server) {
+            return false;
+        }
+
+        return !!gethostbynamel($server);
+    }
+
+    protected function request_curl($url, $method='GET', $params=array(), $update_claimed_id)
+    {
+        $params = http_build_query($params, '', '&');
+        $curl = curl_init($url . ($method == 'GET' && $params ? '?' . $params : ''));
+        curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
+        curl_setopt($curl, CURLOPT_HEADER, false);
+        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
+        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($curl, CURLOPT_HTTPHEADER, array('Accept: application/xrds+xml, */*'));
+        
+        if (!empty($this->proxy)) {
+            curl_setopt($curl, CURLOPT_PROXY, $this->proxy['host']);
+            
+            if (!empty($this->proxy['port'])) {
+                curl_setopt($curl, CURLOPT_PROXYPORT, $this->proxy['port']);
+            }
+            
+            if (!empty($this->proxy['user'])) {
+                curl_setopt($curl, CURLOPT_PROXYUSERPWD, $this->proxy['user'] . ':' . $this->proxy['pass']);            
+            }
+        }
+
+        if($this->verify_peer !== null) {
+            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verify_peer);
+            if($this->capath) {
+                curl_setopt($curl, CURLOPT_CAPATH, $this->capath);
+            }
+
+            if($this->cainfo) {
+                curl_setopt($curl, CURLOPT_CAINFO, $this->cainfo);
+            }
+        }
+
+        if ($method == 'POST') {
+            curl_setopt($curl, CURLOPT_POST, true);
+            curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
+        } elseif ($method == 'HEAD') {
+            curl_setopt($curl, CURLOPT_HEADER, true);
+            curl_setopt($curl, CURLOPT_NOBODY, true);
+        } else {
+            curl_setopt($curl, CURLOPT_HEADER, true);
+            curl_setopt($curl, CURLOPT_HTTPGET, true);
+        }
+        $response = curl_exec($curl);
+
+        if($method == 'HEAD' && curl_getinfo($curl, CURLINFO_HTTP_CODE) == 405) {
+            curl_setopt($curl, CURLOPT_HTTPGET, true);
+            $response = curl_exec($curl);
+            $response = substr($response, 0, strpos($response, "\r\n\r\n"));
+        }
+
+        if($method == 'HEAD' || $method == 'GET') {
+            $header_response = $response;
+
+            # If it's a GET request, we want to only parse the header part.
+            if($method == 'GET') {
+                $header_response = substr($response, 0, strpos($response, "\r\n\r\n"));
+            }
+
+            $headers = array();
+            foreach(explode("\n", $header_response) as $header) {
+                $pos = strpos($header,':');
+                if ($pos !== false) {
+                    $name = strtolower(trim(substr($header, 0, $pos)));
+                    $headers[$name] = trim(substr($header, $pos+1));
+                }
+            }
+
+            if($update_claimed_id) {
+                # Updating claimed_id in case of redirections.
+                $effective_url = curl_getinfo($curl, CURLINFO_EFFECTIVE_URL);
+                if($effective_url != $url) {
+                    $this->identity = $this->claimed_id = $effective_url;
+                }
+            }
+
+            if($method == 'HEAD') {
+                return $headers;
+            } else {
+                $this->headers = $headers;
+            }
+        }
+
+        if (curl_errno($curl)) {
+            throw new ErrorException(curl_error($curl), curl_errno($curl));
+        }
+
+        return $response;
+    }
+
+    protected function parse_header_array($array, $update_claimed_id)
+    {
+        $headers = array();
+        foreach($array as $header) {
+            $pos = strpos($header,':');
+            if ($pos !== false) {
+                $name = strtolower(trim(substr($header, 0, $pos)));
+                $headers[$name] = trim(substr($header, $pos+1));
+
+                # Following possible redirections. The point is just to have
+                # claimed_id change with them, because the redirections
+                # are followed automatically.
+                # We ignore redirections with relative paths.
+                # If any known provider uses them, file a bug report.
+                if($name == 'location' && $update_claimed_id) {
+                    if(strpos($headers[$name], 'http') === 0) {
+                        $this->identity = $this->claimed_id = $headers[$name];
+                    } elseif($headers[$name][0] == '/') {
+                        $parsed_url = parse_url($this->claimed_id);
+                        $this->identity =
+                        $this->claimed_id = $parsed_url['scheme'] . '://'
+                                          . $parsed_url['host']
+                                          . $headers[$name];
+                    }
+                }
+            }
+        }
+        return $headers;
+    }
+
+    protected function request_streams($url, $method='GET', $params=array(), $update_claimed_id)
+    {
+        if(!$this->hostExists($url)) {
+            throw new ErrorException("Could not connect to $url.", 404);
+        }
+
+        $params = http_build_query($params, '', '&');
+        switch($method) {
+        case 'GET':
+            $opts = array(
+                'http' => array(
+                    'method' => 'GET',
+                    'header' => 'Accept: application/xrds+xml, */*',
+                    'ignore_errors' => true,
+                ), 'ssl' => array(
+                    'CN_match' => parse_url($url, PHP_URL_HOST),
+                ),
+            );
+            $url = $url . ($params ? '?' . $params : '');
+            if (!empty($this->proxy)) {
+                $opts['http']['proxy'] = $this->proxy_url();
+            }
+            break;
+        case 'POST':
+            $opts = array(
+                'http' => array(
+                    'method' => 'POST',
+                    'header'  => 'Content-type: application/x-www-form-urlencoded',
+                    'content' => $params,
+                    'ignore_errors' => true,
+                ), 'ssl' => array(
+                    'CN_match' => parse_url($url, PHP_URL_HOST),
+                ),
+            );
+            if (!empty($this->proxy)) {
+                $opts['http']['proxy'] = $this->proxy_url();
+            }
+            break;
+        case 'HEAD':
+            // We want to send a HEAD request, but since get_headers() doesn't 
+            // accept $context parameter, we have to change the defaults.
+            $default = stream_context_get_options(stream_context_get_default());
+            
+            // PHP does not reset all options. Instead, it just sets the options
+            // available in the passed array, therefore set the defaults manually.
+            $default += array(
+                'http' => array(),
+                'ssl' => array()
+            );
+            $default['http'] += array(
+                'method' => 'GET',
+                'header' => '',
+                'ignore_errors' => false
+            );
+            $default['ssl'] += array(
+                'CN_match' => ''
+            );
+            
+            $opts = array(
+                'http' => array(
+                    'method' => 'HEAD',
+                    'header' => 'Accept: application/xrds+xml, */*',
+                    'ignore_errors' => true,
+                ),
+                'ssl' => array(
+                    'CN_match' => parse_url($url, PHP_URL_HOST)
+                )
+            );
+            
+            // Enable validation of the SSL certificates.
+            if ($this->verify_peer) {
+                $default['ssl'] += array(
+                    'verify_peer' => false,
+                    'capath' => '',
+                    'cafile' => ''
+                );
+                $opts['ssl'] += array(
+                    'verify_peer' => true,
+                    'capath' => $this->capath,
+                    'cafile' => $this->cainfo
+                );
+            }
+            
+            // Change the stream context options.
+            stream_context_get_default($opts);
+            
+            $headers = get_headers($url . ($params ? '?' . $params : ''));
+            
+            // Restore the stream context options.
+            stream_context_get_default($default);
+            
+            if (!empty($headers)) {
+                if (intval(substr($headers[0], strlen('HTTP/1.1 '))) == 405) {
+                    // The server doesn't support HEAD - emulate it with a GET.
+                    $args = func_get_args();
+                    $args[1] = 'GET';
+                    call_user_func_array(array($this, 'request_streams'), $args);
+                    $headers = $this->headers;
+                } else {
+                    $headers = $this->parse_header_array($headers, $update_claimed_id);
+                }
+            } else {
+                $headers = array();
+            }
+            
+            return $headers;
+        }
+
+        if ($this->verify_peer) {
+            $opts['ssl'] += array(
+                'verify_peer' => true,
+                'capath'      => $this->capath,
+                'cafile'      => $this->cainfo
+            );
+        }
+
+        $context = stream_context_create ($opts);
+        $data = file_get_contents($url, false, $context);
+        # This is a hack for providers who don't support HEAD requests.
+        # It just creates the headers array for the last request in $this->headers.
+        if(isset($http_response_header)) {
+            $this->headers = $this->parse_header_array($http_response_header, $update_claimed_id);
+        }
+
+        return $data;
+    }
+
+    protected function request($url, $method='GET', $params=array(), $update_claimed_id=false)
+    {
+        if (function_exists('curl_init')
+            && (!in_array('https', stream_get_wrappers()) || !ini_get('safe_mode') && !ini_get('open_basedir'))
+        ) {
+            return $this->request_curl($url, $method, $params, $update_claimed_id);
+        }
+        return $this->request_streams($url, $method, $params, $update_claimed_id);
+    }
+    
+    protected function proxy_url()
+    {
+        $result = '';
+        
+        if (!empty($this->proxy)) {
+            $result = $this->proxy['host'];
+            
+            if (!empty($this->proxy['port'])) {
+                $result = $result . ':' . $this->proxy['port'];
+            }
+            
+            if (!empty($this->proxy['user'])) {
+                $result = $this->proxy['user'] . ':' . $this->proxy['pass'] . '@' . $result;
+            }
+            
+            $result = 'http://' . $result;
+        }
+        
+        return $result;
+    }
+
+    protected function build_url($url, $parts)
+    {
+        if (isset($url['query'], $parts['query'])) {
+            $parts['query'] = $url['query'] . '&' . $parts['query'];
+        }
+
+        $url = $parts + $url;
+        $url = $url['scheme'] . '://'
+             . (empty($url['username'])?''
