通过 
搜索
搜索knpuniversity / oauth2-client-bundle
与 league/oauth2-client 集成以提供服务
v2.18.2
2024-08-12 15:26 UTC
Requires
- php: >=8.1
- league/oauth2-client: ^2.0
- symfony/dependency-injection: ^5.4|^6.0|^7.0
- symfony/framework-bundle: ^5.4|^6.0|^7.0
- symfony/http-foundation: ^5.4|^6.0|^7.0
- symfony/routing: ^5.4|^6.0|^7.0
Requires (Dev)
- league/oauth2-facebook: ^1.1|^2.0
- symfony/phpunit-bridge: ^5.4|^6.0|^7.0
- symfony/security-guard: ^5.4
- symfony/yaml: ^5.4|^6.0|^7.0
Suggests
- symfony/security-guard: For integration with Symfony's Guard Security layer
- dev-main
- v2.18.2
- v2.18.1
- v2.18.0
- v2.17.0
- v2.16.0
- v2.15.0
- v2.14.0
- v2.13.1
- v2.13.0
- v2.12.0
- v2.11.0
- v2.10.1
- v2.10.0
- v2.9.0
- v2.8.0
- v2.7.0
- v2.6.0
- v2.5.1
- v2.5.0
- v2.4.0
- v2.3.0
- v2.2.0
- v2.1.0
- v2.0.0
- v1.x-dev
- v1.34.0
- v1.33.0
- v1.32.0
- v1.31.0
- v1.30.1
- v1.30.0
- v1.29.2
- v1.29.1
- v1.29.0
- v1.28.0
- v1.27.1
- v1.27.0
- v1.26.0
- v1.25.0
- v1.24.0
- v1.23.0
- v1.22.0
- v1.21.0
- v1.20.0
- v1.19.0
- v1.18.0
- 1.17.0
- 1.16.1
- 1.16.0
- 1.15.1
- 1.15.0
- 1.14.0
- 1.13.0
- 1.12.0
- 1.11.0
- 1.10.0
- 1.9.1
- 1.9.0
- 1.8.0
- 1.7.0
- 1.6.0
- 1.5.0
- 1.4.0
- 1.3.0
- 1.2.0
- 1.1.0
- 1.0.2
- 1.0.1
- 1.0.0
- 0.5.0
- 0.4.0
- 0.3.0
- 0.2.0
- 0.1.0
- dev-matrix-enhancement
- dev-authenticator-access-token
- dev-do-not-clear-state
This package is auto-updated.
Last update: 2024-09-12 15:36:04 UTC
README
轻松集成 OAuth2 服务器(例如 Facebook、GitHub)以实现
- "社交" 认证/登录
- "用 Facebook 连接" 类型的功能
- 通过 OAuth2 获取访问密钥以用于 API
- 使用 Symfony 自定义验证器(或针对旧应用的 Guard 验证器)进行 OAuth2 认证
此包与 league/oauth2-client 集成。
这个包还是 HWIOAuthBundle?
除了这个包,还有一个名为 HWIOAuthBundle 的 OAuth 包存在。您可能想知道“为什么有两个流行的 OAuth 包?”。
这是一个好问题!一般来说,hwi/oauth-bundle 提供了更多开箱即用的功能,包括社交认证和注册(称为“连接”)。但是,安装起来也稍微困难一些。而 knpuniversity/oauth2-client-bundle 需要更多的设置工作,但它提供了更多底层控制。
不确定使用哪一个?如果您需要 OAuth(社交)认证和注册,请尝试 hwi/oauth-bundle。如果您不喜欢它,请回来!
