andres-ml / cakephp-oauth2
CakePHP 3.6 authentication using the league/oauth2-client family
Installs: 479
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 12
Type:cakephp-plugin
Requires (Dev)
- cakephp/cakephp: ^4.0
- cakephp/cakephp-codesniffer: ^2.0
- league/oauth2-github: ^0.2
- phpunit/phpunit: ^8.0
This package is auto-updated.
Last update: 2024-04-25 12:04:18 UTC
README
CakePHP 3 authentication using the league/oauth2-client.
Install
Using Composer:
composer require muffin/oauth2:dev-master
You then need to load the plugin. You can use the shell command:
bin/cake plugin load Muffin/OAuth2
or by manually adding statement shown below to bootstrap.php:
Plugin::load('Muffin/OAuth2');
Wait, you're not done yet. This plugin will NOT require any of the clients. You will have to do it yourself:
composer require "league/oauth2-github:^1.0@dev"
Usage
First, start by defining the providers:
// either in `config/bootstrap.php` Configure::write('Muffin/OAuth2', [ 'providers' => [ 'github' => [ 'className' => 'League\OAuth2\Client\Provider\Github', // all options defined here are passed to the provider's constructor 'options' => [ 'clientId' => 'foo', 'clientSecret' => 'bar', ], 'mapFields' => [ 'username' => 'login', // maps the app's username to github's login ], // ... add here the usual AuthComponent configuration if needed like fields, etc. ], ], ]); // or in `src/Controller/AppController.php` $this->loadComponent('Auth', [ 'authenticate' => [ // ... 'Muffin/OAuth2.OAuth' => [ 'providers' => [ // the array from example above ], ], ], ]);
Upon successful authorization, and if the user has no local instance, an event (Muffin/OAuth2.newUser)
is triggered. Use it to create a user like so:
// bootstrap.php use Cake\Event\Event; use Cake\ORM\TableRegistry; EventManager::instance()->on('Muffin/OAuth2.newUser', [TableRegistry::get('Users'), 'createNewUser']); // UsersTable.php use Cake\Event\Event; use League\OAuth2\Client\Provider\AbstractProvider; public function createNewUser(Event $event, AbstractProvider $provider, array $data) { $entity = $this->newEntity($data); $this->save($entity); return $entity->toArray(); // user data to be used in session }
Finally, once token is received, the Muffin/OAuth2.afterIdentify event is triggered. Use this to update your local
tokens for example:
// bootstrap.php use Cake\Event\Event; use Cake\ORM\TableRegistry; EventManager::instance()->on('Muffin/OAuth2.afterIdentify', [TableRegistry::get('Tokens'), 'createOrUpdate']); // TokensTable.php use Cake\Event\Event; use League\OAuth2\Client\Provider\AbstractProvider; public function createOrUpdate(Event $event, AbstractProvider $provider, array $data) { // ... return; // void }
Next up, you need to create a route that will be used by all providers:
// config/routes.php Router::connect( '/oauth/:provider', ['controller' => 'users', 'action' => 'login'], ['provider' => implode('|', array_keys(Configure::read('Muffin/OAuth2.providers')))] );
Now, if you have already read the book's AuthComponent documentation, you should be familiar with how to
add the new authentication object to it:
// src/Controller/AppController.php $this->load('Auth', [ 'authenticate' => [ 'Form', 'Muffin/OAuth2.OAuth', ] ]);
Patches & Features
- Fork
- Mod, fix
- Test - this is important, so it's not unintentionally broken
- Commit - do not mess with license, todo, version, etc. (if you do change any, bump them into commits of their own that I can ignore when I pull)
- Pull request - bonus point for topic branches
To ensure your PRs are considered for upstream, you MUST follow the CakePHP coding standards.
Bugs & Feedback
http://github.com/usemuffin/oauth2/issues
License
Copyright (c) 2015, Use Muffin and licensed under The MIT License.