longthanhtran/yii2-oauth2-resource-server

OAuth 2.0 Resource Server

Maintainers

Details

github.com/longthanhtran/yii2-oauth2-resource-server

Source

Issues

Installs: 0

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 0

Type:yii2-extension

1.0.0 2021-09-19 05:50 UTC

Requires

Requires (Dev)

MIT 92da232dc4e43c8ce3ba02581e944b9faadfca3c

  • Long Tran <long.thanh.tran.woop@gmail.com>

This package is auto-updated.

Last update: 2024-05-19 11:17:02 UTC

README

Introduction.

The package is a wrapper with League's OAuth2 Server package to implement Resource Server function. This take bearer access_token and validates against define OAuth2 authz server before accepting the request.

Current support grant to communicate with OAuth2 authz server is client_credentials

Setup.

Parameters.

  • Prepare the pair of clientId and clientSecret inside @app/config/params.php file. Authorization Server url also has it detail.
...
  'resourceServer' => [
    'authzServerUrl' => 'your-oauth-authz-server-url',
    'publicKey'      => 'your-public-key-path'
  ],
  'clientCredentials' => [
    'clientId'     => 'your-client-id',
    'clientSecret' => 'your-client-secret',
  ]
...

OAuthRequester component

  • Inside @app/config/web.php, put component definition for OAuthRequest
...
  'oauthRequester' => [
    'class' => 'longthanhtran\oauth2\filters\OAuthRequester'
  ]
...

Usage

From your (rest) controller, attach the RequestValidator in behaviors function, e.g

public function behaviors()
{
  $behaviors = parent::behaviors();

  $behaviors['authenticator'] = [
    'class' => 'longthanhtran\oauth2\filters\RequestValidator'
  ];

  return $behaviors;
}