安装
通过运行以下命令使用 Composer 安装包库
composer require knpuniversity/oauth2-client-bundle
如果您使用 Symfony Flex,该包将自动启用。对于旧应用,在您的 AppKernel 类中启用它。
太棒了!现在,您需要配置一个客户端。
配置客户端
您需要为每个您想要与之通信的 OAuth2 服务器(GitHub、Facebook 等)配置一个客户端。
步骤 1) 下载客户端库
从以下列表中选择一个,并通过 Composer 安装它
在这个列表中没有看到您需要的提供商?请检查来自 league/oauth2-client 的完整第三方提供者客户端列表。否则,请考虑自己创建一个 通用 客户端。
步骤 2) 配置提供商
太棒了!现在,您将配置您的提供商。对于 Facebook,这看起来可能像这样
# config/packages/knpu_oauth2_client.yaml knpu_oauth2_client: clients: # the key "facebook_main" can be anything, it # will create a service: "knpu.oauth2.client.facebook_main" facebook_main: # this will be one of the supported types type: facebook client_id: '%env(OAUTH_FACEBOOK_ID)%' client_secret: '%env(OAUTH_FACEBOOK_SECRET)%' # the route that you're redirected to after # see the controller example below redirect_route: connect_facebook_check redirect_params: {} graph_api_version: v2.12
注意两个 '%env(var)%' 调用?在您的 .env 文件中添加这些,或添加到 vault。这些是 OAuth 提供商的凭证。对于 Facebook,您可以在 developers.facebook.com 上注册您的应用以获取这些凭证
# .env # ... OAUTH_FACEBOOK_ID=fb_id OAUTH_FACEBOOK_SECRET=fb_secret
在 配置 部分中查看所有受支持的 "类型" 的完整配置。
因为我们要连接到 Facebook,所以 type 是 facebook。您可以在 配置 部分的下面看到所有受支持的 type 值。
步骤 3) 使用客户端服务
您配置的每个客户端现在都有自己的服务,可以用来与 OAuth2 服务器通信。
要开始OAuth过程,您需要创建一个路由和控制器,该控制器将重定向到Facebook。因为我们使用了上面的键facebook_main,所以您可以简单地
namespace App\Controller; use KnpU\OAuth2ClientBundle\Client\ClientRegistry; use League\OAuth2\Client\Provider\Exception\IdentityProviderException; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Routing\Annotation\Route; class FacebookController extends AbstractController { /** * Link to this controller to start the "connect" process * * @Route("/connect/facebook", name="connect_facebook_start") */ public function connectAction(ClientRegistry $clientRegistry) { // will redirect to Facebook! return $clientRegistry ->getClient('facebook_main') // key used in config/packages/knpu_oauth2_client.yaml ->redirect([ 'public_profile', 'email' // the scopes you want to access ]); } /** * After going to Facebook, you're redirected back here * because this is the "redirect_route" you configured * in config/packages/knpu_oauth2_client.yaml * * @Route("/connect/facebook/check", name="connect_facebook_check") */ public function connectCheckAction(Request $request, ClientRegistry $clientRegistry) { // ** if you want to *authenticate* the user, then // leave this method blank and create a Guard authenticator // (read below) /** @var \KnpU\OAuth2ClientBundle\Client\Provider\FacebookClient $client */ $client = $clientRegistry->getClient('facebook_main'); try { // the exact class depends on which provider you're using /** @var \League\OAuth2\Client\Provider\FacebookUser $user */ $user = $client->fetchUser(); // do something with all this new power! // e.g. $name = $user->getFirstName(); var_dump($user); die; // ... } catch (IdentityProviderException $e) { // something went wrong! // probably you should return the reason to the user var_dump($e->getMessage()); die; } } }
现在,只需转到(或链接到)/connect/facebook,并观察流程!
完成OAuth2流程后,可以使用$client对象来获取用户、访问令牌或其他内容
// get the user directly $user = $client->fetchUser(); // OR: get the access token and then user $accessToken = $client->getAccessToken(); $user = $client->fetchUserFromToken($accessToken); // access the underlying "provider" from league/oauth2-client $provider = $client->getOAuth2Provider(); // if you're using Facebook, then this works: $longLivedToken = $provider->getLongLivedAccessToken($accessToken);
使用新的Symfony认证器进行认证
此时,您现在有一个很好的服务,允许您将用户重定向到OAuth服务器(例如Facebook)并获取其访问令牌和用户信息。
但通常,您会想要实际认证该用户:将其登录到您的系统。在这种情况下,您不需要在上述connectCheckAction()中放置所有逻辑,而是将其留空并创建一个包含类似逻辑的认证器。
现在,您可以使用新的Symfony认证器系统(自Symfony 5.2以来可用,请不要使用此版本之前的版本)来登录您的应用程序。对于旧版Symfony版本,请使用下面的Guard认证器。
步骤1)使用新的OAuth2Authenticator类
namespace App\Security; use App\Entity\User; // your user entity use Doctrine\ORM\EntityManagerInterface; use KnpU\OAuth2ClientBundle\Client\ClientRegistry; use KnpU\OAuth2ClientBundle\Security\Authenticator\OAuth2Authenticator; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\RouterInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge; use Symfony\Component\Security\Http\Authenticator\Passport\Passport; use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; class MyFacebookAuthenticator extends OAuth2Authenticator implements AuthenticationEntrypointInterface { private $clientRegistry; private $entityManager; private $router; public function __construct(ClientRegistry $clientRegistry, EntityManagerInterface $entityManager, RouterInterface $router) { $this->clientRegistry = $clientRegistry; $this->entityManager = $entityManager; $this->router = $router; } public function supports(Request $request): ?bool { // continue ONLY if the current ROUTE matches the check ROUTE return $request->attributes->get('_route') === 'connect_facebook_check'; } public function authenticate(Request $request): Passport { $client = $this->clientRegistry->getClient('facebook_main'); $accessToken = $this->fetchAccessToken($client); return new SelfValidatingPassport( new UserBadge($accessToken->getToken(), function() use ($accessToken, $client) { /** @var FacebookUser $facebookUser */ $facebookUser = $client->fetchUserFromToken($accessToken); $email = $facebookUser->getEmail(); // 1) have they logged in with Facebook before? Easy! $existingUser = $this->entityManager->getRepository(User::class)->findOneBy(['facebookId' => $facebookUser->getId()]); if ($existingUser) { return $existingUser; } // 2) do we have a matching user by email? $user = $this->entityManager->getRepository(User::class)->findOneBy(['email' => $email]); // 3) Maybe you just want to "register" them by creating // a User object $user->setFacebookId($facebookUser->getId()); $this->entityManager->persist($user); $this->entityManager->flush(); return $user; }) ); } public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response { // change "app_homepage" to some route in your app $targetUrl = $this->router->generate('app_homepage'); return new RedirectResponse($targetUrl); // or, on success, let the request continue to be handled by the controller //return null; } public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response { $message = strtr($exception->getMessageKey(), $exception->getMessageData()); return new Response($message, Response::HTTP_FORBIDDEN); } /** * Called when authentication is needed, but it's not sent. * This redirects to the 'login'. */ public function start(Request $request, AuthenticationException $authException = null): Response { return new RedirectResponse( '/connect/', // might be the site, where users choose their oauth provider Response::HTTP_TEMPORARY_REDIRECT ); } }
