Using RingCentral PHP SDK to build app that uses Authorization Code flow and subscribes to presence events

Question

I am trying to build a web app that is using RingCentral PHP SDK to subscribe to presence events. The application will be using Authorization Code flow. I am getting the access token but have no idea how to use this token with SDK and Platform objects. It looks like SDK is geared towards using Password flow.

Should I use plain curl to invoke POST /restapi/v1.0/subscription HTTP/1.1 passing access token in Authorization Header? Or there are ways to use RingCentral SDK objects for it? Am I missing something?

Answer 1

If you could provide a little more information about your use-case, and how you're implementing the code, I can provide greater detail.

To create a subscription using the PHP SDK, here is the demo code contained within the RingCentral PHP SDK repository on Github

TL;DR

I see two questions being asked:

1. Does the RingCentral PHP SDK support Authorization Flow (3-Legged OAuth), because currently it appears the SDK is focused only upon the Password Flow?

Authorization Flow is the best-practice for building multi-tenant applications since it removes the security risk of your application storing usernames and passwords which are associated with RingCentral accounts. The RingCentral PHP SDK supports Authorization Flow and Password Flow authentication types. Once your PHP SDK instance has a valid access_token then it can create a subscription quite easily.

We can see in the PHP SDK code on Github within src/Platform.php that constant AUTHORIZE_ENDPOINT is supported as a returnable value from a request to authUrl().

You can see in Grokify's RingCentral OAuth PHP Example that Authorization Flow is supported by the PHP SDK.

Once your SDK instance has a valid access_token, it will use that token in the Authorization header when you createSubscription(), addingListeners(), and register() as seen in this PHP demo code to create a subscription

2. How do I create a RingCentral Subscription using with the PHP SDK (does the SDK have objects associated with it I can use)?

There are several ways you can go about using the RingCentral SDK(s). I've provided a link to the PHP Demo on creating a subscription in the above TL;DR.

Since you are working with the RingCentral PHP SDK, then you are restricted to server-side implementations as PHP is a server-side only language.

How you choose to implement your subscription is entirely dependent upon your application's use-case needs and your architectural requirements. Since you have indicated you are using Authorization Flow, that leads me to believe you are building a multi-tenant, web-based application integration. Since you said you are getting an access_token, I am guessing you've called the Platform.login() and passed it the code value you receive from the 3-Legged auth request to /restapi/oauth/authorize and received in the redirect. I'm not sure if you're doing all this from the client or server, but I'm assuming the server.

• You would need to associate the session to the SDK instance and subscription on the server-side. This means you will have to manage multiple SDK, and Subscription instances for each client-side session. You might also need to implement WebSockets or Long-Polling so you can achieve the near real-time event updates that Subscriptions enable. So while, yes the RingCentral PHP SDK can be used with Authorization Flow, I personally would recommend against using it for any end-user, client-side, multi-tenant application development (unless you have properly prepared for mapping the sessions to the SDK/Subscription instances as I described earlier.

• If you do not want to manage all of that on your server-side, you could use the RingCentral JS SDK on the client-side of your PHP application, but this might get a little messy and require some re-architecting of your solution depending upon how you have things built. Of course, this approach has a data-volatile aspect depending upon what you want to do with the data you obtain from the subscription and if you need it to persist between sessions (once again depends upon your use case).