Download the PHP package delboy1978uk/bone-oauth2 without Composer
On this page you can find all versions of the php package delboy1978uk/bone-oauth2. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download delboy1978uk/bone-oauth2
More information about delboy1978uk/bone-oauth2
Files in delboy1978uk/bone-oauth2
Package bone-oauth2
Short Description OAuth2 functionality for Bone Framework
License MIT
Informations about the package bone-oauth2
bone-oauth2
OAuth2 Authorization and Resource Server functionality for Bone MVC Framework
installation
Install via composer from the root of your Bone Framework project
configuration
Simply add the Package to Bone's packages config
generate a public and private key
Firstly go into the data/keys
directory.
Use openssl to generate a private key, then extract the public key from the private key:
If you want to provide a passphrase for your private key run these commands instead:
If a passphrase has been used to generate private key it must be provided to the authorization server.
The public key should be distributed to any services (for example resource servers) that validate access tokens.
generate an encryption key
Go back to the project root.
Run this command and add to your config.
Run database migrations to generate the tables `
required config values
Keys can be stored out of the config array and fetched as an environment variable for better security, but these are the config settings you need.
usage
server side
You can create a client using the vendor/bin/bone
command. You can also create scopes, and grant scopes to clients.
To lock down an endpoint to require an access token, simply add the ResourceServerMiddleware
to the route or route
group in your Bone Framework Package class
In your controller, you will have access to the user, which is now an instance of OAuthUser
. You can also get the
scopes granted for the request.
client side
Clients connect using the standard OAuth2 flow described in RFC6749, the two endpoints in your Bone App are
- /oauth2/authorize
- /oauth2/token
site users
Logged in users now have an additional end point which they can go to,
/user/api-keys
, where they can get a new API key, or delete existing ones.console
You also have access to more
bone
command options:
All versions of bone-oauth2 with dependencies
ext-curl Version *
ext-json Version *
delboy1978uk/bone-user Version ^2.4
laminas/laminas-diactoros Version ^3.3
league/oauth2-server Version ^8.5
delboy1978uk/bone Version ^3.10
delboy1978uk/bone-doctrine Version ^2.0
laminas/laminas-uri Version ^2.11