muffin / oauth2
CakePHP 3 authentication using the league/oauth2-client family
Installs: 53 189
Dependents: 1
Suggesters: 0
Security: 0
Stars: 26
Watchers: 6
Forks: 12
Type:cakephp-plugin
Requires (Dev)
- cakephp/cakephp: ^3.5
- league/oauth2-github: ^2.0
- phpunit/phpunit: ^5.7.14|^6.0
This package is auto-updated.
Last update: 2024-03-28 00:45:58 UTC
README
CakePHP 3 authentication using the league/oauth2-client.
Install
Using Composer:
composer require muffin/oauth2
You then need to load the plugin.
bin/cake plugin load Muffin/OAuth2
Wait, you're not done yet. This plugin will NOT require any of the clients. You will have to do it yourself. For e.g. if you want to use Github client do:
composer require "league/oauth2-github"
Usage
First, start by defining the providers:
// either in `config/bootstrap.php` Configure::write('Muffin/OAuth2', [ 'providers' => [ 'github' => [ 'className' => 'League\OAuth2\Client\Provider\Github', // all options defined here are passed to the provider's constructor 'options' => [ 'clientId' => 'foo', 'clientSecret' => 'bar', ], 'mapFields' => [ 'username' => 'login', // maps the app's username to github's login ], // ... add here the usual AuthComponent configuration if needed like fields, etc. ], ], ]); // or in `src/Controller/AppController.php` $this->loadComponent('Auth', [ 'authenticate' => [ // ... 'Muffin/OAuth2.OAuth' => [ 'providers' => [ // the array from example above ], ], ], ]);
Upon successful authorization, and if the user has no local instance, an event (Muffin/OAuth2.newUser)
is triggered. Use it to create a user like so:
// bootstrap.php use Cake\Event\Event; use Cake\ORM\TableRegistry; EventManager::instance()->on( 'Muffin/OAuth2.newUser', [TableRegistry::get('Users'), 'createNewUser'] ); // UsersTable.php use Cake\Event\Event; use League\OAuth2\Client\Provider\AbstractProvider; public function createNewUser(Event $event, AbstractProvider $provider, array $data) { $entity = $this->newEntity($data); $this->save($entity); return $entity->toArray(); // user data to be used in session }
Finally, once token is received, the Muffin/OAuth2.afterIdentify event is triggered. Use this to update your local
tokens for example:
// bootstrap.php use Cake\Event\Event; use Cake\ORM\TableRegistry; EventManager::instance()->on( 'Muffin/OAuth2.afterIdentify', [TableRegistry::get('Tokens'), 'createOrUpdate'] ); // TokensTable.php use Cake\Event\Event; use League\OAuth2\Client\Provider\AbstractProvider; public function createOrUpdate(Event $event, AbstractProvider $provider, array $data) { // ... return; // void }
Next up, you need to create a route that will be used by all providers:
// config/routes.php Router::connect( '/oauth/:provider', ['controller' => 'users', 'action' => 'login'], ['provider' => implode('|', array_keys(Configure::read('Muffin/OAuth2.providers')))] );
Now, if you have already read the book's AuthComponent documentation, you should be familiar with how to
add the new authentication object to it:
// src/Controller/AppController.php $this->loadComponent('Auth', [ 'authenticate' => [ 'Form', 'Muffin/OAuth2.OAuth', ] ]);
Patches & Features
- Fork
- Mod, fix
- Test - this is important, so it's not unintentionally broken
- Commit - do not mess with license, todo, version, etc. (if you do change any, bump them into commits of their own that I can ignore when I pull)
- Pull request - bonus point for topic branches
To ensure your PRs are considered for upstream, you MUST follow the CakePHP coding standards.
Bugs & Feedback
http://github.com/usemuffin/oauth2/issues
License
Copyright (c) 2018, Use Muffin and licensed under The MIT License.