Download the PHP package codeacious/oauth2-provider without Composer

oauth2-provider

A simple and clean Zend Framework 2 wrapper for the oauth2-server-php library.

The main features:

• It allows OAuth2 Server instances to be configured via the ZF Service Manager
• It allows the OAuth2 Server to work with ZF Request and Response objects
• It is flexible and minimally invasive, leaving you to manage URLs and routing however you wish
• You can accept OAuth 2.0 access tokens via [Zend\Authentication] (http://framework.zend.com/manual/current/en/modules/zend.authentication.intro.html)
• You can accept OAuth 2.0 access tokens via [ZF\MvcAuth] (https://github.com/zfcampus/zf-mvc-auth)

Installation

1. Use Composer to add the package codeacious/oauth2-provider to your project.
2. Add Codeacious\OAuth2Provider to the list of modules to load in your config/application.config.php

Provider instantiation

The central class is Codeacious\OAuth2Provider\Provider, which wraps an OAuth2\Server instance. You interact with the Provider from your own controllers to perform OAuth functions.

There are several ways to instantiate a Provider, depending on whether you want to use the Service Manager and whether your project requires more than one Provider.

Service manager - single instance

Codeacious\OAuth2Provider\ProviderFactory is a service factory that creates a single Provider and looks for configuration options under the oauth2provider key in your app config.

For example, put this in your config/autoload/global.php or module/Application/config/module.config.php:

From your controller class, you can retrieve the service:

Service manager - multiple instances

Codeacious\OAuth2Provider\ProviderAbstractFactory is an abstract factory that allows you to define any number of Providers just by placing uniquely named keys under the oauth2providers key in your app config.

For example, put this in your config/autoload/global.php or module/Application/config/module.config.php:

From your controller class, you can retrieve the services using the names you chose:

The manual way

You can create a Provider yourself by passing in a preconfigured OAuth server, and your current Request.

Configuration

When using the service factories, you can configure the OAuth2 server from your ZF application config array. You can configure storage, request types and most other options using this mechanism.

Example: OAuth token issuer with PDO storage

Example: Custom storage using services

Example: Assigning storage objects to specific storage types

Example: Accepting JWT tokens using a public key stored in a file

Usage

The oauth2-provider module does not implement any controllers or register any routes. Leaving these aspects to your application gives you more control and flexibility.

Implementing a token endpoint

Create a controller and set up URL routing as you normally would in Zend Framework. In the action handler for your token action, retrieve the provider you configured in the Service Manager, and call handleTokenRequest(). For example:

Implementing an authorization endpoint

The Authorization endpoint requires you to implement a login form or other mechanism to establish the user's identity. Once you've done that, you can call handleAuthorizeRequest() to let the provider take over. Here's a simplistic example:

Accepting tokens

Accepting tokens using ZF\MvcAuth