gregurco / guzzle-bundle-oauth2-plugin
OAuth2 Plugin for Guzzle Bundle, a PHP HTTP client library and framework for building RESTful web service clients
Installs: 232 612
Dependents: 0
Suggesters: 0
Security: 0
Stars: 12
Watchers: 3
Forks: 14
Open Issues: 5
Requires
- php: >=7.2
- eightpoints/guzzle-bundle: ^8.0
- guzzlehttp/guzzle: ^6.5.8|^7.4.5
- sainsburys/guzzle-oauth2-plugin: ^3.0
- symfony/config: ~5.0|~6.0|~7.0
- symfony/dependency-injection: ~5.0|~6.0|~7.0
- symfony/expression-language: ~5.0|~6.0|~7.0
- symfony/http-kernel: ~5.0|~6.0|~7.0
Requires (Dev)
- php-coveralls/php-coveralls: ^2.2
- symfony/phpunit-bridge: ~5.0|~6.0|~7.0
README
This plugin integrates OAuth2 functionality into Guzzle Bundle, a bundle for building RESTful web service clients.
Prerequisites
- PHP 7.2 or above
- Guzzle Bundle
- guzzle-oauth2-plugin
Installation
To install this bundle, run the command below on the command line and you will get the latest stable version from Packagist.
composer require gregurco/guzzle-bundle-oauth2-plugin
Usage
Enable bundle
Find next lines in src/Kernel.php:
foreach ($contents as $class => $envs) { if (isset($envs['all']) || isset($envs[$this->environment])) { yield new $class(); } }
and replace them by:
foreach ($contents as $class => $envs) { if (isset($envs['all']) || isset($envs[$this->environment])) { if ($class === \EightPoints\Bundle\GuzzleBundle\EightPointsGuzzleBundle::class) { yield new $class([ new \Gregurco\Bundle\GuzzleBundleOAuth2Plugin\GuzzleBundleOAuth2Plugin(), ]); } else { yield new $class(); } } }
Basic configuration
With default grant type (client)
# app/config/config.yml eight_points_guzzle: clients: api_payment: base_url: "http://api.domain.tld" options: auth: oauth2 # plugin settings plugin: oauth2: base_uri: "https://example.com" token_url: "/oauth/token" client_id: "test-client-id" client_secret: "test-client-secret" # optional scope: "administration"
With password grant type
# app/config/config.yml eight_points_guzzle: clients: api_payment: base_url: "http://api.domain.tld" options: auth: oauth2 # plugin settings plugin: oauth2: base_uri: "https://example.com" token_url: "/oauth/token" client_id: "test-client-id" username: "johndoe" password: "A3ddj3w" scope: "administration" grant_type: "Sainsburys\\Guzzle\\Oauth2\\GrantType\\PasswordCredentials"
With client credentials in body
# app/config/config.yml eight_points_guzzle: clients: api_payment: base_url: "http://api.domain.tld" options: auth: oauth2 # plugin settings plugin: oauth2: base_uri: "https://example.com" token_url: "/oauth/token" client_id: "test-client-id" scope: "administration" auth_location: "body"
Options
| Key | Description | Required | Example |
|---|---|---|---|
| base_uri | URL of oAuth2 server. | yes | https://example.com |
| token_url | The path that will be concatenated with base_uri. Default: /oauth2/token |
no | /oauth/token |
| client_id | The client identifier issued to the client during the registration process | yes | s6BhdRkqt3 |
| client_secret | The client secret | no | 7Fjfp0ZBr1KtDRbnfVdmIw |
| username | The resource owner username | for PasswordCredentials grant type | johndoe |
| password | The resource owner password | for PasswordCredentials grant type | A3ddj3w |
| auth_location | The place where to put client_id and client_secret in auth request. Default: headers. Allowed values: body, headers. |
no | body |
| resource | The App ID URI of the web API (secured resource) | no | https://service.contoso.com/ |
| private_key | Path to private key | for JwtBearer grant type | "%kernel.root_dir%/path/to/private.key" |
| scope | One or more scope values indicating which parts of the user's account you wish to access | no | administration |
| audience | no | ||
| grant_type | Grant type class path. Class should implement GrantTypeInterface. Default: Sainsburys\\Guzzle\\Oauth2\\GrantType\\ClientCredentials |
no | Sainsburys\\Guzzle\\Oauth2\\GrantType\\PasswordCredentialsSainsburys\\Guzzle\\Oauth2\\GrantType\\AuthorizationCodeSainsburys\\Guzzle\\Oauth2\\GrantType\\JwtBearer |
| persistent | Token will be stored in session unless grant_type is client credentials; in which case it will be stored in the app cache. Default: false |
no | |
| retry_limit | How many times request will be repeated on failure. Default: 5 |
no |
See more information about middleware here.
License
This middleware is licensed under the MIT License - see the LICENSE file for details