diglin / oauth2-oro-provider
Symfony 扩展包 - OAuth2 Oro 客户端提供程序
Requires
- php: ^7.1|^8.1
- league/oauth2-client: ^2.4
- symfony/config: ^4.4|^5.4|^6.1
- symfony/dependency-injection: ^4.4|^5.4|^6.1
- symfony/http-kernel: ^4.4|^5.4|^6.1
Requires (Dev)
This package is auto-updated.
Last update: 2024-09-14 18:26:21 UTC
README
简介
此 Symfony 4.x & 5.x 扩展包允许您通过 OAuth2 协议对基于 OroPlatform 的应用程序 API 进行身份验证和连接。
此扩展包扩展了 league/oauth2-client 依赖项,并将自动安装。有关依赖项的更多信息,请访问网址 https://github.com/thephpleague/oauth2-client
兼容性
- OroPlatform 4.x & 5.x,OAuth 服务器在 OroPlatform 端处于激活状态
- Symfony 4.x | 5.x
安装
通过 composer
composer require diglin/oauth2-oro-provider:^1.0
配置
DiglinOAuth2OroBundle 的默认配置如下所示
# Default configuration for extension with alias: "diglin_oauth2_oro"
diglin_oauth2_oro:
api:
# Url of the Oro Application, without trailing slash
url: ~ # Required
# Client ID: see documentation to get the value
client_id: ~ # Required
# Client secret: see documentation to get the value
client_secret: ~ # Required
# Username: required if grant_type = password
username: null
# Password: required if grant_type = password
password: null
# grant_type possible values: client_credentials or password
grant_type: client_credentials # Required
在路径 config/packages/diglin_oauth2_oro.yaml 创建一个文件(您也可以在环境级别设置此文件,例如在 prod 或 dev 文件夹中。)以下是一个内容示例
parameters: 'env(OROCRM_URL)': '' 'env(OROCRM_CLIENT_ID)': '' 'env(OROCRM_CLIENT_SECRET)': '' diglin_oauth2_oro: api: url: "%env(OROCRM_URL)%" client_id: '%env(OROCRM_CLIENT_ID)%' client_secret: '%env(OROCRM_CLIENT_SECRET)%' username: ~ # value only if grant_type = password password: ~ # value only if grant_type = password grant_type: "client_credentials" # client_credentials or password
url:应该类似于https://my-domain.comclient_id和client_secret:您可以从 OroPlatform 获取值 - 请参阅 https://doc.oroinc.com/user/back-office/system/user-management/oauth-app/#oauth-applicationsgrant_type:可以是password或client_credentials。推荐使用client_credentials
如 Oro 文档所述
客户端凭据类型用于机器到机器的身份验证(例如,在通过 API 执行维护任务的 cron 作业中)和密码由受信任的第一方客户端用于交换凭据(用户名和密码)以获取访问令牌。OAuth 建议使用 client_credentials
用法
创建一个实现 \Diglin\OAuth2OroBundle\Api\Endpoints\EndpointInterface 接口的端点。您的类可以如下所示
<?php namespace Acme\Oro; use Diglin\OAuth2OroBundle\Api\ClientOAuthInterface; class MyEndpoint implements \Diglin\OAuth2OroBundle\Api\Endpoints\EndpointInterface { const ENDPOINT_CUSTOMER = '/api/users'; const TYPE = 'users'; public function __construct(private ClientOAuthInterface $client) { } public function get() { return $this->client->request(ClientOAuthInterface::REQUEST_GET, $this->getEndpoint()); } // When creating a new entity entry public function put(array $data = ['my_attribute' => 'my value']) { $myJsonData = \json_encode([ 'data' => [ 'type' => self::TYPE, 'attributes' => $data ], ]); return $this->client->request(ClientOAuthInterface::REQUEST_PUT, $this->getEndpoint(), ['body' => $myJsonData]); } // When updating existing entity entry public function post(array $data = ['my_attribute' => 'my value']) { $myJsonData = \json_encode([ 'data' => [ 'type' => self::TYPE, 'attributes' => $data ], ]); return $this->client->request(ClientOAuthInterface::REQUEST_POST, $this->getEndpoint(), ['body' => $myJsonData]); } public function getEndpoint(): string { return self::ENDPOINT_CUSTOMER; } }
然后在您的代码中可以进行以下操作(请注意,下面的代码当然需要相应地调整)
<?php // require autoloader + Symfony bootstrap in this example $parameters = $container->get('diglin_oauth2_oro.api'); $settings = new Diglin\OAuth2OroBundle\Api\ClientOAuthSettings($parameters['url'], $parameters['client_id'], $parameters['client_secret'], $parameters['client_credentials'], $parameters['username'], $parameters['password']); $factory = new \Diglin\OAuth2OroBundle\Api\ClientOAuthFactory(\Diglin\OAuth2OroBundle\Api\ClientOAuth::class, $settings); $endpoint = new \Acme\Oro\MyEndpoint($factory->create()); $users = $endpoint->get();
提示
要获取您的 Oro 应用程序上的可用端点列表,您可以请求网址 https://myoroapp.com/api/doc(如果您使用 OroCommerce,前端和后端之间存在差异,在这种情况下,后端 API 的管理网址可能如下所示 https://myoroapp.com/admin/api/doc)
PHP 测试兼容性
运行 ./vendor/bin/phpcs -p src --standard=PHPCompatibility --runtime-set testVersion 8.1
待办事项
- API 令牌的存储以及刷新令牌的使用
许可证
请参阅 LICENSE.txt
作者
- Diglin GmbH
- https://www.diglin.com/
- @diglin_
- 在 GitHub 上关注我们!