+                 :(empty($url['password'])? "{$url['username']}@"
+                 :"{$url['username']}:{$url['password']}@"))
+             . $url['host']
+             . (empty($url['port'])?'':":{$url['port']}")
+             . (empty($url['path'])?'':$url['path'])
+             . (empty($url['query'])?'':"?{$url['query']}")
+             . (empty($url['fragment'])?'':"#{$url['fragment']}");
+        return $url;
+    }
+
+    /**
+     * Helper function used to scan for <meta>/<link> tags and extract information
+     * from them
+     */
+    protected function htmlTag($content, $tag, $attrName, $attrValue, $valueName)
+    {
+        preg_match_all("#<{$tag}[^>]*$attrName=['\"].*?$attrValue.*?['\"][^>]*$valueName=['\"](.+?)['\"][^>]*/?>#i", $content, $matches1);
+        preg_match_all("#<{$tag}[^>]*$valueName=['\"](.+?)['\"][^>]*$attrName=['\"].*?$attrValue.*?['\"][^>]*/?>#i", $content, $matches2);
+
+        $result = array_merge($matches1[1], $matches2[1]);
+        return empty($result)?false:$result[0];
+    }
+
+    /**
+     * Performs Yadis and HTML discovery. Normally not used.
+     * @param $url Identity URL.
+     * @return String OP Endpoint (i.e. OpenID provider address).
+     * @throws ErrorException
+     */
+    function discover($url)
+    {
+        if (!$url) throw new ErrorException('No identity supplied.');
+        # Use xri.net proxy to resolve i-name identities
+        if (!preg_match('#^https?:#', $url)) {
+            $url = "https://xri.net/$url";
+        }
+
+        # We save the original url in case of Yadis discovery failure.
+        # It can happen when we'll be lead to an XRDS document
+        # which does not have any OpenID2 services.
+        $originalUrl = $url;
+
+        # A flag to disable yadis discovery in case of failure in headers.
+        $yadis = true;
+        
+        # Allows optional regex replacement of the URL, e.g. to use Google Apps
+        # as an OpenID provider without setting up XRDS on the domain hosting.
+        if (!is_null($this->xrds_override_pattern) && !is_null($this->xrds_override_replacement)) {
+            $url = preg_replace($this->xrds_override_pattern, $this->xrds_override_replacement, $url);
+        }
+
+        # We'll jump a maximum of 5 times, to avoid endless redirections.
+        for ($i = 0; $i < 5; $i ++) {
+            if ($yadis) {
+                $headers = $this->request($url, 'HEAD', array(), true);
+
+                $next = false;
+                if (isset($headers['x-xrds-location'])) {
+                    $url = $this->build_url(parse_url($url), parse_url(trim($headers['x-xrds-location'])));
+                    $next = true;
+                }
+
+                if (isset($headers['content-type'])
+                    && (strpos($headers['content-type'], 'application/xrds+xml') !== false
+                        || strpos($headers['content-type'], 'text/xml') !== false)
+                ) {
+                    # Apparently, some providers return XRDS documents as text/html.
+                    # While it is against the spec, allowing this here shouldn't break
+                    # compatibility with anything.
+                    # ---
+                    # Found an XRDS document, now let's find the server, and optionally delegate.
+                    $content = $this->request($url, 'GET');
+
+                    preg_match_all('#<Service.*?>(.*?)</Service>#s', $content, $m);
+                    foreach($m[1] as $content) {
+                        $content = ' ' . $content; # The space is added, so that strpos doesn't return 0.
+
+                        # OpenID 2
+                        $ns = preg_quote('http://specs.openid.net/auth/2.0/', '#');
+                        if(preg_match('#<Type>\s*'.$ns.'(server|signon)\s*</Type>#s', $content, $type)) {
+                            if ($type[1] == 'server') $this->identifier_select = true;
+
+                            preg_match('#<URI.*?>(.*)</URI>#', $content, $server);
+                            preg_match('#<(Local|Canonical)ID>(.*)</\1ID>#', $content, $delegate);
+                            if (empty($server)) {
+                                return false;
+                            }
+                            # Does the server advertise support for either AX or SREG?
+                            $this->ax   = (bool) strpos($content, '<Type>http://openid.net/srv/ax/1.0</Type>');
+                            $this->sreg = strpos($content, '<Type>http://openid.net/sreg/1.0</Type>')
+                                       || strpos($content, '<Type>http://openid.net/extensions/sreg/1.1</Type>');
+
+                            $server = $server[1];
+                            if (isset($delegate[2])) $this->identity = trim($delegate[2]);
+                            $this->version = 2;
+
+                            $this->server = $server;
+                            return $server;
+                        }
+
+                        # OpenID 1.1
+                        $ns = preg_quote('http://openid.net/signon/1.1', '#');
+                        if (preg_match('#<Type>\s*'.$ns.'\s*</Type>#s', $content)) {
+
+                            preg_match('#<URI.*?>(.*)</URI>#', $content, $server);
+                            preg_match('#<.*?Delegate>(.*)</.*?Delegate>#', $content, $delegate);
+                            if (empty($server)) {
+                                return false;
+                            }
+                            # AX can be used only with OpenID 2.0, so checking only SREG
+                            $this->sreg = strpos($content, '<Type>http://openid.net/sreg/1.0</Type>')
+                                       || strpos($content, '<Type>http://openid.net/extensions/sreg/1.1</Type>');
+
+                            $server = $server[1];
+                            if (isset($delegate[1])) $this->identity = $delegate[1];
+                            $this->version = 1;
+
+                            $this->server = $server;
+                            return $server;
+                        }
+                    }
+
+                    $next = true;
+                    $yadis = false;
+                    $url = $originalUrl;
+                    $content = null;
+                    break;
+                }
+                if ($next) continue;
+
+                # There are no relevant information in headers, so we search the body.
+                $content = $this->request($url, 'GET', array(), true);
+
+                if (isset($this->headers['x-xrds-location'])) {
+                    $url = $this->build_url(parse_url($url), parse_url(trim($this->headers['x-xrds-location'])));
+                    continue;
+                }
+
+                $location = $this->htmlTag($content, 'meta', 'http-equiv', 'X-XRDS-Location', 'content');
+                if ($location) {
+                    $url = $this->build_url(parse_url($url), parse_url($location));
+                    continue;
+                }
+            }
+
+            if (!$content) $content = $this->request($url, 'GET');
+
+            # At this point, the YADIS Discovery has failed, so we'll switch
+            # to openid2 HTML discovery, then fallback to openid 1.1 discovery.
+            $server   = $this->htmlTag($content, 'link', 'rel', 'openid2.provider', 'href');
+            $delegate = $this->htmlTag($content, 'link', 'rel', 'openid2.local_id', 'href');
+            $this->version = 2;
+
+            if (!$server) {
+                # The same with openid 1.1
+                $server   = $this->htmlTag($content, 'link', 'rel', 'openid.server', 'href');
+                $delegate = $this->htmlTag($content, 'link', 'rel', 'openid.delegate', 'href');
+                $this->version = 1;
+            }
+
+            if ($server) {
+                # We found an OpenID2 OP Endpoint
+                if ($delegate) {
+                    # We have also found an OP-Local ID.
+                    $this->identity = $delegate;
+                }
+                $this->server = $server;
+                return $server;
+            }
+
+            throw new ErrorException("No OpenID Server found at $url", 404);
+        }
+        throw new ErrorException('Endless redirection!', 500);
+    }
+
+    protected function sregParams()
+    {
+        $params = array();
+        # We always use SREG 1.1, even if the server is advertising only support for 1.0.