步骤2)配置安全设置
接下来,启用新的认证器管理器,然后在security.yaml中的custom_authenticators部分注册您的认证器
# app/config/packages/security.yaml security: # ... + enable_authenticator_manager: true firewalls: # ... main: # ... + custom_authenticators: + - App\Security\MyFacebookAuthenticator
注意您可以将单个客户端(例如
FacebookClient)注入到认证器中,而不是ClientRegistry。但是,这可能会引起循环引用问题并降低性能(因为认证器在每个请求上都会实例化,尽管您很少需要创建FacebookClient)。ClientRegistry会延迟创建客户端对象。
使用Guard进行认证
创建一个Guard认证器。存在一个SocialAuthenticator基类,可以帮助处理一些事情
namespace App\Security; use App\Entity\User; // your user entity use Doctrine\ORM\EntityManagerInterface; use KnpU\OAuth2ClientBundle\Security\Authenticator\SocialAuthenticator; use KnpU\OAuth2ClientBundle\Client\Provider\FacebookClient; use KnpU\OAuth2ClientBundle\Client\ClientRegistry; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\RouterInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\User\UserProviderInterface; class MyFacebookAuthenticator extends SocialAuthenticator { private $clientRegistry; private $em; private $router; public function __construct(ClientRegistry $clientRegistry, EntityManagerInterface $em, RouterInterface $router) { $this->clientRegistry = $clientRegistry; $this->em = $em; $this->router = $router; } public function supports(Request $request) { // continue ONLY if the current ROUTE matches the check ROUTE return $request->attributes->get('_route') === 'connect_facebook_check'; } public function getCredentials(Request $request) { // this method is only called if supports() returns true // For Symfony lower than 3.4 the supports method need to be called manually here: // if (!$this->supports($request)) { // return null; // } return $this->fetchAccessToken($this->getFacebookClient()); } public function getUser($credentials, UserProviderInterface $userProvider) { /** @var FacebookUser $facebookUser */ $facebookUser = $this->getFacebookClient() ->fetchUserFromToken($credentials); $email = $facebookUser->getEmail(); // 1) have they logged in with Facebook before? Easy! $existingUser = $this->em->getRepository(User::class) ->findOneBy(['facebookId' => $facebookUser->getId()]); if ($existingUser) { return $existingUser; } // 2) do we have a matching user by email? $user = $this->em->getRepository(User::class) ->findOneBy(['email' => $email]); // 3) Maybe you just want to "register" them by creating // a User object $user->setFacebookId($facebookUser->getId()); $this->em->persist($user); $this->em->flush(); return $user; } /** * @return FacebookClient */ private function getFacebookClient() { return $this->clientRegistry // "facebook_main" is the key used in config/packages/knpu_oauth2_client.yaml ->getClient('facebook_main'); } public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey) { // change "app_homepage" to some route in your app $targetUrl = $this->router->generate('app_homepage'); return new RedirectResponse($targetUrl); // or, on success, let the request continue to be handled by the controller //return null; } public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $message = strtr($exception->getMessageKey(), $exception->getMessageData()); return new Response($message, Response::HTTP_FORBIDDEN); } /** * Called when authentication is needed, but it's not sent. * This redirects to the 'login'. */ public function start(Request $request, AuthenticationException $authException = null) { return new RedirectResponse( '/connect/', // might be the site, where users choose their oauth provider Response::HTTP_TEMPORARY_REDIRECT ); } // ... }
接下来,在security.yaml中的guard部分下注册您的认证器
# app/config/packages/security.yaml security: # ... firewalls: # ... main: # ... + guard: + authenticators: + - App\Security\MyFacebookAuthenticator
有关更多详细信息:请参阅https://symfony.ac.cn/doc/current/cookbook/security/guard-authentication.html#step-2-configure-the-authenticator。
认证任何OAuth用户
如果您不需要获取/持久化有关用户的信息,您可以使用OAuthUserProvider服务快速在您的应用程序中认证他们(如果您正在使用Doctrine,请使用正常的实体用户提供者)。
首先,在您的security.yaml文件中定义用户提供者
security: providers: oauth: id: knpu.oauth2.user_provider
然后在您的Guard认证器中,使用用户提供者轻松获取用户
public function getUser($credentials, UserProviderInterface $userProvider) { return $userProvider->loadUserByUsername($this->getClient()->fetchUserFromToken($credentials)->getId()); }
登录用户将是一个KnpU\OAuth2ClientBundle\Security\User\OAuthUser实例,并将具有ROLE_USER和ROLE_OAUTH_USER角色。
存储和刷新令牌
您有几个选项可以存储访问令牌以供以后使用
-
存储
AccessToken对象(例如将其序列化为会话),这允许您在刷新之前检查过期时间// Fetch and store the AccessToken $accessToken = $client->getAccessToken(); $session->set('access_token', $accessToken); // Load the access token from the session, and refresh if required $accessToken = $session->get('access_token'); if ($accessToken->hasExpired()) { $accessToken = $client->refreshAccessToken($accessToken->getRefreshToken()); // Update the stored access token for next time $session->set('access_token', $accessToken); }
-
存储刷新令牌字符串(例如在数据库中的
user.refresh_token),这意味着您必须始终刷新。您还可以存储访问令牌和过期时间,然后避免刷新,直到访问令牌实际过期// Fetch the AccessToken and store the refresh token $accessToken = $client->getAccessToken(); $user->setRefreshToken($accessToken->getRefreshToken()); $entityManager->flush(); // Get a new AccessToken from the refresh token, and store the new refresh token for next time $accessToken = $client->refreshAccessToken($user->getRefreshToken()); $user->setRefreshToken($accessToken->getRefreshToken()); $entityManager->flush();
根据您的OAuth2提供者,您可能需要在创建和/或刷新令牌时传递一些参数
