groton-school/slim-oauth2-api-proxy

Server-side actions and routes for authenticating to and accessing an REST API from a web client

Maintainers

Details

github.com/groton-school/slim-oauth2-api-proxy

Source

Issues

Installs: 69

Dependents: 1

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 0

1.0.0 2025-08-16 23:42 UTC

Requires

Requires (Dev)

GPL-3.0 72fdadb30c0b82255e5b284c0ad5b0289e113511

  • Seth Battis <sbattis.woop@groton.org>

This package is auto-updated.

Last update: 2025-08-16 23:49:10 UTC

README

Server-side actions and routes for authenticating to and accessing an REST API from a web client

Latest Version

Install

composer require groton-school/oauth2-api-proxy

Use

Due to CORS restrictions, a web app can't directly access an arbitrary REST API. This package provides a server-side proxy for the web client to use to access the REST API, storing the the user's API access tokens on the client side as web cookies.

  1. Implement ProviderInterface. This is intended to be done with one of the League/oauth2-client implementations. See groton-school/slim-canvas-api-proxy for a concrete example (which makes use of the Defaults traits provided for convenience).
  2. Inject the implementation as a dependency. (Of course, make sure that you store your API credentials somewhere secure!)
  3. use RouteBuilder to define the necessary routes.
  4. Access the client from a web app. A concrete example of this is @groton/canvas-api.client.web.

groton-school/slim-skeleton@dev-gae/lti-tool_canvas-api-proxy

groton-school/slim-skeleton is the canonical example of how this shim is meant to be used.