+        # That's because it's fully backwards compatibile with 1.0, and some providers
+        # advertise 1.0 even if they accept only 1.1. One such provider is myopenid.com
+        $params['openid.ns.sreg'] = 'http://openid.net/extensions/sreg/1.1';
+        if ($this->required) {
+            $params['openid.sreg.required'] = array();
+            foreach ($this->required as $required) {
+                if (!isset(self::$ax_to_sreg[$required])) continue;
+                $params['openid.sreg.required'][] = self::$ax_to_sreg[$required];
+            }
+            $params['openid.sreg.required'] = implode(',', $params['openid.sreg.required']);
+        }
+
+        if ($this->optional) {
+            $params['openid.sreg.optional'] = array();
+            foreach ($this->optional as $optional) {
+                if (!isset(self::$ax_to_sreg[$optional])) continue;
+                $params['openid.sreg.optional'][] = self::$ax_to_sreg[$optional];
+            }
+            $params['openid.sreg.optional'] = implode(',', $params['openid.sreg.optional']);
+        }
+        return $params;
+    }
+
+    protected function axParams()
+    {
+        $params = array();
+        if ($this->required || $this->optional) {
+            $params['openid.ns.ax'] = 'http://openid.net/srv/ax/1.0';
+            $params['openid.ax.mode'] = 'fetch_request';
+            $this->aliases  = array();
+            $counts   = array();
+            $required = array();
+            $optional = array();
+            foreach (array('required','optional') as $type) {
+                foreach ($this->$type as $alias => $field) {
+                    if (is_int($alias)) $alias = strtr($field, '/', '_');
+                    $this->aliases[$alias] = 'http://axschema.org/' . $field;
+                    if (empty($counts[$alias])) $counts[$alias] = 0;
+                    $counts[$alias] += 1;
+                    ${$type}[] = $alias;
+                }
+            }
+            foreach ($this->aliases as $alias => $ns) {
+                $params['openid.ax.type.' . $alias] = $ns;
+            }
+            foreach ($counts as $alias => $count) {
+                if ($count == 1) continue;
+                $params['openid.ax.count.' . $alias] = $count;
+            }
+
+            # Don't send empty ax.requied and ax.if_available.
+            # Google and possibly other providers refuse to support ax when one of these is empty.
+            if($required) {
+                $params['openid.ax.required'] = implode(',', $required);
+            }
+            if($optional) {
+                $params['openid.ax.if_available'] = implode(',', $optional);
+            }
+        }
+        return $params;
+    }
+
+    protected function authUrl_v1($immediate)
+    {
+        $returnUrl = $this->returnUrl;
+        # If we have an openid.delegate that is different from our claimed id,
+        # we need to somehow preserve the claimed id between requests.
+        # The simplest way is to just send it along with the return_to url.
+        if($this->identity != $this->claimed_id) {
+            $returnUrl .= (strpos($returnUrl, '?') ? '&' : '?') . 'openid.claimed_id=' . $this->claimed_id;
+        }
+
+        $params = array(
+            'openid.return_to'  => $returnUrl,
+            'openid.mode'       => $immediate ? 'checkid_immediate' : 'checkid_setup',
+            'openid.identity'   => $this->identity,
+            'openid.trust_root' => $this->trustRoot,
+            ) + $this->sregParams();
+
+        return $this->build_url(parse_url($this->server)
+                               , array('query' => http_build_query($params, '', '&')));
+    }
+
+    protected function authUrl_v2($immediate)
+    {
+        $params = array(
+            'openid.ns'          => 'http://specs.openid.net/auth/2.0',
+            'openid.mode'        => $immediate ? 'checkid_immediate' : 'checkid_setup',
+            'openid.return_to'   => $this->returnUrl,
+            'openid.realm'       => $this->trustRoot,
+        );
+        
+        if ($this->ax) {
+            $params += $this->axParams();
+        }
+        
+        if ($this->sreg) {
+            $params += $this->sregParams();
+        }
+        
+        if (!$this->ax && !$this->sreg) {
+            # If OP doesn't advertise either SREG, nor AX, let's send them both
+            # in worst case we don't get anything in return.
+            $params += $this->axParams() + $this->sregParams();
+        }
+
+        if (!empty($this->oauth) && is_array($this->oauth)) {
+            $params['openid.ns.oauth'] = 'http://specs.openid.net/extensions/oauth/1.0';
+            $params['openid.oauth.consumer'] = str_replace(array('http://', 'https://'), '', $this->trustRoot);
+            $params['openid.oauth.scope'] = implode(' ', $this->oauth);
+        }
+
+        if ($this->identifier_select) {
+            $params['openid.identity'] = $params['openid.claimed_id']
+                 = 'http://specs.openid.net/auth/2.0/identifier_select';
+        } else {
+            $params['openid.identity'] = $this->identity;
+            $params['openid.claimed_id'] = $this->claimed_id;
+        }
+
+        return $this->build_url(parse_url($this->server)
+                               , array('query' => http_build_query($params, '', '&')));
+    }
+
+    /**
+     * Returns authentication url. Usually, you want to redirect your user to it.
+     * @return String The authentication url.
+     * @param String $select_identifier Whether to request OP to select identity for an user in OpenID 2. Does not affect OpenID 1.
+     * @throws ErrorException
+     */
+    function authUrl($immediate = false)
+    {
+        if ($this->setup_url && !$immediate) return $this->setup_url;
+        if (!$this->server) $this->discover($this->identity);
+
+        if ($this->version == 2) {
+            return $this->authUrl_v2($immediate);
+        }
+        return $this->authUrl_v1($immediate);
+    }
+
+    /**
+     * Performs OpenID verification with the OP.
+     * @return Bool Whether the verification was successful.
+     * @throws ErrorException
+     */
+    function validate()
+    {
+        # If the request was using immediate mode, a failure may be reported
+        # by presenting user_setup_url (for 1.1) or reporting
+        # mode 'setup_needed' (for 2.0). Also catching all modes other than
+        # id_res, in order to avoid throwing errors.
+        if(isset($this->data['openid_user_setup_url'])) {
+            $this->setup_url = $this->data['openid_user_setup_url'];
+            return false;
+        }
+        if($this->mode != 'id_res') {
+            return false;
+        }
+
+        $this->claimed_id = isset($this->data['openid_claimed_id'])?$this->data['openid_claimed_id']:$this->data['openid_identity'];
+        $params = array(
+            'openid.assoc_handle' => $this->data['openid_assoc_handle'],
+            'openid.signed'       => $this->data['openid_signed'],
+            'openid.sig'          => $this->data['openid_sig'],
+            );
+
+        if (isset($this->data['openid_ns'])) {
+            # We're dealing with an OpenID 2.0 server, so let's set an ns
+            # Even though we should know location of the endpoint,
+            # we still need to verify it by discovery, so $server is not set here
+            $params['openid.ns'] = 'http://specs.openid.net/auth/2.0';
+        } elseif (isset($this->data['openid_claimed_id'])
+            && $this->data['openid_claimed_id'] != $this->data['openid_identity']
+        ) {
+            # If it's an OpenID 1 provider, and we've got claimed_id,
+            # we have to append it to the returnUrl, like authUrl_v1 does.
+            $this->returnUrl .= (strpos($this->returnUrl, '?') ? '&' : '?')
+                             .  'openid.claimed_id=' . $this->claimed_id;
+        }
+
+        if ($this->data['openid_return_to'] != $this->returnUrl) {
+            # The return_to url must match the url of current request.
+            # I'm assuing that noone will set the returnUrl to something that doesn't make sense.
+            return false;
+        }
+
+        $server = $this->discover($this->claimed_id);
+
+        foreach (explode(',', $this->data['openid_signed']) as $item) {
+            # Checking whether magic_quotes_gpc is turned on, because
+            # the function may fail if it is. For example, when fetching
+            # AX namePerson, it might containg an apostrophe, which will be escaped.
+            # In such case, validation would fail, since we'd send different data than OP
+            # wants to verify. stripslashes() should solve that problem, but we can't
+            # use it when magic_quotes is off.
+            $value = $this->data['openid_' . str_replace('.','_',$item)];
+            $params['openid.' . $item] = function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc() ? stripslashes($value) : $value;
+
+        }
+
+        $params['openid.mode'] = 'check_authentication';
+
+        $response = $this->request($server, 'POST', $params);
+
+        return preg_match('/is_valid\s*:\s*true/i', $response);
+    }
+
+    protected function getAxAttributes()
+    {
+        $result = array();
+        
+        if ($alias = $this->getNamespaceAlias('http://openid.net/srv/ax/1.0', 'ax')) {
+            $prefix = 'openid_' . $alias;
+            $length = strlen('http://axschema.org/');
+            
+            foreach (explode(',', $this->data['openid_signed']) as $key) {
+                $keyMatch = $alias . '.type.';
+                
+                if (strncmp($key, $keyMatch, strlen($keyMatch)) !== 0) {
+                    continue;
+                }
+                
+                $key = substr($key, strlen($keyMatch));
+                $idv = $prefix . '_value_' . $key;
+                $idc = $prefix . '_count_' . $key;
+                $key = substr($this->getItem($prefix . '_type_' . $key), $length);
+                
+                if (!empty($key)) {
+                    if (($count = intval($this->getItem($idc))) > 0) {
+                        $value = array();
+                        
+                        for ($i = 1; $i <= $count; $i++) {
+                            $value[] = $this->getItem($idv . '_' . $i);
+                        }
+                        
+                        $value = ($count == 1) ? reset($value) : $value;
+                    } else {
+                        $value = $this->getItem($idv);
+                    }
+                    
+                    if (!is_null($value)) {
+                        $result[$key] = $value;
+                    }
+                }
+            }
+        } else {
+            // No alias for the AX schema has been found,
+            // so there is no AX data in the OP's response.
