PHP code example of franz-deleon / fdl-oauth2-provider
1. Go to this page and download the library: Download franz-deleon/fdl-oauth2-provider library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
franz-deleon / fdl-oauth2-provider example snippets
array(
'oauth2provider' => array(
'servers' => array(
'MyUniqueServerName' => array([...])
),
'main_server' => 'MyUniqueServerName', // <-- unique key should be defined here
)
)
return array(
/**
* The module works by defining how to create the OAuth 2 Server.
* OAuth2Provider module will do its best to map grant types, response type, etc..
* that you wish to use for a specific storage.
*
* Refer to the strategies on how this works. Each of these features gets mapped
* to a specific stategy. Available strategies can be found at:
* OAuth2Provider\Factory\*TypeStrategy
*
* In addition, refer to https://github.com/bshaffer/oauth2-server-php
* if you have no idea what an OAuth 'server' is :)
*
* In a nutshell, all you have to do is define your storages in the 'storages' configuration of your server.
* (Please look at module.config.php.dist for a template example)
*
* You can view the list of configurations in: OAuth2Provider\Options\ServerConfigurations
* You can also define multiple server keys for different configurations.
*/
'servers' => array(
// *********************************************************************************
// This is for demonstration purposes only to show the servers usage variations.
// DO NOT USE AS IS!!
// *********************************************************************************
// The assigned server key name. Each server is er to OAuth2\Storage):
//
// 1. 'access_token'
// 2. 'authorization_code'
// 3. 'client_credentials'
// 4. 'client'
// 5. 'refresh_token'
// 6. 'user_credentials'
// 7. 'jwt_bearer'
// 8. 'scope'
//
'storages' => array(
// *********************************************************
// ** Bellow are variances on how you can define a storage
// *********************************************************
// a. Initializing using a ZF2 ServiceManager service.
// Example of how you can initialize a storage using a service
// where hash has a combination of storage key 'access_token' and zf2 service key 'SomeStorageServiceManagerFactoryService'
'authorization_code' => 'SomeStorageServiceManagerFactoryService',
// b. Initializing using a FQNS (Fully Qualified Namespace) string
'user_credentials' => 'OAuth2ProviderTests\Assets\Storage\UserCredentialsStorage',
// c. Initializing using a PHP object instance
'access_token' => new \OAuth2ProviderTests\Assets\Storage\AccessTokenStorage(),
// d. Initializing using a closure.
// The closure will be injected with a ServiceManager instance by default
'refresh_token' => function ($sm) {
return new \OAuth2ProviderTests\Assets\Storage\RefreshTokenStorage();
}
),
// b. Configs - A key for optional OAuth2 server configuration overrides.
// - The 'configs' key is initialized by Service\Factory\ServerFeature\ConfigFactory
// - Initialized configs are stored in container Container\ConfigContainer
//
// The list below shows the available and default configuration settings:
'configs' => array(
'access_lifetime' => 3600,
'www_realm' => 'Service',
'token_param_name' => 'access_token',
'token_bearer_header_name' => 'Bearer',
'enforce_state' => true,
' // h. For the lazy, You can just add, 'user_credentials' as an array value.
// The module will map/reuse the user_credentials storage that you defined in 'storages'
// and inject it to the default concrete class automatically.
'user_credentials',
),
// ************************************************************************************************************************
// *** End of optional config variation example
// ***
// *** Again, the config variations above can be applied to the following strategies below
// ************************************************************************************************************************
// f. Grant Types - A key for Grant Type configurations
// - The 'grant_types' key is initialized by Service\Factory\ServerFeature\GrantTypeFactory
// - Initialized objects are stored in container Container\GrantTypeContainer.
// - The configuration objects can be found in OAuth2Provider\Options\GrantType\*
//
// The list below shows the available grant types strategies and usages:
//
// 1. authorization_code
// 2. client_credentials
// 3. refresh_token
// 4. user_credentials
//
'grant_types' => array(
// 1. authorization_code strategy
array(
'name' => 'authorization_code',
// list of available options:
'options' => array(
// *_storage are mapped automatically to the defined 'storages' config. Use only if using a unique storage.
'authorization_code_storage' => 'OAuth2ProviderTests\Assets\Storage\AuthorizationCodeStorage',
),
),
// 2. client_credentials strategy
array(
'name' => 'client_credentials',
// list of available options:
'options' => array(
// *_storage are mapped automatically to the defined 'storages' config. Use only if using a unique storage.
'client_credentials_storage' => 'OAuth2ProviderTests\Assets\Storage\ClientCredentialsStorage',
// list of available configs:
'configs' => array(
'allow_credentials_in_request_body' => true
),
),
),
// 3. refresh_token strategy
array(
'name' => 'refresh_token',
// list of available options:
'options' => array(
// *_storage are mapped automatically to the defined 'storages' config. Use only if using a unique storage.
'refresh_token_storage' => 'OAuth2ProviderTests\Assets\Storage\RefreshTokenStorage',
// list of available configs:
'configs' => array(
'always_issue_new_refresh_token' => false
),
),
),
// 4. user_credentials strategy
array(
'name' => 'user_credentials',
// list of available options:
'options' => array(
// *_storage are mapped automatically to the defined 'storages' config. Use only if using a unique storage.
