OAuth2 server

Lexne · December 11, 2014, 5:20pm

Hi, I am building a few systems using Yii2 and I would like the user to always log in from my main system. Let’s call it Portal.

So when a user wants access to another system he/she clicks on a link and will see a popup from the main system Portal. Write his/hers login details and will then be redirected back to the application on successful authentification. Just like Facebook and many more have.

No system except Portal will be having the passwords. I also need to pass extra parameters back containing what the user should be able to access on the system.

On the client side I am using Yii2 AuthClient

My problem is on the server side. I imagine that oauth2 is the best way to go and I have been looking at Filsh yii2-oauth2-server but I can not get it to work. And it is not very well documented. I always get this error:


<response>

<name>Unauthorized</name>

<message>You are requesting with an invalid credential.</message>

<code>0</code>

<status>401</status>

<type>yii\web\UnauthorizedHttpException</type>

</response>

I tried Filsh yii2-oauth2-server on a new installed Yii 2.0.1 but then I got this error instead:


<name>PHP Fatal Error</name>

<message>

Call to a member function getServer() on a non-object

</message>

<code>1</code>

<type>yii\base\ErrorException</type>

<file>

/var/www/public/oauth2test/vendor/filsh/yii2-oauth2-server/filters/auth/CompositeAuth.php

</file>

<line>14</line>

Does anyone have any suggestion in direction on where I can look or if I should go with another protocol then oauth2 and then why.

Have anyone else tried to do something like this and just how did you do?

I’ve been trying and searching the whole day with very little success.

lukos · January 15, 2015, 1:11am

OAuth2 is exactly the right tool for this job.

I don’t know about the plugins but when you first redirect to Portal, you should be passing a client id in the url. When Portal redirects back to your site, your site will then make another 2 calls to Portal using a POST (and usually to a web service), I am guessing it is the first of these that is failing. The first call is to get an access token and requires that either the client id and secret are passed using an HTTP authorization header or otherwise in the body of the POST (depending on what Portal allows/accepts). The second of these calls swaps the token for the user information and should not require client id or secret.

If you have not set up the client id and secret in the config settings (or not set them correctly - watch out for whitespace and stuff) then I would suspect this to be the most likely cause of your error.

jlagare · February 3, 2015, 6:22am

Have you resolved this error?

evstevemd · February 3, 2015, 7:17am

If you can document steps taken and how does you access URL it will be easy to help.

I will put together simple tutorial on setting it up when I get spare time!

Cre · May 19, 2015, 10:42pm

Hi everyone.

I’ve configured this extension successfully and created Yii2 Rest API template ikaras/yii2-oauth2-rest-template on github (sorry, but I haven’t permissions to post direct links yet). Feel free to use.

evstevemd · May 20, 2015, 9:47am

Thats great. I will have a look at it when I have time. Its interesting.

Link is https://github.com/ikaras/yii2-oauth2-rest-template

Cre · May 20, 2015, 3:36pm

Thanks. I’ll try to find time to finish description with examples of requests soon.

Also you can run already configured app in LEMP stack by means of Docker. I’ve prepared Docker Compose description file and needed images in the repo github.com/ikaras/yii2-oauth2-rest-docker