+        }
+        
+        return $result;
+    }
+
+    protected function getSregAttributes()
+    {
+        $attributes = array();
+        $sreg_to_ax = array_flip(self::$ax_to_sreg);
+        foreach (explode(',', $this->data['openid_signed']) as $key) {
+            $keyMatch = 'sreg.';
+            if (strncmp($key, $keyMatch, strlen($keyMatch)) !== 0) {
+                continue;
+            }
+            $key = substr($key, strlen($keyMatch));
+            if (!isset($sreg_to_ax[$key])) {
+                # The field name isn't part of the SREG spec, so we ignore it.
+                continue;
+            }
+            $attributes[$sreg_to_ax[$key]] = $this->data['openid_sreg_' . $key];
+        }
+        return $attributes;
+    }
+
+    /**
+     * Gets AX/SREG attributes provided by OP. should be used only after successful validaton.
+     * Note that it does not guarantee that any of the required/optional parameters will be present,
+     * or that there will be no other attributes besides those specified.
+     * In other words. OP may provide whatever information it wants to.
+     *     * SREG names will be mapped to AX names.
+     *     * @return Array Array of attributes with keys being the AX schema names, e.g. 'contact/email'
+     * @see http://www.axschema.org/types/
+     */
+    function getAttributes()
+    {
+        if (isset($this->data['openid_ns'])
+            && $this->data['openid_ns'] == 'http://specs.openid.net/auth/2.0'
+        ) { # OpenID 2.0
+            # We search for both AX and SREG attributes, with AX taking precedence.
+            return $this->getAxAttributes() + $this->getSregAttributes();
+        }
+        return $this->getSregAttributes();
+    }
+
+    /**
+     * Gets an OAuth request token if the OpenID+OAuth hybrid protocol has been used.
+     *
+     * In order to use the OpenID+OAuth hybrid protocol, you need to add at least one
+     * scope to the $openid->oauth array before you get the call to getAuthUrl(), e.g.:
+     * $openid->oauth[] = 'https://www.googleapis.com/auth/plus.me';
+     * 
+     * Furthermore the registered consumer name must fit the OpenID realm. 
+     * To register an OpenID consumer at Google use: https://www.google.com/accounts/ManageDomains
+     * 
+     * @return string|bool OAuth request token on success, FALSE if no token was provided.
+     */
+    function getOAuthRequestToken()
+    {
+        $alias = $this->getNamespaceAlias('http://specs.openid.net/extensions/oauth/1.0');
+        
+        return !empty($alias) ? $this->data['openid_' . $alias . '_request_token'] : false;
+    }
+    
+    /**
+     * Gets the alias for the specified namespace, if it's present.
+     *
+     * @param string $namespace The namespace for which an alias is needed.
+     * @param string $hint Common alias of this namespace, used for optimization.
+     * @return string|null The namespace alias if found, otherwise - NULL.
+     */
+    private function getNamespaceAlias($namespace, $hint = null)
+    {
+        $result = null;
+        
+        if (empty($hint) || $this->getItem('openid_ns_' . $hint) != $namespace) {
+            // The common alias is either undefined or points to
+            // some other extension - search for another alias..
+            $prefix = 'openid_ns_';
+            $length = strlen($prefix);
+            
+            foreach ($this->data as $key => $val) {
+                if (strncmp($key, $prefix, $length) === 0 && $val === $namespace) {
+                    $result = trim(substr($key, $length));
+                    break;
+                }
+            }
+        } else {
+            $result = $hint;
+        }
+        
+        return $result;
+    }
+    
+    /**
+     * Gets an item from the $data array by the specified id.
+     *
+     * @param string $id The id of the desired item.
+     * @return string|null The item if found, otherwise - NULL.
+     */
+    private function getItem($id)
+    {
+        return isset($this->data[$id]) ? $this->data[$id] : null; 
+    }
+}
 \ No newline at end of file
+<?php
+/**
+ * This example shows several things:
+ * - How a setup interface should look like.
+ * - How to use a mysql table for authentication
+ * - How to store associations in mysql table, instead of php sessions.
+ * - How to store realm authorizations.
+ * - How to send AX/SREG parameters.
+ * For the example to work, you need to create the necessary tables:
+CREATE TABLE Users (
+    id INT NOT NULL auto_increment PRIMARY KEY,
+    login VARCHAR(32) NOT NULL,
+    password CHAR(40) NOT NULL,
+    firstName VARCHAR(32) NOT NULL,
+    lastName VARCHAR(32) NOT NULL
+);
+
+CREATE TABLE AllowedSites (
+    user INT NOT NULL,
+    realm TEXT NOT NULL,
+    attributes TEXT NOT NULL,
+    INDEX(user)
+);
+
+CREATE TABLE Associations (
+    id INT NOT NULL PRIMARY KEY,
+    data TEXT NOT NULL
+);
+ *
+ * This is only an example. Don't use it in your code as-is.
+ * It has several security flaws, which you shouldn't copy (like storing plaintext login and password in forms).
+ *
+ * This setup could be very easily flooded with many associations, 
+ * since non-private ones aren't automatically deleted.
+ * You could prevent this by storing a date of association and removing old ones,
+ * or by setting $this->dh = false;
+ * However, the latter one would disable stateful mode, unless connecting via HTTPS.
+ */
+require 'provider.php';
+
+mysql_connect();
+mysql_select_db('test');
+
+function getUserData($handle=null)
+{
+    if(isset($_POST['login'],$_POST['password'])) {
+        $login = mysql_real_escape_string($_POST['login']);
+        $password = sha1($_POST['password']);
+        $q = mysql_query("SELECT * FROM Users WHERE login = '$login' AND password = '$password'");
+        if($data = mysql_fetch_assoc($q)) {
+            return $data;
+        }
+        if($handle) {
+            echo 'Wrong login/password.';
+        }
+    }
+    if($handle) {
+    ?>
+    <form action="" method="post">
+    <input type="hidden" name="openid.assoc_handle" value="<?php echo $handle?>">
+    Login: <input type="text" name="login"><br>
+    Password: <input type="password" name="password"><br>
+    <button>Submit</button>
+    </form>
+    <?php
+    die();
+    }
+}
+
+class MysqlProvider extends LightOpenIDProvider
+{
+    private $attrMap = array(
+        'namePerson/first'    => 'First name',
+        'namePerson/last'     => 'Last name',
+        'namePerson/friendly' => 'Nickname (login)'
+        );
+    
+    private $attrFieldMap = array(
+        'namePerson/first'    => 'firstName',
+        'namePerson/last'     => 'lastName',
+        'namePerson/friendly' => 'login'
+        );
+    
+    function setup($identity, $realm, $assoc_handle, $attributes)
+    {
+        $data = getUserData($assoc_handle);
+        echo '<form action="" method="post">'
+           . '<input type="hidden" name="openid.assoc_handle" value="' . $assoc_handle . '">'
+           . '<input type="hidden" name="login" value="' . $_POST['login'] .'">'
+           . '<input type="hidden" name="password" value="' . $_POST['password'] .'">'
+           . "<b>$realm</b> wishes to authenticate you.";
+        if($attributes['required'] || $attributes['optional']) {
+            echo " It also requests following information (required fields marked with *):"
+               . '<ul>';
+            
+            foreach($attributes['required'] as $attr) {
+                if(isset($this->attrMap[$attr])) {
+                    echo '<li>'
+                       . '<input type="checkbox" name="attributes[' . $attr . ']"> '
+                       . $this->attrMap[$attr] . '(*)</li>';
+                }
+            }
+            
+            foreach($attributes['optional'] as $attr) {
+                if(isset($this->attrMap[$attr])) {
+                    echo '<li>'
+                       . '<input type="checkbox" name="attributes[' . $attr . ']"> '
+                       . $this->attrMap[$attr] . '</li>';
+                }
+            }
+            echo '</ul>';
+        }
+        echo '<br>'
+           . '<button name="once">Allow once</button> '
+           . '<button name="always">Always allow</button> '
+           . '<button name="cancel">cancel</button> '
+           . '</form>';
+    }
+    
+    function checkid($realm, &$attributes)
+    {
+        if(isset($_POST['cancel'])) {
+            $this->cancel();
+        }
+        
+        $data = getUserData();
+        if(!$data) {
+            return false;
+        }
+        $realm = mysql_real_escape_string($realm);
+        $q = mysql_query("SELECT attributes FROM AllowedSites WHERE user = '{$data['id']}' AND realm = '$realm'");
+        
+        $attrs = array();
+        if($attrs = mysql_fetch_row($q)) {
+            $attrs = explode(',', $attributes[0]);
+        } elseif(isset($_POST['attributes'])) {
+            $attrs = array_keys($_POST['attributes']);
+        } elseif(!isset($_POST['once']) && !isset($_POST['always'])) {
+            return false;
+        }
+        
+        $attributes = array();
+        foreach($attrs as $attr) {
+            if(isset($this->attrFieldMap[$attr])) {
+                $attributes[$attr] = $data[$this->attrFieldMap[$attr]];
+            }
+        }
+        
+        if(isset($_POST['always'])) {
+            $attrs = mysql_real_escape_string(implode(',', array_keys($attributes)));
+            mysql_query("REPLACE INTO AllowedSites VALUES('{$data['id']}', '$realm', '$attrs')");
+        }
+        
+        return $this->serverLocation . '?' . $data['login'];
+    }
+    
+    function assoc_handle()
+    {
+        # We generate an integer assoc handle, because it's just faster to look up an integer later.
