jampire/oauth2-appid

为PHP League OAuth2 Client提供的IBM App ID OAuth 2.0客户端提供程序

维护者

详细信息

github.com/Jampire/oauth2-appid

主页

源代码

问题

安装次数: 3,188

依赖关系: 0

建议者: 0

安全性: 0

星标: 2

关注者: 3

分支: 1

开放问题: 0

2.0.8 2020-06-04 18:12 UTC

Requires

Requires (Dev)

MIT 2b8c6eba236a26559b6b301becdfcedd55d193ee

phpauthorizationapiAuthenticationclientoauthoauth2SSOgooglefacebookidentityidpsingle sign onsamlibmApp ID

This package is auto-updated.

Last update: 2024-09-14 16:50:26 UTC

README

Build Status Scrutinizer coverage (GitHub/BitBucket) GitHub release (latest SemVer) PHP from Packagist Scrutinizer Code Quality GitHub tag (latest SemVer) GitHub Packagist GitHub contributors GitHub last commit contributions welcome

此包为PHP League的OAuth 2.0 Client提供IBM App ID OAuth 2.0支持。请参阅此页面以获取完整文档。

安装

要安装,请使用composer

composer require jampire/oauth2-appid

用法

用法与The League的OAuth客户端相同,使用\Jampire\OAuth2\Client\Provider\AppIdProvider作为提供者。

使用baseAuthUri指定IBM App ID基本服务器URL。您可以从IBM App ID服务的应用设置中的oAuthServerUrl查找正确的值,去掉tenantId部分,例如https://us-south.appid.cloud.ibm.com/oauth/v4

使用tenantId指定IBM App ID租户ID。您可以从IBM App ID服务的应用设置中的tenantId查找正确的值,例如abcd-efgh-1234-5678-mnop

所有其他值您都可以在IBM App ID服务的应用设置中找到。

不要忘记在IBM App ID白名单中注册您的重定向URL。请参阅IBM App ID 文档

授权码流

<?php

require_once __DIR__ . '/vendor/autoload.php';

use Jampire\OAuth2\Client\Provider\AppIdProvider;
use Jampire\OAuth2\Client\Provider\AppIdException;

session_start();

try {
    $provider = new AppIdProvider([
        'baseAuthUri'   => '{baseAuthUri}',
        'tenantId'      => '{tenantId}',
        'clientId'      => '{clientId}',
        'clientSecret'  => '{clientSecret}',
        'redirectUri'   => '{redirectUri}',
    ]);
} catch (AppIdException $e) {
    exit('Failed to create provider: ' . $e->getMessage());
}

if (!isset($_GET['code'])) {
    // If we don't have an authorization code then get one

    // Fetch the authorization URL from the provider; this returns the
    // urlAuthorize option and generates and applies any necessary parameters
    // (e.g. state).
    $authorizationUrl = $provider->getAuthorizationUrl();

    // Get the state generated for you and store it to the session.
    $_SESSION['oauth2state'] = $provider->getState();

    // Redirect the user to the authorization URL.
    header('Location: ' . $authorizationUrl);
    exit;
}

if (empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])) {
    // Check given state against previously stored one to mitigate CSRF attack
    if (isset($_SESSION['oauth2state'])) {
        unset($_SESSION['oauth2state']);
    }
    exit('Invalid state');

}

try {
    // Try to get an access token using the authorization code grant.
    $accessToken = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]);

    // We have an access token, which we may use in authenticated
    // requests against the service provider's API.
    echo '<b>Access Token:</b> ', $accessToken->getToken(), '<br>';
    echo '<b>Refresh Token:</b> ', $accessToken->getRefreshToken(), '<br>';
    echo '<b>Expired in:</b> ', $accessToken->getExpires(), '<br>';
    echo '<b>Already expired?</b> ', ($accessToken->hasExpired() ? 'expired' : 'not expired'), '<br>';

    // Using the access token, we may look up details about the
    // resource owner.
    $resourceOwner = $provider->getResourceOwner($accessToken);
} catch (Exception $e) {
    // Failed to get the access token or user details.
    exit($e->getMessage());
}

示例

测试

$ ./vendor/bin/phpunit

贡献

请参阅CONTRIBUTING以获取详细信息。

致谢

许可

MIT许可(MIT)。请参阅许可文件以获取更多信息。