Download the PHP package davidxu/yii2-oauth2-server without Composer
On this page you can find all versions of the php package davidxu/yii2-oauth2-server. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package yii2-oauth2-server
Extension for Yii2 providing an oAuth 2 server
Forked from https://github.com/davidxu/yii2-oauth2-server Uses parts of https://github.com/samdark/yii2-league-oauth2-server
Also inspired by https://github.com/chervand/yii2-oauth2-server
Install
Add this to your composer.json:
Usage
Step 1
You need a few things:
-
A UserRepository for this module to get its users from. The easiest is to take your existing
Userclass, and make sure it also implements the following interfaces:yii\web\IdentityInterfaceLeague\OAuth2\Server\Entities\UserEntityInterfaceLeague\OAuth2\Server\Repositories\UserRepositoryInterface- Make sure to validate the user in
UserRepositoryInterface::getUserEntityByUserCredentials()
- Make sure to validate the user in
Also make sure to implement
findIdentityByAccessToken(), it's used bydavidxu\oauth2\components\authMethods\HttpBearerAuthto authenticate the user by access token. Example:And then pass the User class as the property
$userRepositoryin the configuration array as below. - An SSH key pair. See https://oauth2.thephpleague.com/installation/
Make sure the file rights are 600 or 660 for the generated key files.
-
An encryption key (just a random string)
- The migrations
Step 2
Add it as a yii2 module:
Also add the module to your application bootstrap:
Configuration
There's not a lot of configuration yet. Maybe the types of grants available will be dynamic someday.
Access control (Guarding API calls)
Check Client Credentials
Because the Client Credentials method creates access tokens that are not linked to a specific user, it uses a different filter to check the validity of the token.
Add the davidxu\oauth2\components\filters\CheckClientCredentials to your behaviors to validate Client Credential access keys.
Other auth flows
Add the davidxu\oauth2\components\authMethods\HttpBearerAuth to your behaviors, for example:
Usage with with yiisoft/yii2-authclient (or similar Authorization Code Grant clients)
Create a custom client, with the following URLs:
- authorize URL:
<domain>/oauth2/authorize - token URL:
<domain>/oauth2/token/create
All versions of yii2-oauth2-server with dependencies
yiisoft/yii2 Version ~2.0.6
league/oauth2-server Version ^8.4
guzzlehttp/guzzle Version ^7.7