+        $q = mysql_query("SELECT MAX(id) FROM Associations");
+        $result = mysql_fetch_row($q);
+        return $q[0]+1;
+    }
+    
+    function setAssoc($handle, $data)
+    {
+        $data = mysql_real_escape_string(serialize($data));
+        mysql_query("REPLACE INTO Associations VALUES('$handle', '$data')");
+    }
+    
+    function getAssoc($handle)
+    {
+        if(!is_numeric($handle)) {
+            return false;
+        }
+        $q = mysql_query("SELECT data FROM Associations WHERE id = '$handle'");
+        $data = mysql_fetch_row($q);
+        if(!$data) {
+            return false;
+        }
+        return unserialize($data[0]);
+    }
+    
+    function delAssoc($handle)
+    {
+        if(!is_numeric($handle)) {
+            return false;
+        }
+        mysql_query("DELETE FROM Associations WHERE id = '$handle'");
+    }
+    
+}
+$op = new MysqlProvider;
+$op->server();
+<?php
+/**
+ * This example shows how to create a basic provider usin HTTP Authentication.
+ * This is only an example. You shouldn't use it as-is in your code.
+ */
+require 'provider.php';
+
+class BasicProvider extends LightOpenIDProvider
+{
+    public $select_id = true;
+    public $login = '';
+    public $password = '';
+    
+    function __construct()
+    {
+        parent::__construct();
+        
+        # If we use select_id, we must disable it for identity pages,
+        # so that an RP can discover it and get proper data (i.e. without select_id)
+        if(isset($_GET['id'])) {
+            $this->select_id = false;
+        }
+    }
+    
+    function setup($identity, $realm, $assoc_handle, $attributes)
+    {
+        header('WWW-Authenticate: Basic realm="' . $this->data['openid_realm'] . '"');
+        header('HTTP/1.0 401 Unauthorized');
+    }
+    
+    function checkid($realm, &$attributes)
+    {
+        if(!isset($_SERVER['PHP_AUTH_USER'])) {
+            return false;
+        }
+        
+        if ($_SERVER['PHP_AUTH_USER'] == $this->login
+            && $_SERVER['PHP_AUTH_PW'] == $this->password
+        ) {
+            # Returning identity
+            # It can be any url that leads here, or to any other place that hosts
+            # an XRDS document pointing here.
+            return $this->serverLocation . '?id=' . $this->login;
+        }
+        
+        return false;
+    }
+    
+}
+$op = new BasicProvider;
+$op->login = 'test';
+$op->password = 'test';
+$op->server();
+<?php
+/**
+ * Using this class, you can easily set up an OpenID Provider.
+ * It's independent of LightOpenID class.
+ * It requires either GMP or BCMath for session encryption, 
+ * but will work without them (although either via SSL, or in stateless mode only).
+ * Also, it requires PHP >= 5.1.2
+ * 
+ * This is an alpha version, using it in production code is not recommended,
+ * until you are *sure* that it works and is secure.
+ *
+ * Please send me messages about your testing results 
+ * (even if successful, so I know that it has been tested).
+ * Also, if you think there's a way to make it easier to use, tell me -- it's an alpha for a reason.
+ * Same thing applies to bugs in code, suggestions, 
+ * and everything else you'd like to say about the library.
+ *
+ * There's no usage documentation here, see the examples.
+ *
+ * @author Mewp
+ * @copyright Copyright (c) 2010, Mewp
+ * @license http://www.opensource.org/licenses/mit-license.php MIT
+ */
+ini_set('error_log','log');
+abstract class LightOpenIDProvider
+{
+    # URL-s to XRDS and server location.
+    public $xrdsLocation, $serverLocation;
+    
+    # Should we operate in server, or signon mode?
+    public $select_id = false;
+    
+    # Lifetime of an association.
+    protected $assoc_lifetime = 600;
+    
+    # Variables below are either set automatically, or are constant.
+    # -----
+    # Can we support DH?
+    protected $dh = true;
+    protected $ns = 'http://specs.openid.net/auth/2.0';
+    protected $data, $assoc;
+    
+    # Default DH parameters as defined in the specification.
+    protected $default_modulus;
+    protected $default_gen = 'Ag==';
+    
+    # AX <-> SREG transform
+    protected $ax_to_sreg = array(
+        'namePerson/friendly'     => 'nickname',
+        'contact/email'           => 'email',
+        'namePerson'              => 'fullname',
+        'birthDate'               => 'dob',
+        'person/gender'           => 'gender',
+        'contact/postalCode/home' => 'postcode',
+        'contact/country/home'    => 'country',
+        'pref/language'           => 'language',
+        'pref/timezone'           => 'timezone',
+        );
+    
+    # Math
+    private $add, $mul, $pow, $mod, $div, $powmod;
+    # -----
+    
+    # ------------------------------------------------------------------------ #
+    #  Functions you probably want to implement when extending the class.
+    
+    /**
+     * Checks whether an user is authenticated.
+     * The function should determine what fields it wants to send to the RP, 
+     * and put them in the $attributes array.
+     * @param Array $attributes
+     * @param String $realm Realm used for authentication.
+     * @return String OP-local identifier of an authenticated user, or an empty value.
+     */
+    abstract function checkid($realm, &$attributes);
+    
+    /**
+     * Displays an user interface for inputting user's login and password.
+     * Attributes are always AX field namespaces, with stripped host part.
+     * For example, the $attributes array may be:
+     * array( 'required' => array('namePerson/friendly', 'contact/email'),
+     *        'optional' => array('pref/timezone', 'pref/language')
+     * @param String $identity Discovered identity string. May be used to extract login, unless using $this->select_id
+     * @param String $realm Realm used for authentication.
+     * @param String Association handle. must be sent as openid.assoc_handle in $_GET or $_POST in subsequent requests.
+     * @param Array User attributes requested by the RP.
+     */
+    abstract function setup($identity, $realm, $assoc_handle, $attributes);
+    
+    /**
+     * Stores an association.
+     * If you want to use php sessions in your provider code, you have to replace it.
+     * @param String $handle Association handle -- should be used as a key.
+     * @param Array $assoc Association data.
+     */
+    protected function setAssoc($handle, $assoc)
+    {
+        $oldSession = session_id();
+        session_commit();
+        session_id($assoc['handle']);
+        session_start();
+        $_SESSION['assoc'] = $assoc;
+        session_commit();
+        if($oldSession) {
+            session_id($oldSession);
+            session_start();
+        }
+    }
+    
+    /**
+     * Retreives association data.
+     * If you want to use php sessions in your provider code, you have to replace it.
+     * @param String $handle Association handle.
+     * @return Array Association data.
+     */
+    protected function getAssoc($handle)
+    {
+        $oldSession = session_id();
+        session_commit();
+        session_id($handle);
+        session_start();
+        $assoc = null;
+        if(!empty($_SESSION['assoc'])) {
+            $assoc = $_SESSION['assoc'];
+        }
+        session_commit();
+        if($oldSession) {
+            session_id($oldSession);
+            session_start();
+        }
+        return $assoc;
+    }
+    
+    /**
+     * Deletes an association.
+     * If you want to use php sessions in your provider code, you have to replace it.
+     * @param String $handle Association handle.
+     */
+    protected function delAssoc($handle)
+    {
+        $oldSession = session_id();
+        session_commit();
+        session_id($handle);
+        session_start();
+        session_destroy();
+        if($oldSession) {
+            session_id($oldSession);
+            session_start();
+        }
+    }
+    
+    # ------------------------------------------------------------------------ #
+    # Functions that you might want to implement.
+    
+    /**
+     * Redirects the user to an url.
+     * @param String $location The url that the user will be redirected to.
+     */
+    protected function redirect($location)
+    {
+        header('Location: ' . $location);
+        die();
+    }
+    
+    /**
+     * Generates a new association handle.
+     * @return string
+     */
+    protected function assoc_handle()
+    {
+        return sha1(microtime());
+    }
+    
+    /**
+     * Generates a random shared secret.
+     * @return string
+     */
+    protected function shared_secret($hash)
+    {
+        $length = 20;
+        if($hash == 'sha256') {
+            $length = 256;
+        }
+        
+        $secret = '';
+        for($i = 0; $i < $length; $i++) {
+            $secret .= mt_rand(0,255);
+        }
+        
+        return $secret;
+    }
+    
+    /**
+     * Generates a private key.
+     * @param int $length Length of the key.
+     */
+    protected function keygen($length)
+    {
+        $key = '';
+        for($i = 1; $i < $length; $i++) {
+            $key .= mt_rand(0,9);
+        }
+        $key .= mt_rand(1,9);
+        
+        return $key;
+    }
+    
+    # ------------------------------------------------------------------------ #
+    # Functions that you probably shouldn't touch.