// Some providers may require special parameters when creating the token in order to allow refreshing $accessToken = $client->getAccessToken(['scopes' => 'offline_access']); // They may also require special parameters when refreshing the token $accessToken = $client->refreshAccessToken($accessToken->getRefreshtoken(), ['scopes' => 'offline_access']);
配置
以下是所有受支持OAuth2提供者的配置。您没有看到您需要的?请使用generic提供者来配置任何提供者。
# config/packages/knpu_oauth2_client.yaml knpu_oauth2_client: # can be set to the service id of a service that implements Guzzle\ClientInterface # http_client: null # options to configure the default http client # http_client_options: # timeout: 0 # # if you want to disable the proxy (e.g. local GitLab OAuth) - set it to "false" # proxy: null # Use only with proxy option set # verify: false clients: # will create service: "knpu.oauth2.client.amazon" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\AmazonClient # composer require luchianenco/oauth2-amazon amazon: # must be "amazon" - it activates that type! type: amazon # add and set these environment variables in your .env files client_id: '%env(OAUTH_AMAZON_CLIENT_ID)%' client_secret: '%env(OAUTH_AMAZON_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_amazon_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.appid" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\AppIdClient # composer require jampire/oauth2-appid appid: # must be "appid" - it activates that type! type: appid # add and set these environment variables in your .env files client_id: '%env(OAUTH_APPID_CLIENT_ID)%' client_secret: '%env(OAUTH_APPID_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_appid_check redirect_params: {} # IBM App ID base URL. For example, "https://us-south.appid.cloud.ibm.com/oauth/v4". More details at https://cloud.ibm.com/docs/services/appid?topic=appid-getting-started base_auth_uri: '%env(OAUTH_APPID_BASE_AUTH_URI)%' # IBM App ID service tenant ID. For example, "1234-5678-abcd-efgh". More details at https://cloud.ibm.com/docs/services/appid?topic=appid-getting-started tenant_id: '%env(OAUTH_APPID_TENANT_ID)%' # Identity Provider code. Defaults to "saml". More details at https://cloud.ibm.com/docs/services/appid?topic=appid-getting-started # idp: '%env(OAUTH_APPID_IDP)%' # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.apple" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\AppleClient # composer require patrickbussmann/oauth2-apple apple: # must be "apple" - it activates that type! type: apple # add and set these environment variables in your .env files client_id: '%env(OAUTH_APPLE_CLIENT_ID)%' # a route name you'll create redirect_route: connect_apple_check redirect_params: {} team_id: null key_file_id: null key_file_path: null # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.auth0" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\Auth0Client # composer require riskio/oauth2-auth0 auth0: # must be "auth0" - it activates that type! type: auth0 # add and set these environment variables in your .env files client_id: '%env(OAUTH_AUTH0_CLIENT_ID)%' client_secret: '%env(OAUTH_AUTH0_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_auth0_check redirect_params: {} # Your custom/definite Auth0 domain, e.g. "login.mycompany.com". Set this if you use Auth0's Custom Domain feature. The "account" and "region" parameters will be ignored in this case. # custom_domain: null # Your Auth0 domain/account, e.g. "mycompany" if your domain is "mycompany.auth0.com" # account: null # Your Auth0 region, e.g. "eu" if your tenant is in the EU. # region: null # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.azure" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\AzureClient # composer require thenetworg/oauth2-azure azure: # must be "azure" - it activates that type! type: azure # add and set these environment variables in your .env files client_id: '%env(OAUTH_AZURE_CLIENT_ID)%' # a route name you'll create redirect_route: connect_azure_check redirect_params: {} # The shared client secret if you don't use a certificate # client_secret: '' # The contents of the client certificate private key # client_certificate_private_key: '-----BEGIN RSA PRIVATE KEY-----\nMIIEog...G82ARGuI=\n-----END RSA PRIVATE KEY-----' # The hexadecimal thumbprint of the client certificate # client_certificate_thumbprint: 'B4A94A83092455AC4D3AC827F02B61646EAAC43D' # Domain to build login URL # url_login: 'https://login.microsoftonline.com/' # Oauth path to authorize against # path_authorize: '/oauth2/authorize' # Oauth path to retrieve a token # path_token: '/oauth2/token' # Oauth scope send with the request # scope: {} # The tenant to use, default is `common` # tenant: 'common' # Domain to build request URL # url_api: 'https://graph.windows.net/' # Oauth resource field # resource: null # The API version to run against # api_version: '1.6' # Send resource field with auth-request # auth_with_resource: true # The endpoint version to run against # default_end_point_version: '1.0' # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.bitbucket" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\BitbucketClient # composer require stevenmaguire/oauth2-bitbucket bitbucket: # must be "bitbucket" - it activates that type! type: bitbucket # add and set these environment variables in your .env files client_id: '%env(OAUTH_BITBUCKET_CLIENT_ID)%' client_secret: '%env(OAUTH_BITBUCKET_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_bitbucket_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.box" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\BoxClient # composer require stevenmaguire/oauth2-box box: # must be "box" - it activates that type! type: box # add and set these environment variables in your .env files client_id: '%env(OAUTH_BOX_CLIENT_ID)%' client_secret: '%env(OAUTH_BOX_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_box_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.buddy" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\BuddyClient # composer require buddy-works/oauth2-client buddy: # must be "buddy" - it activates that type! type: