longthanhtran / yii2-oauth2-resource-server
OAuth 2.0 Resource Server
Installs: 0
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Type:yii2-extension
Requires
- php: >= 7.4 | 8.0
- guzzlehttp/guzzle: ^7.3
- league/oauth-server: ^8.3
- yiisoft/yii2: ~2.0.14
Requires (Dev)
- symfony/var-dumper: ^5.3
README
Introduction.
The package is a wrapper with League's OAuth2 Server package to implement
Resource Server function. This take bearer access_token
and validates against
define OAuth2 authz server before accepting the request.
Current support grant to communicate with OAuth2 authz server is
client_credentials
Setup.
Parameters.
- Prepare the pair of
clientId
andclientSecret
inside@app/config/params.php
file. Authorization Server url also has it detail.
... 'resourceServer' => [ 'authzServerUrl' => 'your-oauth-authz-server-url', 'publicKey' => 'your-public-key-path' ], 'clientCredentials' => [ 'clientId' => 'your-client-id', 'clientSecret' => 'your-client-secret', ] ...
OAuthRequester component
- Inside
@app/config/web.php
, put component definition forOAuthRequest
... 'oauthRequester' => [ 'class' => 'longthanhtran\oauth2\filters\OAuthRequester' ] ...
Usage
From your (rest) controller, attach the RequestValidator
in behaviors
function, e.g
public function behaviors() { $behaviors = parent::behaviors(); $behaviors['authenticator'] = [ 'class' => 'longthanhtran\oauth2\filters\RequestValidator' ]; return $behaviors; }