'user_credentials_storage' => 'OAuth2ProviderTests\Assets\Storage\UserCredentialsStorage',
),
),
),
// g. Response Types
// - The 'response_types' key is initialized by Service\Factory\ServerFeature\ResponseTypeFactory
// - Initialized objects are stored in container Container\ResponseTypeContainer.
// - The configuration objects can be found in OAuth2Provider\Options\ResponseType\*
//
// The list below shows the available response types strategies and usages:
//
// 1. access_token
// 2. authorization_code
//
'response_types' => array(
// 1. access_token
array(
'name' => 'access_token',
// list of available options:
'options' => array(
// *_storage are mapped automatically to the defined 'storages' config. Use only if using a unique storage.
'token_storage' => 'OAuth2ProviderTests\Assets\Storage\AccessTokenStorage',
'refresh_storage' => 'OAuth2ProviderTests\Assets\Storage\RefreshTokenStorage',
// list of available configs:
'configs' => array(
'token_type' => 'bearer',
'access_lifetime' => 3600,
'refresh_token_lifetime' => 1209600,
),
),
),
// 2. authorization_code
array(
'name' => 'authorization_code',
// list of available options:
'options' => array(
// *_storage are mapped automatically to the defined 'storages' config. Use only if using a unique storage.
'authorization_code_storage' => 'OAuth2ProviderTests\Assets\Storage\AuthorizationCodeStorage',
// list of available configs:
'configs' => array(
'enforce_redirect' => false,
'auth_code_lifetime' => 30,
),
),
),
),
// h. Token Types
// - The 'token_type' key is initialized by Service\Factory\ServerFeature\TokenTypeFactory
// - Initialized objects are stored in container Container\TokenTypeContainer.
// - The configuration objects can be found in OAuth2Provider\Options\TokenType\*
//
// The list below shows the available Token type(s) strategies and usages:
//
// 1. bearer
//
'token_type' => array(
// 1. bearer
'name' => 'bearer',
// list of available options:
'options' => array(
// list of available configs:
'configs' => array(
'token_param_name' => 'access_token',
'token_bearer_header_name' => 'Bearer',
),
),
),
// i. Scope Util
// - The 'scope_util' key is initialized by Service\Factory\ServerFeature\ScopeTypeFactory
// - Initialized objects are stored in container Container\ScopeTypeContainer.
// - The configuration objects can be found in OAuth2Provider\Options\ScopeType\*
//
// The list below shows the available Scope Util type(s) strategies and usages:
//
// 1. scope
//
'scope_util' => array(
// 1. scope
'name' => 'scope',
// list of available options:
'options' => array(
'use_defined_scope_storage' => true,
// Configrations below may be ignored if 'use_defined_score_storage' = true
// AND Scope Storage is already defined in 'storages' configuration
'default_scope' => 'scope1',
'supported_scopes' => 'scope1 scope2 scope3 scope4',
'client_supported_scopes' => array(
'myXclientXid' => 'scope1 scope2 scope3 scope4',
),
'client_default_scopes' => array(
'myXclientXid' => 'scope1 scope2',
),
),
),
// j. Client Assertion Type
// - The 'client_assertion_type' key is initialized by Service\Factory\ServerFeature\ClientAssertionTypeFactory
// - Initialized objects are stored in container Container\ClientAssertionTypeContainer.
// - The configuration objects can be found in OAuth2Provider\Options\ClientAssertionType\*
//
// The list below shows the available Client Assertion type(s) strategies and usages:
//
// 1. http_basic
//
'client_assertion_type' => array(
// 1. http_basic
'name' => 'http_basic',
// list of available options:
'options' => array(
// *_storage are mapped automatically to the defined 'storages' config. Use only if using a unique storage.
'client_credentials_storage' => 'OAuth2ProviderTests\Assets\Storage\ClientCredentialsStorage',
// list of available configs:
'configs' => array(
'allow_credentials_in_request_body' => true
),
),
),
),
),
/**
* Main Primary Server
*
* Define by picking the "main server" to use from the server configurations list/keys above.
* You can access the main server using the main service manager by:
*
* <code>
* $sm->get('oauth2provider.server.main');
* </code>
*
* Default: 'default'
*/
'main_server' => '',
/**
* The main server version.
* Useful if you have multiple server definitions like below:
*
* <code>
* array(
* 'servers' => array(
* 'serverkey_1' => array(
* array('version' => 'v1'),
* array('version' => 'v2'),
* ),
* ),
* 'main_server' => 'serverkey_1',
* 'main_version' => 'v2',
* )
* </code>
*
* Hence with the configuration above, a url endpoint with:
* http://[domain]/oauth2/authorize
* will automatically use 'serverkey_1' with version 2 ('v2')
*/
'main_version' => '',
/**
* Default Controller to use if no controller is definded in server settings
* Contains the routes to server endpoints.
* Controller needs to be FQNS.
*/
'default_controller' => 'OAuth2Provider\Controller\UserCredentialsController',
);