+    
+    function __construct()
+    {
+        $this->default_modulus = 
+            'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPy'
+          . 'm2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0'
+          . 'rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr';
+
+        $location = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
+                  . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
+        $location = preg_replace('/\?.*/','',$location);
+        $this->serverLocation = $location;
+        $location .= (strpos($location, '?') ? '&' : '?') . 'xrds';
+        $this->xrdsLocation = $location;
+        
+        $this->data = $_GET + $_POST;
+        
+        # We choose GMP if avaiable, and bcmath otherwise
+        if(function_exists('gmp_add')) {
+            $this->add = 'gmp_add';
+            $this->mul = 'gmp_mul';
+            $this->pow = 'gmp_pow';
+            $this->mod = 'gmp_mod';
+            $this->div = 'gmp_div';
+            $this->powmod = 'gmp_powm';
+        } elseif(function_exists('bcadd')) {
+            $this->add = 'bcadd';
+            $this->mul = 'bcmul';
+            $this->pow = 'bcpow';
+            $this->mod = 'bcmod';
+            $this->div = 'bcdiv';
+            $this->powmod = 'bcpowmod';
+        } else {
+            # If neither are avaiable, we can't use DH
+            $this->dh = false;
+        }
+        
+        # However, we do require the hash functions.
+        # They should be built-in anyway.
+        if(!function_exists('hash_algos')) {
+            $this->dh = false;
+        }
+    }
+    
+    /**
+     * Displays an XRDS document, or redirects to it.
+     * By default, it detects whether it should display or redirect automatically.
+     * @param bool|null $force When true, always display the document, when false always redirect.
+     */
+    function xrds($force=null)
+    {
+        if($force) {
+            echo $this->xrdsContent();
+            die();
+        } elseif($force === false) {
+            header('X-XRDS-Location: '. $this->xrdsLocation);
+            return;
+        }
+        
+        if (isset($_GET['xrds'])
+            || (isset($_SERVER['HTTP_ACCEPT']) &&  strpos($_SERVER['HTTP_ACCEPT'], 'application/xrds+xml') !== false)
+        ) {
+            header('Content-Type: application/xrds+xml');
+            echo $this->xrdsContent();
+            die();
+        }
+        
+        header('X-XRDS-Location: ' . $this->xrdsLocation);
+    }
+    
+    /**
+     * Returns the content of the XRDS document
+     * @return String The XRDS document.
+     */
+    protected function xrdsContent()
+    {
+        $lines = array(
+            '<?xml version="1.0" encoding="UTF-8"?>',
+            '<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)">',
+            '<XRD>',
+            '    <Service>',
+            '        <Type>' . $this->ns . '/' . ($this->select_id ? 'server' : 'signon') .'</Type>',
+            '        <URI>' . $this->serverLocation . '</URI>',
+            '    </Service>',
+            '</XRD>',
+            '</xrds:XRDS>'
+            );
+        return implode("\n", $lines);
+    }
+    
+    /**
+     * Does everything that a provider has to -- in one function.
+     */
+    function server()
+    {
+        if(isset($this->data['openid_assoc_handle'])) {
+            $this->assoc = $this->getAssoc($this->data['openid_assoc_handle']);
+            if(isset($this->assoc['data'])) {
+                # We have additional data stored for setup.
+                $this->data += $this->assoc['data'];
+                unset($this->assoc['data']);
+            }
+        }
+            
+        if (isset($this->data['openid_ns'])
+            && $this->data['openid_ns'] == $this->ns
+        ) {
+            if(!isset($this->data['openid_mode'])) $this->errorResponse();
+            
+            switch($this->data['openid_mode'])
+            { 
+            case 'checkid_immediate':
+            case 'checkid_setup':
+                $this->checkRealm();
+                # We support AX xor SREG.
+                $attributes = $this->ax();
+                if(!$attributes) {
+                    $attributes = $this->sreg();
+                }
+                
+                # Even if some user is authenticated, we need to know if it's
+                # the same one that want's to authenticate.
+                # Of course, if we use select_id, we accept any user.
+                if (($identity = $this->checkid($this->data['openid_realm'], $attrValues))
+                    && ($this->select_id || $identity == $this->data['openid_identity'])
+                ) {
+                    $this->positiveResponse($identity, $attrValues);
+                } elseif($this->data['openid_mode'] == 'checkid_immediate') {
+                    $this->redirect($this->response(array('openid.mode' => 'setup_needed')));
+                } else {
+                    if(!$this->assoc) {
+                        $this->generateAssociation();
+                        $this->assoc['private'] = true;
+                    }
+                    $this->assoc['data'] = $this->data;
+                    $this->setAssoc($this->assoc['handle'], $this->assoc);
+                    $this->setup($this->data['openid_identity'],
+                                 $this->data['openid_realm'],
+                                 $this->assoc['handle'],
+                                 $attributes);
+                }
+                break;
+            case 'associate':
+                $this->associate();
+                break;
+            case 'check_authentication':
+                $this->checkRealm();
+                if($this->verify()) {
+                    echo "ns:$this->ns\nis_valid:true";
+                    if(strpos($this->data['openid_signed'],'invalidate_handle') !== false) {
+                        echo "\ninvalidate_handle:" . $this->data['openid_invalidate_handle'];
+                    }
+                } else {
+                    echo "ns:$this->ns\nis_valid:false";
+                }
+                die();
+                break;
+            default:
+                $this->errorResponse();
+            }
+        } else {
+            $this->xrds();
+        }
+    }
+    
+    protected function checkRealm()
+    {
+        if (!isset($this->data['openid_return_to'], $this->data['openid_realm'])) {
+            $this->errorResponse();
+        }
+        
+        $realm = str_replace('\*', '[^/]', preg_quote($this->data['openid_realm']));
+        if(!preg_match("#^$realm#", $this->data['openid_return_to'])) {
+            $this->errorResponse();
+        }
+    }
+    
+    protected function ax()
+    {
+        # Namespace prefix that the fields must have.
+        $ns = 'http://axschema.org/';
+        
+        # First, we must find out what alias is used for AX.
+        # Let's check the most likely one
+        $alias = null;
+        if (isset($this->data['openid_ns_ax'])
+            && $this->data['openid_ns_ax'] == 'http://openid.net/srv/ax/1.0'
+        ) {
+            $alias = 'ax';
+        } else {
+            foreach($this->data as $name => $value) {
+                if ($value == 'http://openid.net/srv/ax/1.0'
+                    && preg_match('/openid_ns_(.+)/', $name, $m)
+                ) {
+                    $alias = $m[1];
+                    break;
+                }
+            }
+        }
+        
+        if(!$alias) {
+            return null;
+        }
+        
+        $fields = array();
+        # Now, we must search again, this time for field aliases
+        foreach($this->data as $name => $value) {
+            if (strpos($name, 'openid_' . $alias . '_type') === false
+                || strpos($value, $ns) === false) {
+                continue;
+            }
+            
+            $name = substr($name, strlen('openid_' . $alias . '_type_'));
+            $value = substr($value, strlen($ns));
+            
+            $fields[$name] = $value;
+        }
+        
+        # Then, we find out what fields are required and optional
+        $required = array();
+        $if_available = array();
+        foreach(array('required','if_available') as $type) {
+            if(empty($this->data["openid_{$alias}_{$type}"])) {
+                continue;
+            }
+            $attributes = explode(',', $this->data["openid_{$alias}_{$type}"]);
+            foreach($attributes as $attr) {
+                if(empty($fields[$attr])) {
+                    # There is an undefined field here, so we ignore it.
+                    continue;
+                }
+                
+                ${$type}[] = $fields[$attr];
+            }
+        }
+        
+        $this->data['ax'] = true;
+        return array('required' => $required, 'optional' => $if_available);
+    }
+    
+    protected function sreg()
+    {
+        $sreg_to_ax = array_flip($this->ax_to_sreg);
+        
+        $attributes = array('required' => array(), 'optional' => array());
+        
+        if (empty($this->data['openid_sreg_required'])
+            && empty($this->data['openid_sreg_optional'])
+        ) {
+            return $attributes;
+        }
+        
+        foreach(array('required', 'optional') as $type) {
+            foreach(explode(',',$this->data['openid_sreg_' . $type]) as $attr) {
+                if(empty($sreg_to_ax[$attr])) {
+                    # Undefined attribute in SREG request.
+                    # Shouldn't happen, but we check anyway.
+                    continue;
+                }
+                
+                $attributes[$type][] = $sreg_to_ax[$attr];
+            }
+        }
+        
+        return $attributes;
+    }
+    
+    /**
+     * Aids an RP in assertion verification.
+     * @return bool Information whether the verification suceeded.
+     */
+    protected function verify()
+    {
+        # Firstly, we need to make sure that there's an association.
+        # Otherwise the verification will fail, 
+        # because we've signed assoc_handle in the assertion
+        if(empty($this->assoc)) {
+            return false;
+        }
+        
+        # Next, we check that it's a private association, 
+        # i.e. one made without RP input.
