Yii 2.0: yii2-oauth2-server

Yii2 OAuth 2.0 Server
4 followers

Description

This extension provides simple implementation of Oauth 2.0 specification using Yii2 framework.

Installation

The preferred way to install this extension is through composer.

To install, either run

$ php composer.phar require conquer/oauth2 "*"

or add

"conquer/oauth2": "*"

to the require section of your composer.json file.

To create database tables run migration command

$ yii migrate --migrationPath=@conquer/oauth2/migrations

Usage

Authorization routine

namespace app\controllers;
 
use app\models\LoginForm;
 
class AuthController extends \yii\web\Controller
{
    public function behaviors()
    {
        return [
            /** 
             * checks oauth2 credentions
             * and performs OAuth2 authorization, if user is logged on
             */
            'oauth2Auth' => [
                'class' => \conquer\oauth2\AuthorizeFilter::className(),
                'only' => ['index'],
            ],
        ];
    }
    public function actions()
    {
        return [
            // returns access token
            'token' => [
                'class' => \conquer\oauth2\TokenAction::classname(),
            ],
        ];
    }
    /**
     * Display login form to authorize user
     */
    public function actionIndex()
    {
        $model = new LoginForm();
        if ($model->load(\Yii::$app->request->post()) && $model->login()) {
            return $this->goBack();
        } else {
            return $this->render('index', [
                'model' => $model,
            ]);
        }
    }
}

Api Controller token authorization

class ApiController extends \yii\web\Controller
{
    public function behaviors()
    {
        return [
            // performs authorization by token
            'tokenAuth' => [
                'class' => \conquer\oauth2\TokenAuth::className(),
            ],
        ];
    }
    public function beforeAction($action)
    {
        $this->enableCsrfValidation = false;
        \Yii::$app->response->format = Response::FORMAT_JSON;
        return parent::beforeAction($action);
    }
    /**
     * Returns username and email
     */
    public function actionIndex()
    {
        $user = \Yii::$app->user->identity;
        return [
            'username' => $user->username,
            'email' =>  $user->email,
        ];
    }
}

Sample client config

return [
...
   'components' => [
       'authClientCollection' => [
            'class' => 'yii\authclient\Collection',
            'clients' => [
                'myserver' => [
                    'class' => 'yii\authclient\OAuth2',
                    'clientId' => 'unique client_id',
                    'clientSecret' => 'client_secret',
                    'tokenUrl' => 'http://myserver.local/auth/token',
                    'authUrl' => 'http://myserver.local/auth/index',
                    'apiBaseUrl' => 'http://myserver.local/api',
                ],
            ],
        ],
];

License

conquer/oauth2 is released under the MIT License. See the bundled LICENSE.md for details.

Resources

Be the first person to leave a comment

Please to leave your comment.

Create extension
Downloads
No downloadable files yet