Download the PHP package pinfirestudios/yii2-oauth2-authorization-server without Composer
On this page you can find all versions of the php package pinfirestudios/yii2-oauth2-authorization-server. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download pinfirestudios/yii2-oauth2-authorization-server
More information about pinfirestudios/yii2-oauth2-authorization-server
Files in pinfirestudios/yii2-oauth2-authorization-server
Package yii2-oauth2-authorization-server
Short Description OAuth2 Authorization Server for Yii2. Fork of abandoned filsh/yii2-oauth2-server package
License MIT
Homepage https://github.com/pinfirestudios/yii2-oauth2-authorization-server
Informations about the package yii2-oauth2-authorization-server
yii2-oauth2-authorization-server
This is a fork of filsh/yii2-oauth2-server with latest patches from various forks thereof.
A wrapper for implementing an OAuth2 Server(https://github.com/bshaffer/oauth2-server-php)
Installation
The preferred way to install this extension is through composer.
Either run
or add
to the require section of your composer.json.
To use this extension, simply add the following code in your application configuration:
If you want to get Json Web Token (JWT) instead of convetional token, you will need to set 'useJwtToken' => true
in module and then define two more configurations:
'public_key' => 'app\storage\PublicKeyStorage'
which is the class that implements PublickKeyInterface and 'access_token' => 'app\storage\JwtAccessToken'
which implements JwtAccessTokenInterface.php
For Oauth2 base library provides the default access_token which works great except that it tries to save the token in the database. So I decided to inherit from it and override the part that tries to save (token size is too big and crashes with VARCHAR(40) in the database.
TL;DR, here are the sample classes access_token
and public_key
NOTE: You will need this PR applied or you can patch it yourself by checking changes in this diff. The other part of PR is only if you want to use firebase JWT library (which is not mandatory anyway).
Also, extend - user model - implementing the interface , so the oauth2 credentials data stored in user table. You should implement:
- findIdentityByAccessToken()
- checkUserCredentials()
- getUserDetails()
You can extend the model if you prefer it (please, remember to update the config files) :
Additional OAuth2 Flags:
-
Flag that switch that state controller should allow to use "state" param in the "Authorization Code" Grant Type
- Flag that switch that controller should allow the "implicit" grant type
The next step your shold run migration
this migration create the oauth2 database scheme and insert test user credentials for
add url rule to urlManager
Usage
To use this extension, simply add the behaviors for your base controller:
Create action authorize in site controller for Authorization Code
https://api.mysite.com/authorize?response_type=code&client_id=TestClient&redirect_uri=https://fake/
Also if you set you can use Implicit Grant Type - see more
Request example:
https://api.mysite.com/authorize?response_type=token&client_id=TestClient&redirect_uri=https://fake/cb
With redirect response:
https://fake/cb#access_token=2YotnFZFEjr1zCsicMWpAA&state=xyz&token_type=bearer&expires_in=3600
For more, see https://github.com/bshaffer/oauth2-server-php