+        # Otherwise, the RP shouldn't ask us to verify.
+        if(empty($this->assoc['private'])) {
+            return false;
+        }
+        
+        # Now we have to check if the nonce is correct, to prevent replay attacks.
+        if($this->data['openid_response_nonce'] != $this->assoc['nonce']) {
+            return false;
+        }
+        
+        # Getting the signed fields for signature.
+        $sig = array();
+        $signed = explode(',', $this->data['openid_signed']);
+        foreach($signed as $field) {
+            $name = strtr($field, '.', '_');
+            if(!isset($this->data['openid_' . $name])) {
+                return false;
+            }
+            
+            $sig[$field] = $this->data['openid_' . $name];
+        }
+        
+        # Computing the signature and checking if it matches.
+        $sig = $this->keyValueForm($sig);
+        if ($this->data['openid_sig'] != 
+            base64_encode(hash_hmac($this->assoc['hash'], $sig, $this->assoc['mac'], true))
+        ) {
+            return false;
+        }
+        
+        # Clearing the nonce, so that it won't be used again.
+        $this->assoc['nonce'] = null;
+        
+        if(empty($this->assoc['private'])) {
+            # Commiting changes to the association.
+            $this->setAssoc($this->assoc['handle'], $this->assoc);
+        } else {
+            # Private associations shouldn't be used again, se we can as well delete them.
+            $this->delAssoc($this->assoc['handle']);
+        }
+        
+        # Nothing has failed, so the verification was a success.
+        return true;
+    }
+    
+    /**
+     * Performs association with an RP.
+     */
+    protected function associate()
+    {
+        # Rejecting no-encryption without TLS.
+        if(empty($_SERVER['HTTPS']) && $this->data['openid_session_type'] == 'no-encryption') {
+            $this->directErrorResponse();
+        }
+        
+        # Checking whether we support DH at all.
+        if (!$this->dh && substr($this->data['openid_session_type'], 0, 2) == 'DH') {
+            $this->redirect($this->response(array(
+                'openid.error' => 'DH not supported',
+                'openid.error_code' => 'unsupported-type',
+                'openid.session_type' => 'no-encryption'
+                )));
+        }
+        
+        # Creating the association
+        $this->assoc = array();
+        $this->assoc['hash'] = $this->data['openid_assoc_type'] == 'HMAC-SHA256' ? 'sha256' : 'sha1';
+        $this->assoc['handle'] = $this->assoc_handle();
+        
+        # Getting the shared secret
+        if($this->data['openid_session_type'] == 'no-encryption') {
+            $this->assoc['mac'] = base64_encode($this->shared_secret($this->assoc['hash']));
+        } else {
+            $this->dh();
+        }
+        
+        # Preparing the direct response...
+        $response = array(
+            'ns'           => $this->ns,
+            'assoc_handle' => $this->assoc['handle'],
+            'assoc_type'   => $this->data['openid_assoc_type'],
+            'session_type' => $this->data['openid_session_type'],
+            'expires_in'   => $this->assoc_lifetime
+            );
+        
+        if(isset($this->assoc['dh_server_public'])) {
+            $response['dh_server_public'] = $this->assoc['dh_server_public'];
+            $response['enc_mac_key'] = $this->assoc['mac'];
+        } else {
+            $response['mac_key'] = $this->assoc['mac'];
+        }
+        
+        # ...and sending it.
+        echo $this->keyValueForm($response);
+        die();
+    }
+    
+    /**
+     * Creates a private association.
+     */
+    protected function generateAssociation()
+    {
+        $this->assoc = array();
+        # We use sha1 by default.
+        $this->assoc['hash']   = 'sha1';
+        $this->assoc['mac']    = $this->shared_secret('sha1');
+        $this->assoc['handle'] = $this->assoc_handle();
+    }
+    
+    /**
+     * Encrypts the MAC key using DH key exchange.
+     */
+    protected function dh()
+    {
+        if(empty($this->data['openid_dh_modulus'])) {
+            $this->data['openid_dh_modulus'] = $this->default_modulus;
+        }
+        
+        if(empty($this->data['openid_dh_gen'])) {
+            $this->data['openid_dh_gen'] = $this->default_gen;
+        }
+        
+        if(empty($this->data['openid_dh_consumer_public'])) {
+            $this->directErrorResponse();
+        }
+        
+        $modulus = $this->b64dec($this->data['openid_dh_modulus']);
+        $gen = $this->b64dec($this->data['openid_dh_gen']);
+        $consumerKey = $this->b64dec($this->data['openid_dh_consumer_public']);
+        
+        $privateKey = $this->keygen(strlen($modulus));
+        $publicKey = $this->powmod($gen, $privateKey, $modulus);
+        $ss = $this->powmod($consumerKey, $privateKey, $modulus);
+        
+        $mac = $this->x_or(hash($this->assoc['hash'], $ss, true), $this->shared_secret($this->assoc['hash']));
+        $this->assoc['dh_server_public'] = $this->decb64($publicKey);
+        $this->assoc['mac'] = base64_encode($mac);
+    }
+    
+    /**
+     * XORs two strings.
+     * @param String $a
+     * @param String $b
+     * @return String $a ^ $b
+     */
+    protected function x_or($a, $b)
+    {
+        $length = strlen($a);
+        for($i = 0; $i < $length; $i++) {
+            $a[$i] = $a[$i] ^ $b[$i];
+        }
+        
+        return $a;
+    }
+    
+    /**
+     * Prepares an indirect response url.
+     * @param array $params Parameters to be sent.
+     */
+    protected function response($params)
+    {
+        $params += array('openid.ns' => $this->ns);
+        return $this->data['openid_return_to']
+             . (strpos($this->data['openid_return_to'],'?') ? '&' : '?')
+             . http_build_query($params, '', '&');
+    }
+    
+    /**
+     * Outputs a direct error.
+     */
+    protected function errorResponse()
+    {
+        if(!empty($this->data['openid_return_to'])) {
+            $response = array(
+            'openid.mode'  => 'error',
+            'openid.error' => 'Invalid request'
+            );
+            $this->redirect($this->response($response));
+        } else {
+            header('HTTP/1.1 400 Bad Request');
+            $response = array(
+                'ns' => $this->ns,
+                'error' => 'Invalid request'
+                );
+            echo $this->keyValueForm($response);
+        }
+        die();
+    }
+    
+    /**
+     * Sends an positive assertion.
+     * @param String $identity the OP-Local Identifier that is being authenticated.
+     * @param Array $attributes User attributes to be sent.
+     */
+    protected function positiveResponse($identity, $attributes)
+    {
+        # We generate a private association if there is none established.
+        if(!$this->assoc) {
+            $this->generateAssociation();
+            $this->assoc['private'] = true;
+        }
+        
+        # We set openid.identity (and openid.claimed_id if necessary) to our $identity
+        if($this->data['openid_identity'] == $this->data['openid_claimed_id'] || $this->select_id) {
+            $this->data['openid_claimed_id'] = $identity;
+        }
+        $this->data['openid_identity'] = $identity;
+        
+        # Preparing fields to be signed
+        $params = array(
+            'op_endpoint'    => $this->serverLocation,
+            'claimed_id'     => $this->data['openid_claimed_id'],
+            'identity'       => $this->data['openid_identity'],
+            'return_to'      => $this->data['openid_return_to'],
+            'realm'          => $this->data['openid_realm'],
+            'response_nonce' => gmdate("Y-m-d\TH:i:s\Z"),
+            'assoc_handle'   => $this->assoc['handle'],
+            );
+        
+        $params += $this->responseAttributes($attributes);
+        
+        # Has the RP used an invalid association handle?
+        if (isset($this->data['openid_assoc_handle'])
+            && $this->data['openid_assoc_handle'] != $this->assoc['handle']
+        ) {
+            $params['invalidate_handle'] = $this->data['openid_assoc_handle'];
+        }
+        
+        # Signing the $params
+        $sig = hash_hmac($this->assoc['hash'], $this->keyValueForm($params), $this->assoc['mac'], true);
+        $req = array(
+            'openid.mode'   => 'id_res',
+            'openid.signed' => implode(',', array_keys($params)),
+            'openid.sig'    => base64_encode($sig),
+            );
+        
+        # Saving the nonce and commiting the association.
+        $this->assoc['nonce'] = $params['response_nonce'];
+        $this->setAssoc($this->assoc['handle'], $this->assoc);
+        
+        # Preparing and sending the response itself
+        foreach($params as $name => $value) {
+            $req['openid.' . $name] = $value;
+        }
+        
+        $this->redirect($this->response($req));
+    }
+    
+    /**
+     * Prepares an array of attributes to send
+     */
+    protected function responseAttributes($attributes)
+    {
+        if(!$attributes) return array();
+        
+        $ns = 'http://axschema.org/';
+
+        $response = array();
+        if(isset($this->data['ax'])) {
+            $response['ns.ax'] = 'http://openid.net/srv/ax/1.0';
+            foreach($attributes as $name => $value) {
+                $alias = strtr($name, '/', '_');
+                $response['ax.type.' . $alias] = $ns . $name;
+                $response['ax.value.' . $alias] = $value;
+            }
+            return $response;
+        }
+        
+        foreach($attributes as $name => $value) {
+            if(!isset($this->ax_to_sreg[$name])) {
+                continue;
+            }
+            
+            $response['sreg.' . $this->ax_to_sreg[$name]] = $value;
+        }
+        return $response;
+    }
+    
+    /**
+     * Encodes fields in key-value form.