buddy # add and set these environment variables in your .env files client_id: '%env(OAUTH_BUDDY_CLIENT_ID)%' client_secret: '%env(OAUTH_BUDDY_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_buddy_check redirect_params: {} # Base API URL, modify this for self-hosted instances # base_api_url: https://api.buddy.works # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.buffer" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\BufferClient # composer require tgallice/oauth2-buffer buffer: # must be "buffer" - it activates that type! type: buffer # add and set these environment variables in your .env files client_id: '%env(OAUTH_BUFFER_CLIENT_ID)%' client_secret: '%env(OAUTH_BUFFER_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_buffer_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.canvas_lms" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\CanvasLMSClient # composer require smtech/oauth2-canvaslms canvas_lms: # must be "canvas_lms" - it activates that type! type: canvas_lms # add and set these environment variables in your .env files client_id: '%env(OAUTH_CANVAS_LMS_CLIENT_ID)%' client_secret: '%env(OAUTH_CANVAS_LMS_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_canvas_lms_check redirect_params: {} # URL of Canvas Instance (e.g. https://canvas.instructure.com) canvas_instance_url: null # This can be used to help the user identify which instance of an application this token is for. For example, a mobile device application could provide the name of the device. # purpose: '' # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.clever" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\CleverClient # composer require schoolrunner/oauth2-clever clever: # must be "clever" - it activates that type! type: clever # add and set these environment variables in your .env files client_id: '%env(OAUTH_CLEVER_CLIENT_ID)%' client_secret: '%env(OAUTH_CLEVER_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_clever_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.devian_art" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\DevianArtClient # composer require seinopsys/oauth2-deviantart devian_art: # must be "devian_art" - it activates that type! type: devian_art # add and set these environment variables in your .env files client_id: '%env(OAUTH_DEVIAN_ART_CLIENT_ID)%' client_secret: '%env(OAUTH_DEVIAN_ART_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_devian_art_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.digital_ocean" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\DigitalOceanClient # composer require chrishemmings/oauth2-digitalocean digital_ocean: # must be "digital_ocean" - it activates that type! type: digital_ocean # add and set these environment variables in your .env files client_id: '%env(OAUTH_DIGITAL_OCEAN_CLIENT_ID)%' client_secret: '%env(OAUTH_DIGITAL_OCEAN_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_digital_ocean_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.discord" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\DiscordClient # composer require wohali/oauth2-discord-new discord: # must be "discord" - it activates that type! type: discord # add and set these environment variables in your .env files client_id: '%env(OAUTH_DISCORD_CLIENT_ID)%' client_secret: '%env(OAUTH_DISCORD_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_discord_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.disqus" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\DisqusClient # composer require antalaron/oauth2-disqus disqus: # must be "disqus" - it activates that type! type: disqus # add and set these environment variables in your .env files client_id: '%env(OAUTH_DISQUS_CLIENT_ID)%' client_secret: '%env(OAUTH_DISQUS_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_disqus_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.dribbble" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\DribbbleClient # composer require crewlabs/oauth2-dribbble dribbble: # must be "dribbble" - it activates that type! type: dribbble # add and set these environment variables in your .env files client_id: '%env(OAUTH_DRIBBBLE_CLIENT_ID)%' client_secret: '%env(OAUTH_DRIBBBLE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_dribbble_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.dropbox" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\DropboxClient # composer require stevenmaguire/oauth2-dropbox dropbox: # must be "dropbox" - it activates that type! type: dropbox # add and set these environment variables in your .env files client_id: '%env(OAUTH_DROPBOX_CLIENT_ID)%' client_secret: '%env(OAUTH_DROPBOX_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_dropbox_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.drupal" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\DrupalClient # composer require chrishemmings/oauth2-drupal drupal: # must be "drupal" - it activates that type! type: drupal # add and set these environment variables in your .env files client_id: '%env(OAUTH_DRUPAL_CLIENT_ID)%' client_secret: '%env(OAUTH_DRUPAL_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_drupal_check redirect_params: {} # Drupal oAuth2 server URL base_url: '%env(OAUTH_DRUPAL_BASE_URL)%' # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.elance" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\ElanceClient # composer require stevenmaguire/oauth2-elance elance: # must be "elance" - it activates that type! type: elance # add and set these environment variables in your .env files client_id: '%env(OAUTH_ELANCE_CLIENT_ID)%' client_secret: '%env(OAUTH_ELANCE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_elance_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.eve_online" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\EveOnlineClient # composer require evelabs/oauth2-eveonline eve_online: # must be "eve_online" - it activates that type! type: eve_online # add and set these environment variables in your .env files client_id: '%env(OAUTH_EVE_ONLINE_CLIENT_ID)%' client_secret: '%env(OAUTH_EVE_ONLINE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_eve_online_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.eventbrite" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\EventbriteClient # composer require stevenmaguire/oauth2-eventbrite eventbrite: # must be "eventbrite" - it activates that type! type: eventbrite # add and set these environment variables in your .env files client_id: '%env(OAUTH_EVENTBRITE_CLIENT_ID)%' client_secret: '%env(OAUTH_EVENTBRITE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_eventbrite_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.facebook" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\FacebookClient # composer require league/oauth2-facebook facebook: # must be "facebook" - it activates that type! type: facebook # add and set these environment variables in your .env files client_id: '%env(OAUTH_FACEBOOK_CLIENT_ID)%' client_secret: '%env(OAUTH_FACEBOOK_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_facebook_check redirect_params: {} graph_api_version: v2.12 # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.fitbit" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\FitbitClient # composer require djchen/oauth2-fitbit fitbit: # must be "fitbit" - it activates that type! type: fitbit # add and set these environment variables in your .env files client_id: '%env(OAUTH_FITBIT_CLIENT_ID)%' client_secret: '%env(OAUTH_FITBIT_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_fitbit_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.four_square" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\FoursquareClient # composer require stevenmaguire/oauth2-foursquare four_square: # must be "four_square" - it activates that type! type: four_square # add and set these environment variables in your .env files client_id: '%env(OAUTH_FOUR_SQUARE_CLIENT_ID)%' client_secret: '%env(OAUTH_FOUR_SQUARE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_four_square_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.fusion_auth" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\FusionAuthClient # composer require jerryhopper/oauth2-fusionauth fusion_auth: # must be "fusion_auth" - it activates that type! type: fusion_auth # add and set these environment variables in your .env files client_id: '%env(OAUTH_FUSION_AUTH_CLIENT_ID)%' client_secret: '%env(OAUTH_FUSION_AUTH_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_fusion_auth_check redirect_params: {} # FusionAuth Server URL, no trailing slash auth_server_url: null # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.geocaching" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\GeocachingClient # composer require surfoo/oauth2-geocaching geocaching: # must be "geocaching" - it activates that type! type: geocaching # add and set these environment variables in your .env files client_id: '%env(OAUTH_GEOCACHING_CLIENT_ID)%' client_secret: '%env(OAUTH_GEOCACHING_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_geocaching_check redirect_params: {} # dev, staging or production environment: production # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.github" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\GithubClient # composer require league/oauth2-github github: # must be "github" - it activates that type! type: github # add and set these environment variables in your .env files client_id: '%env(OAUTH_GITHUB_CLIENT_ID)%' client_secret: '%env(OAUTH_GITHUB_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_github_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.gitlab" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\GitlabClient # composer require omines/oauth2-gitlab gitlab: # must be "gitlab" - it activates that type! type: gitlab # add and set these environment variables in your .env files client_id: '%env(OAUTH_GITLAB_CLIENT_ID)%' client_secret: '%env(OAUTH_GITLAB_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_gitlab_check redirect_params: {} # Base installation URL, modify this for self-hosted instances # domain: https://gitlab.com # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.google" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\GoogleClient # composer require league/oauth2-google google: # must be "google" - it activates that type! type: google # add and set these environment variables in your .env files client_id: '%env(OAUTH_GOOGLE_CLIENT_ID)%' client_secret: '%env(OAUTH_GOOGLE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_google_check redirect_params: {} # Optional value for sending access_type parameter. More detail: https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters # access_type: null # Optional value for sending hd parameter. More detail: https://developers.google.com/identity/protocols/OpenIDConnect#hd-param # hosted_domain: null # Optional value for additional fields to be requested from the user profile. If set, these values will be included with the defaults. More details: https://developers.google.com/+/web/api/rest/latest/people # user_fields: {} # Optional value if you don't want or need to enable Google+ API access. # use_oidc_mode: false # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.headhunter" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\HeadHunterClient # composer require alexmasterov/oauth2-headhunter headhunter: # must be "headhunter" - it activates that type! type: headhunter # add and set these environment variables in your .env files client_id: '%env(OAUTH_HEADHUNTER_CLIENT_ID)%' client_secret: '%env(OAUTH_HEADHUNTER_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_headhunter_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.heroku" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\HerokuClient # composer require stevenmaguire/oauth2-heroku heroku: # must be "heroku" - it activates that type! type: heroku # add and set these environment variables in your .env files client_id: '%env(OAUTH_HEROKU_CLIENT_ID)%' client_secret: '%env(OAUTH_HEROKU_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_heroku_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.instagram" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\InstagramClient # composer require league/oauth2-instagram instagram: # must be "instagram" - it activates that type! type: instagram # add and set these environment variables in your .env files client_id: '%env(OAUTH_INSTAGRAM_CLIENT_ID)%' client_secret: '%env(OAUTH_INSTAGRAM_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_instagram_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.jira" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\JiraClient # composer require mrjoops/oauth2-jira jira: # must be "jira" - it activates that type! type: jira # add and set these environment variables in your .env files client_id: '%env(OAUTH_JIRA_CLIENT_ID)%' client_secret: '%env(OAUTH_JIRA_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_jira_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.keycloak" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\KeycloakClient # composer require stevenmaguire/oauth2-keycloak keycloak: # must be "keycloak" - it activates that type! type: keycloak # add and set these environment variables in your .env files client_id: '%env(OAUTH_KEYCLOAK_CLIENT_ID)%' client_secret: '%env(OAUTH_KEYCLOAK_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_keycloak_check redirect_params: {} # Keycloak server URL auth_server_url: null # Keycloak realm realm: null # Optional: Encryption algorithm, i.e. RS256 # encryption_algorithm: null # Optional: Encryption key path, i.e. ../key.pem # encryption_key_path: null # Optional: Encryption key, i.e. contents of key or certificate # encryption_key: null # Optional: The keycloak version to run against # version: '20.0.1' # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.linkedin" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\LinkedInClient # composer require league/oauth2-linkedin linkedin: # must be "linkedin" - it activates that type! type: linkedin # add and set these environment variables in your .env files client_id: '%env(OAUTH_LINKEDIN_CLIENT_ID)%' client_secret: '%env(OAUTH_LINKEDIN_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_linkedin_check redirect_params: {} # Optional value to specify Linkedin's API version to use. As the time of writing, v1 is still used by default by league/oauth2-linkedin. # api_version: null # Optional value to specify fields to be requested from the profile. Since Linkedin's API upgrade from v1 to v2, fields and authorizations policy have been enforced. See https://docs.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin for more details. # fields: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.mail_ru" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\MailRuClient # composer require aego/oauth2-mailru mail_ru: # must be "mail_ru" - it activates that type! type: mail_ru # add and set these environment variables in your .env files client_id: '%env(OAUTH_MAIL_RU_CLIENT_ID)%' client_secret: '%env(OAUTH_MAIL_RU_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_mail_ru_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.microsoft" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\MicrosoftClient # composer require stevenmaguire/oauth2-microsoft microsoft: # must be "microsoft" - it activates that type! type: microsoft # add and set these environment variables in your .env files client_id: '%env(OAUTH_MICROSOFT_CLIENT_ID)%' client_secret: '%env(OAUTH_MICROSOFT_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_microsoft_check redirect_params: {} # Optional value for URL Authorize # url_authorize: null # Optional value for URL Access Token # url_access_token: null # Optional value for URL Resource Owner Details # url_resource_owner_details: null # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.mollie" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\MollieClient # composer require mollie/oauth2-mollie-php mollie: # must be "mollie" - it activates that type! type: mollie # add and set these environment variables in your .env files client_id: '%env(OAUTH_MOLLIE_CLIENT_ID)%' client_secret: '%env(OAUTH_MOLLIE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_mollie_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.odnoklassniki" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\OdnoklassnikiClient # composer require aego/oauth2-odnoklassniki odnoklassniki: # must be "odnoklassniki" - it activates that type! type: odnoklassniki # add and set these environment variables in your .env files client_id: '%env(OAUTH_ODNOKLASSNIKI_CLIENT_ID)%' client_secret: '%env(OAUTH_ODNOKLASSNIKI_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_odnoklassniki_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.okta" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\OktaClient # composer require foxworth42/oauth2-okta okta: # must be "okta" - it activates that type! type: okta # add and set these environment variables in your .env files client_id: '%env(OAUTH_OKTA_CLIENT_ID)%' client_secret: '%env(OAUTH_OKTA_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_okta_check redirect_params: {} # Issuer URI from Okta issuer: https://mycompany.okta.com/oauth2/default # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.passage" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\PassageClient # composer require malteschlueter/oauth2-passage passage: # must be "passage" - it activates that type! type: passage # add and set these environment variables in your .env files client_id: '%env(OAUTH_PASSAGE_CLIENT_ID)%' client_secret: '%env(OAUTH_PASSAGE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_passage_check redirect_params: {} # Passage sub domain. For example, from passage url "https://example.withpassage.com" only "example" is required. sub_domain: 'example' # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.paypal" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\PaypalClient # composer require