mxmz / lfj-opauth
LfjOpauth is a Zend Framework 2 module that enables support for many authentication providers through the Opauth framework.
Requires
- php: >=5.3
- opauth/opauth: 0.4.4
Suggests
- opauth/facebook: Allows Facebook authentication
- opauth/google: Allows Google authentication
- opauth/twitter: Allows Twitter authentication
This package is not auto-updated.
Last update: 2024-12-21 19:42:31 UTC
README
Originally By Lorenzo Ferrara Junior, Forked By Maksim Luzik (mxmz-)
Introduction
LfjOpauth is a Zend Framework 2 module that enables support for many authentication providers through the Opauth framework.
Installation
To use the module you need to:
- Install the LfjOpauth module using using
composer
- Install at least one of the Opauth strategies
- Enable the LfjOpauth module
To install the LfjOpauth module, you need to add "mxmz/lfj-opauth": "dev-master"
to the require
list of your project's composer.json
file.
To install the Opauth strategy, you need find the required
package on Packagist or on GitHub and add it to the require
list of your project's composer.json
file.
This is an example of a modified composer.json
which includes the LfjOpauth module and the Facebook strategy:
{ "name": "zendframework/skeleton-application", "description": "Skeleton Application for ZF2", "require": { "php": ">=5.3.3", "zendframework/zendframework": ">2.2.0rc1", "mxmz/lfj-opauth": "dev-master", "opauth/facebook": "0.2.1" } }
The example includes the installation of the Facebook Opauth strategy. More info on Opauth strategies can be found on GitHub:
Installing LfjOpauth using composer
, the Opauth dependecy is automatically resolved, but you still must provide at least one strategy.
Next, you need to add LfjOpauth
to the modules
list in the config/application.config.php
file of your Zend Framework 2 project.
This is an example:
<?php return array( 'modules' => array( 'LfjOpauth', 'Application', ), // more code );
Configuration
Once LfjOpauth is installed you must create a file named lfjopauth.global.php
in your config/autoload
directory. This is the configuration file where you specify the LfjOpauth options.
An example of the lfjopauth.global.php
file:
$settings = array( 'security_salt' => 'Some random text', 'Strategy' => array( 'Facebook' => array( 'app_id' => 'facebook application id', 'app_secret' => 'facebook application secret', 'scope' => 'email,user_relationships', ), 'second_facebook_app' => array( 'app_id' => 'another facebook application id', 'app_secret' => 'another facebook application secret', 'scope' => 'email,user_relationships', 'strategy_class' => 'Facebook', 'strategy_url_name' => 'second_facebook_app' ) ), 'check_controller_enabled' => false ); return array('lfjopauth' => $settings);
The configuration is pretty much the same as the Opauth configuration, without the path
and callback_url
options, which are handled by the module.
The check_controller_enabled
flag enables or disables access to CheckController
.
Alternatively, an option provider can be set using the Service Manager
to replace the current configuration loader.
To do that, you just have to :
- Register a service named
lfjopauth_module_options
, - Implement the interface
LfjOpauth\Provider\OptionsProviderInterface
, - And return a configuration
array
as above.
This can be usefull if you want to load your configuration from database or generate configuration for complexe cases.
Login and callback urls
Given the above configuration (and the corresponding Facebook applications), you will be able to login using:
- http://example.com/user/opauth/login/facebook
- http://example.com/user/opauth/login/second_facebook_app
and to logout using:
For the two demo Facebook application described in the example configuration, you should use
as value of the Website with Facebook Login, Site URL option.
Events
The LfjOpauth\Service\OpauthService
triggers the LfjOpauth\LfjOpauthEvent::EVENT_LOGIN_CALLBACK
event after the callback is processed. Be aware that the LfjOpauth\LfjOpauthEvent::EVENT_LOGIN_CALLBACK
event is alwais triggered, even when the login process fails. Use the available event parameters to implement result checking.
The event contains three parameters:
authenticationService
: aZend\Authentication\Result
instanceauthenticationResult
: aZend\Authentication\AuthenticationService
instanceprovider
: is the provider used to try the login (example: facebook, google)
and its target is an instance of LfjOpauth\Service\OpauthService
.
