Search by 
sonrac / lumen-league-oauth2
Lumen league oauth2 wrapper
1.3.1
2018-11-07 23:04 UTC
Requires
- php: >=7.0
- laravel/lumen-framework: 5.*
- league/oauth2-server: ^6.0
- symfony/psr-http-message-bridge: ^1.0
- zendframework/zend-diactoros: ^1.6
Requires (Dev)
- fzaninotto/faker: ^1.7
- phpunit/phpunit: ^6.3
- refinery29/php-cs-fixer-config: ^0.6.7
- squizlabs/php_codesniffer: ^3.2
README
Installation
composer require sonrac/lumen-league-oauth2
Usages
Resister service provider first:
Add to your bootstrap/app.php
$app->register(\sonrac\lumenRest\Oauth2ServiceProvider::class);
Description
league/oauth2 -server implementation for lumen
Contracts
Contracts or oauth2 server implemented in sonrac\lumenRest\Oauth2ServiceProvider
Events
Events usages described in official documentation
Middleware
Use League\OAuth2\Server\Middleware\ResourceMiddleware for validate authentication request
Use League\OAuth2\Server\Middleware\AuthorizationServerMiddleware for user authenticate
Example routing
Get access token
$app->router->post('/access_token', function (\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response) use ($app) { /* @var \League\OAuth2\Server\AuthorizationServer $server */ $server = $app->make(\League\OAuth2\Server\AuthorizationServer::class); try { // Try to respond to the request return $server->respondToAccessTokenRequest($request, $response); } catch (\League\OAuth2\Server\Exception\OAuthServerException $exception) { // All instances of OAuthServerException can be formatted into a HTTP response return $exception->generateHttpResponse($response); } catch (\Exception $exception) { // Unknown exception $body = new \Zend\Diactoros\Stream('php://temp', 'r+'); $body->write($exception->getMessage()); return $response->withStatus(500)->withBody($body); } });
Authorize third-party clients (implicit & auth code grants)
$app->router->get('/authorize', function (\League\OAuth2\Server\AuthorizationServer $server, \Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response) { try { // Validate the HTTP request and return an AuthorizationRequest object. $authRequest = $server->validateAuthorizationRequest($request); // The auth request object can be serialized and saved into a user's session. // You will probably want to redirect the user at this point to a login endpoint. // Once the user has logged in set the user on the AuthorizationRequest $authRequest->setUser(app()->make(\League\OAuth2\Server\Entities\UserEntityInterface::class)); // an instance of UserEntityInterface // At this point you should redirect the user to an authorization page. // This form will ask the user to approve the client and the scopes requested. // Once the user has approved or denied the client update the status // (true = approved, false = denied) $authRequest->setAuthorizationApproved(true); // Return the HTTP redirect response return $server->completeAuthorizationRequest($authRequest, $response); } catch (\Exception $exception) { // Unknown exception $body = new \Zend\Diactoros\Stream('php://temp', 'r+'); $body->write($exception->getMessage()); return $response->withStatus(500)->withBody($body); } });
JWT guard
For using JWT token you need define JWT guard
Example config:
'defaults' => [ 'guard' => 'jwt' ], 'guards' => [ 'jwt' => [ 'driver' => 'jwt', 'provider' => 'clients', ], 'user' => [ 'driver' => 'token', 'provider' => 'users', ], ], 'providers' => [ 'clients' => [ 'driver' => 'eloquent', 'model' => app(\League\OAuth2\Server\Entities\ClientEntityInterface::class), ], 'users' => [ 'driver' => 'eloquent', 'model' => app(\League\OAuth2\Server\Entities\UserEntityInterface::class), ], ],
Generate keys
For using SSL encryption generate keys first:
php artisan generate:keys