PHP download

Download the PHP package elstc/cakephp-oauth-server without Composer

On this page you can find all versions of the php package elstc/cakephp-oauth-server. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download elstc/cakephp-oauth-server
More information about elstc/cakephp-oauth-server
Files in elstc/cakephp-oauth-server

Vendor elstc
Package cakephp-oauth-server
Short Description OAuth Server for CakePHP 3 using the PHP League's OAuth2 Server
License MIT

Keywords oauth oauth2 cakephp oauth2 server oauth server

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of elstc/cakephp-oauth-server

Informations about the package cakephp-oauth-server

OAuth2 Server for CakePHP 3

A plugin for implementing an OAuth2 server in CakePHP 3. Built on top of the PHP League's OAuth2 Server. Currently we support the following grant types: AuthCode, RefreshToken, ClientCredentials.

This repository is a fork of uafrica/oauth-server.

Requirements

PHP >= 7.1 with openssl extension
CakePHP >= 3.5
Database (MySQL, SQLite tested)

Installation

You can install this plugin into your CakePHP application using. Run:

Load plugin

(CakePHP >= 3.6.0) Load the plugin by adding the following statement in your project's src/Application.php:

(CakePHP <= 3.5.x) Load the plugin by adding the following statement in your project's config/bootstrap.php file:

Run database migration

The database migrations need to be run.

Generating and setup keys

Generating private and public keys (see also https://oauth2.thephpleague.com/installation/):

Generating encryption key :

Change your app.php, Add OAuthServer configuration :

NOTICE: private key and encryption key is confidential. Try to set as much as possible with environment variables and not upload to the source code repository.

for Apache HTTP Server + php-fpm or php-cgi

Authorization header is not transparent in Apache HTTP Server with php-fpm. So some settings are needed.

Adding the following statement to webroot/.htaccess:

And apply \OAuthServer\Middleware\AuthorizationEnvironmentMiddleware on your application:

It is recommended to insert between AssetMiddleware and RoutingMiddleware.

Configuration

It is assumed that you already have working Form based authentication using the built in CakePHP 3 authentication component. If you do not, please read the authentication chapter.

Set OAuthServer as an authentication adaptor.

In your AppController::beforeFilter() method, add (or modify)

Change your login method to look as follows:

Alternatively, if you are using the Friends Of Cake CRUD plugin, add

to your CRUD actions config.

Usage

The base OAuth2 path is example.com/oauth.

In order to add clients and OAuth scopes you need to create a ClientsController and a ScopesController (Which is not part of this plugin)

The simplest way is to make use of the Friends Of Cake CRUD-View plugin.

Install it by running

Then create a ClientsController that looks like:

And a ScopesController that looks like:

Customisation

The OAuth2 Server can be customised, the look for the various pages can be changed by creating templates in Template/Plugin/OAuthServer/OAuth

The server also fires a number of events that can be used to inject values into the process. The current events fired are:

OAuthServer.beforeAuthorize - On rendering of the approval page for the user.
OAuthServer.afterAuthorize - On the user authorising the client
OAuthServer.afterDeny - On the user denying the client

You can customise the OAuth authorise page by creating a overriding template file in src/Template/Plugin/OAuthServer/OAuth/authorize.ctp

Component/Authenticator Options

OAuthServer.privateKey

REQUIRED: Set your private key filepath.

The key file should be don't readable other user. (file permission is 400, 440, 600, 640, 660)

OAuthServer.publicKey

REQUIRED: Set your public key filepath. That generated from the above private key.

The key file should be don't readable other user. (file permission is 400, 440, 600, 640, 660)

OAuthServer.encryptionKey

REQUIRED: Set your encryption key string. That generated from vendor/bin/generate-defuse-key command.

OAuthServer.accessTokenTTL

Optional: Set access token TTL. Specify a format that can be interpreted by the DateInterval class.

default: PT1H (1 hour)

OAuthServer.refreshTokenTTL

Optional: Set refresh token TTL. Specify a format that can be interpreted by the DateInterval class.

default: P1M (1 month)

OAuthServer.authCodeTTL

Optional: Set auth code TTL. Specify a format that can be interpreted by the DateInterval class.

default: PT10M (10 minutes)

OAuthServer.supportedGrants

Optional: Set supported grant types. This option can be the following list: AuthCode, RefreshToken, ClientCredentials, Password.

default: ['AuthCode', 'RefreshToken', 'ClientCredentials', 'Password']

OAuthServer.passwordAuthenticator

Optional: Set Authenticator that use password grant. Set this if your application uses a non default authenticator.

default: Form

OAuthAuthenticate Options

continue

Optional: If set to true, if OAuth authentication fails, not stop processing there. Use this when you want to use only authentication information without requiring login.

default: false

fields.username

Optional: Specify the user's primary key field.

default: id

more configuration options see: https://book.cakephp.org/3.0/en/controllers/components/authentication.html#configuring-authentication-handlers

All versions of cakephp-oauth-server with dependencies

PHP Build Version

Package Version

Version v0.8.7 Release 04. Apr 2024
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of cakephp-oauth-server from vendor elstc

Requires php Version >= 7.1
ext-json Version *
ext-openssl Version *
cakephp/cakephp Version ^3.5.18
league/oauth2-server Version ~8.0.0
cakephp/migrations Version ~1.7.0|^2.0

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package elstc/cakephp-oauth-server contains the following files

Loading the files please wait ....