As en example on how to attach to the event, please refer to the following code.
namespace Application; use Zend\EventManager\EventInterface; use Zend\Mvc\ModuleRouteListener; use Zend\Mvc\MvcEvent; class Module { public function onBootstrap(MvcEvent $e) { $eventManager = $e->getApplication()->getEventManager(); $moduleRouteListener = new ModuleRouteListener(); $moduleRouteListener->attach($eventManager); $sharedEventManager = $eventManager->getSharedManager(); $sharedEventManager->attach('LfjOpauth\Service\OpauthService', \LfjOpauth\LfjOpauthEvent::EVENT_LOGIN_CALLBACK, function(EventInterface $e) { /** @var \Zend\Authentication\Result $result */ $authenticationResult = $e->getParam('authenticationResult'); /** @var \Zend\Authentication\AuthenticationService $authenticationService */ $authenticationService = $e->getParam('authenticationService'); /** @var \LfjOpauth\Service\OpauthService $target */ $target = $e->getTarget(); $provider = $e->getParam('provider'); /* var_dump(get_class($e->getTarget())); var_dump($e->getParam('provider')); var_dump('$authenticationResult->isValid()', $authenticationResult->isValid()); var_dump('$authenticationService->hasIdentity()', $authenticationService->hasIdentity()); var_dump('$authenticationService->getIdentity()', $authenticationService->getIdentity()); var_dump('$authenticationResult->getCode()', $authenticationResult->getCode()); var_dump('$authenticationResult->getIdentity()', $authenticationResult->getIdentity()); var_dump('$authenticationResult->getMessages()', $authenticationResult->getMessages()); */ }, 100); }
Custom callback urls
If you need custom login and/or callback urls (for example containing more parameters), you can code custom routes and controller.
This is the code that defines the custom_lfjopauth_login
and custom_lfjopauth_callback
routes (custom-auth
is the controller alias):
return array( 'router' => array( 'routes' => array( 'custom_lfjopauth_login' => array( 'type' => 'Segment', 'options' => array( 'route' => '/custom/login/[:provider[/:oauth_callback]]', 'constraints' => array( 'provider' => '[a-zA-Z][a-zA-Z0-9_-]*', 'oauth_callback' => '[a-zA-Z][a-zA-Z0-9_-]*' ), 'defaults' => array( 'controller' => 'custom-auth', 'action' => 'redirectAndReturn' ) ) ), 'custom_lfjopauth_callback' => array( 'type' => 'Segment', 'options' => array( 'route' => '/custom/callback/[:provider]', 'constraints' => array( 'provider' => '[a-zA-Z][a-zA-Z0-9_-]*' ), 'defaults' => array( 'controller' => 'custom-auth', 'action' => 'callback' ) ) ), // more code ) ) );
This is the code of the hypothetical controller that manages login and callback actions:
// [...] class AuthController extends AbstractActionController { public function redirectAndReturnAction() { // if user is not logged in if (!$this->auth()->hasIdentity()) { $provider = $this->params()->fromRoute('provider'); $oauth_callback = $this->params()->fromRoute('oauth_callback'); $opauth_service = $this->getServiceLocator()->get('opauth_service'); // set custom login and callback routes $opauth_service->setLoginUrlName('custom_lfjopauth_login'); $opauth_service->setCallbackUrlName('custom_lfjopauth_callback'); return $opauth_service->redirect($provider, $oauth_callback); } return $this->redirect()->toRoute('somewhere_over_the_rainbow'); } public function callbackAction() { // if user is not logged in if (!$this->auth()->hasIdentity()) { $provider = $this->params()->fromRoute('provider'); $opauth_service = $this->getServiceLocator()->get('opauth_service'); // set custom login and callback routes $opauth_service->setLoginUrlName('custom_lfjopauth_login'); $opauth_service->setCallbackUrlName('custom_lfjopauth_callback'); $opauth_service->callback($provider); } return $this->redirect()->toRoute('somewhere_else_over_the_rainbow'); } }
Checking login status
If the check_controller_enabled
flag is enabled, you will be able to print current session info at this url:
The default value of check_controller_enabled
is false
.
Other info
LfjOpauth uses Zend\Authentication\AuthenticationService
(alias lfjopauth_auth_service
) to manage authentication.
The LfjOpauth\Service\OpauthService
(alias: opauth_service
) class exposes the redirect
and callback
methods which can be used in any controller. An example can be found in the LfjOpauth\Controller\LoginController class.
LICENSE
The files in this archive are released under the MIT license. You can find a copy of this license in LICENSE.txt.