aptenex / oauth2-client-middleware
OAuth2 PSR7 middleware for league/oauth2-client
0.4.0
2020-08-27 14:05 UTC
Requires
- php: >=7.0.0
- beberlei/assert: ^3.2.0
- league/oauth2-client: ^1.2.0|^2.2.0
Requires (Dev)
- mockery/mockery: ^0.9.9
- phpunit/phpunit: ^4.0|^5.0
README
PSR7 middleware that uses league/oauth2-client to authenticate requests with an OAuth2 server.
Installation
composer require somoza/oauth2-client-middleware
Usage
The current implementation indirectly depends on Guzzle 6 because it's a direct dependency of league/oauth2-client
.
Using Guzzle:
use Somoza\OAuth2Middleware\OAuth2Middleware; use Somoza\OAuth2Middleware\TokenService\Bearer; $stack = new \GuzzleHttp\HandlerStack(); $stack->setHandler(new CurlHandler()); $client = new \GuzzleHttp\Client(['handler' => $stack]); // instantiate a provider, see league/oauth2-client docs $provider = new GenericProvider( [ 'clientId' => 'your_client_id', 'clientSecret' => 'your_client_secret', 'urlAuthorize' => 'your_authorization_url', 'urlAccessToken' => 'your_access_token_url', 'urlResourceOwnerDetails' => 'your_resource_owner_url', ], [ 'httpClient' => $client ] // or don't pass it and let the oauth2-client create its own Guzzle client ); // attach our oauth2 middleware $bearerMiddleware = new OAuth2Middleware( new Bearer($provider), // use the Bearer token type [ // ignore (do not attempt to authorize) the following URLs $provider->getBaseAuthorizationUrl(), $provider->getBaseAccessTokenUrl(), ] ); $stack->push($bearerMiddleware); // if you want to debug, it might be useful to attach a PSR7 logger here
Caching the Access Token
A callback can be assigned to the middleware in order to save the access token for future use. Make sure you know about the security implications of storing an access token (do it at your own risk).
Example:
use Somoza\OAuth2Middleware\OAuth2Middleware; use Somoza\OAuth2Middleware\TokenService\Bearer; use League\OAuth2\Client\Token\AccessToken; // see previous example for initialization $tokenStore = new EncryptedCache(); // you can use whatever you want here $token = null; if ($tokenStore->contains($userId)) { $tokenData = json_decode($cache->fetch($userId)); $token = new AccessToken($tokenData); } $bearerMiddleware = new OAuth2Middleware( new Bearer( $provider, // defined as in the "Usage" example $token, function (AccessToken $newToken, AccessToken $oldToken) use ($tokenStore, $userId) { // called whenever a new AccessToken is fetched $tokenStore->save($userId, $newToken->jsonSerialize()); } ), ); $stack->push($bearerMiddleware);
License
MIT - see LICENSE.md