+     * @param Array $params Fields to be encoded.
+     * @return String $params in key-value form.
+     */
+    protected function keyValueForm($params)
+    {
+        $str = '';
+        foreach($params as $name => $value) {
+            $str .= "$name:$value\n";
+        }
+        
+        return $str;
+    }
+    
+    /**
+     * Responds with an information that the user has canceled authentication.
+     */
+    protected function cancel()
+    {
+        $this->redirect($this->response(array('openid.mode' => 'cancel')));
+    }
+    
+    /**
+     * Converts base64 encoded number to it's decimal representation.
+     * @param String $str base64 encoded number.
+     * @return String Decimal representation of that number.
+     */
+    protected function b64dec($str)
+    {
+        $bytes = unpack('C*', base64_decode($str));
+        $n = 0;
+        foreach($bytes as $byte) {
+            $n = $this->add($this->mul($n, 256), $byte);
+        }
+        
+        return $n;
+    }
+    
+    /**
+     * Complements b64dec.
+     */
+    protected function decb64($num)
+    {
+        $bytes = array();
+        while($num) {
+            array_unshift($bytes, $this->mod($num, 256));
+            $num = $this->div($num, 256);
+        }
+        
+        if($bytes && $bytes[0] > 127) {
+            array_unshift($bytes,0);
+        }
+        
+        array_unshift($bytes, 'C*');
+        
+        return base64_encode(call_user_func_array('pack', $bytes));
+    }
+    
+    function __call($name, $args)
+    {
+        switch($name) {
+        case 'add':
+        case 'mul':
+        case 'pow':
+        case 'mod':
+        case 'div':
+        case 'powmod':
+            if(function_exists('gmp_strval')) {
+                return gmp_strval(call_user_func_array($this->$name, $args));
+            }
+            return call_user_func_array($this->$name, $args);
+        default:
+            throw new BadMethodCallException();
+        }
+    }
+}
@@ -3,7 +3,7 @@ return [
     'components' => [
         'db' => [
             'class' => 'yii\db\Connection',
-            'dsn' => 'pgsql:host=localhost;port=5432;dbname=artbox_db',
+            'dsn' => 'pgsql:host=localhost;port=5432;dbname=artbox_test',
             'username' => 'postgres',
             'password' => '',
             'schemaMap' => [
@@ -55,7 +55,7 @@ return [
         //подключаем конфигурации API соц сетей для авторизации
  
         'eauth' => [
-            'class' => 'nodge\eauth\EAuth',
+            'class' => 'common\components\nodge\eauth\src\EAuth',
             'popup' => true, // Use the popup window instead of redirecting.
             'cache' => false, // Cache component name or false to disable cache. Defaults to 'cache' on production environments.
             'cacheExpire' => 0, // Cache lifetime. Defaults to 0 - means unlimited.
@@ -66,86 +66,86 @@ return [
             'services' => [ // You can change the providers and their classes.
                 'google' => [
                     // register your app here: https://code.google.com/apis/console/
-                    'class' => 'nodge\eauth\services\GoogleOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\GoogleOAuth2Service',
                     'clientId' => 'artbox-1138',
                     'clientSecret' => '',
                     'title' => 'Google',
                 ],
                 'twitter' => [
                     // register your app here: https://dev.twitter.com/apps/new
-                    'class' => 'nodge\eauth\services\TwitterOAuth1Service',
+                    'class' => 'common\components\nodge\eauth\src\services\TwitterOAuth1Service',
                     'key' => '8vReLxI63vTs98MBMqhvrszwy',
                     'secret' => 'jOqNbHIkQw4cVKKJkgrMtaEeCcfbeT1GTik4pF6O9D7AmqcwOG',
                 ],
                 'yandex' => [
                     // register your app here: https://oauth.yandex.ru/client/my
-                    'class' => 'nodge\eauth\services\YandexOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\YandexOAuth2Service',
                     'clientId' => 'ea13195ac0424ff8a190838bec41bb71',
                     'clientSecret' => '911f2c9afcbf4f5f9319b3134c096c86',
                     'title' => 'Yandex',
                 ],
                 'facebook' => [
                     // register your app here: https://developers.facebook.com/apps/
-                    'class' => 'nodge\eauth\services\FacebookOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\FacebookOAuth2Service',
                     'clientId' => '1642047622727997',
                     'clientSecret' => 'f5b7ba4f062a568678b764fc74cc416e',
                 ],
                 'yahoo' => [
-                    'class' => 'nodge\eauth\services\YahooOpenIDService',
+                    'class' => 'common\components\nodge\eauth\src\services\YahooOpenIDService',
                     //'realm' => '*.example.org', // your domain, can be with wildcard to authenticate on subdomains.
                 ],
                 'linkedin' => [
                     // register your app here: https://www.linkedin.com/secure/developer
-                    'class' => 'nodge\eauth\services\LinkedinOAuth1Service',
+                    'class' => 'common\components\nodge\eauth\src\services\LinkedinOAuth1Service',
                     'key' => '77s41eixn3dyvo',
                     'secret' => '1xLZQ7RRK6RNjo4U',
                     'title' => 'LinkedIn (OAuth1)',
                 ],
                 'linkedin_oauth2' => [
                     // register your app here: https://www.linkedin.com/secure/developer
-                    'class' => 'nodge\eauth\services\LinkedinOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\LinkedinOAuth2Service',
                     'clientId' => '77s41eixn3dyvo',
                     'clientSecret' => '1xLZQ7RRK6RNjo4U',
                     'title' => 'LinkedIn (OAuth2)',
                 ],
                 'github' => [
                     // register your app here: https://github.com/settings/applications
-                    'class' => 'nodge\eauth\services\GitHubOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\GitHubOAuth2Service',
                     'clientId' => 'd00283b5cfb225cd1600',
                     'clientSecret' => 'f482361fad7184819d452f421c8b09db60830b42',
                 ],
                 'live' => [
                     // register your app here: https://account.live.com/developers/applications/index
-                    'class' => 'nodge\eauth\services\LiveOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\LiveOAuth2Service',
                     'clientId' => '00000000481796AE',
                     'clientSecret' => 'rt9GiJrlKz3sE6CvdOeuwWyYbl1tQT03',
                 ],
                 'steam' => [
-                    'class' => 'nodge\eauth\services\SteamOpenIDService',
+                    'class' => 'common\components\nodge\eauth\src\services\SteamOpenIDService',
                     //'realm' => '*.example.org', // your domain, can be with wildcard to authenticate on subdomains.
                 ],
                 'instagram' => [
                     // register your app here: https://instagram.com/developer/register/
-                    'class' => 'nodge\eauth\services\InstagramOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\InstagramOAuth2Service',
                     'clientId' => '...',
                     'clientSecret' => '...',
                 ],
                 'vkontakte' => [
                     // register your app here: https://vk.com/editapp?act=create&site=1
-                    'class' => 'nodge\eauth\services\VKontakteOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\VKontakteOAuth2Service',
                     'clientId' => '5155388',
                     'clientSecret' => 'jxgmdGVQw7huGKRpnX3a',
                 ],
                 'mailru' => [
                     // register your app here: http://api.mail.ru/sites/my/add
-                    'class' => 'nodge\eauth\services\MailruOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\MailruOAuth2Service',
                     'clientId' => '739322',
                     'clientSecret' => 'd6ce7be6ff791375adff58fe0e4460b2',
                 ],
                 'odnoklassniki' => [
                     // register your app here: http://dev.odnoklassniki.ru/wiki/pages/viewpage.action?pageId=13992188
                     // ... or here: http://www.odnoklassniki.ru/dk?st.cmd=appsInfoMyDevList&st._aid=Apps_Info_MyDev
-                    'class' => 'nodge\eauth\services\OdnoklassnikiOAuth2Service',
+                    'class' => 'common\components\nodge\eauth\src\services\OdnoklassnikiOAuth2Service',
                     'clientId' => '...',
                     'clientSecret' => '...',
                     'clientPublic' => '...',
@@ -160,7 +160,7 @@ return [
                 [
                     'class' => 'yii\log\FileTarget',
                     'logFile' => '@app/runtime/logs/eauth.log',
-                    'categories' => ['nodge\eauth\*'],
+                    'categories' => ['common\components\nodge\eauth\nodge\eauth\*'],
                     'logVars' => [],
                 ],
             ],
@@ -190,7 +190,7 @@ class SiteController extends Controller
      */
     public function actionContact()
     {   
-        //Yii::$app->user->logout();
+        Yii::$app->user->logout();
         $identity = Yii::$app->getUser()->getIdentity();
         var_dump($identity[profile]);
         die();