stevenmaguire/oauth2-paypal paypal: # must be "paypal" - it activates that type! type: paypal # add and set these environment variables in your .env files client_id: '%env(OAUTH_PAYPAL_CLIENT_ID)%' client_secret: '%env(OAUTH_PAYPAL_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_paypal_check redirect_params: {} # When true, client uses Paypal Sandbox URLs. # is_sandbox: false # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.psn" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\PsnClient # composer require larabros/oauth2-psn psn: # must be "psn" - it activates that type! type: psn # add and set these environment variables in your .env files client_id: '%env(OAUTH_PSN_CLIENT_ID)%' client_secret: '%env(OAUTH_PSN_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_psn_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.salesforce" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\SalesforceClient # composer require stevenmaguire/oauth2-salesforce salesforce: # must be "salesforce" - it activates that type! type: salesforce # add and set these environment variables in your .env files client_id: '%env(OAUTH_SALESFORCE_CLIENT_ID)%' client_secret: '%env(OAUTH_SALESFORCE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_salesforce_check redirect_params: {} # Custom Salesforce domain. Default domain is https://login.salesforce.com # domain: '' # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.slack" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\SlackClient # composer require adam-paterson/oauth2-slack slack: # must be "slack" - it activates that type! type: slack # add and set these environment variables in your .env files client_id: '%env(OAUTH_SLACK_CLIENT_ID)%' client_secret: '%env(OAUTH_SLACK_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_slack_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.spotify" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\SpotifyClient # composer require kerox/oauth2-spotify spotify: # must be "spotify" - it activates that type! type: spotify # add and set these environment variables in your .env files client_id: '%env(OAUTH_SPOTIFY_CLIENT_ID)%' client_secret: '%env(OAUTH_SPOTIFY_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_spotify_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.symfony_connect" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\SymfonyConnectClient # composer require qdequippe/oauth2-symfony-connect symfony_connect: # must be "symfony_connect" - it activates that type! type: symfony_connect # add and set these environment variables in your .env files client_id: '%env(OAUTH_SYMFONY_CONNECT_CLIENT_ID)%' client_secret: '%env(OAUTH_SYMFONY_CONNECT_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_symfony_connect_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.strava" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\StravaClient # composer require edwin-luijten/oauth2-strava strava: # must be "strava" - it activates that type! type: strava # add and set these environment variables in your .env files client_id: '%env(OAUTH_STRAVA_CLIENT_ID)%' client_secret: '%env(OAUTH_STRAVA_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_strava_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.stripe" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\StripeClient # composer require adam-paterson/oauth2-stripe stripe: # must be "stripe" - it activates that type! type: stripe # add and set these environment variables in your .env files client_id: '%env(OAUTH_STRIPE_CLIENT_ID)%' client_secret: '%env(OAUTH_STRIPE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_stripe_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.twitch" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\TwitchClient # composer require depotwarehouse/oauth2-twitch twitch: # must be "twitch" - it activates that type! type: twitch # add and set these environment variables in your .env files client_id: '%env(OAUTH_TWITCH_CLIENT_ID)%' client_secret: '%env(OAUTH_TWITCH_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_twitch_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.twitch_helix" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\TwitchHelixClient # composer require vertisan/oauth2-twitch-helix twitch_helix: # must be "twitch_helix" - it activates that type! type: twitch_helix # add and set these environment variables in your .env files client_id: '%env(OAUTH_TWITCH_HELIX_CLIENT_ID)%' client_secret: '%env(OAUTH_TWITCH_HELIX_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_twitch_helix_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.uber" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\UberClient # composer require stevenmaguire/oauth2-uber uber: # must be "uber" - it activates that type! type: uber # add and set these environment variables in your .env files client_id: '%env(OAUTH_UBER_CLIENT_ID)%' client_secret: '%env(OAUTH_UBER_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_uber_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.unsplash" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\UnsplashClient # composer require hughbertd/oauth2-unsplash unsplash: # must be "unsplash" - it activates that type! type: unsplash # add and set these environment variables in your .env files client_id: '%env(OAUTH_UNSPLASH_CLIENT_ID)%' client_secret: '%env(OAUTH_UNSPLASH_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_unsplash_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.vimeo" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\VimeoClient # composer require saf33r/oauth2-vimeo vimeo: # must be "vimeo" - it activates that type! type: vimeo # add and set these environment variables in your .env files client_id: '%env(OAUTH_VIMEO_CLIENT_ID)%' client_secret: '%env(OAUTH_VIMEO_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_vimeo_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.vkontakte" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\VKontakteClient # composer require j4k/oauth2-vkontakte vkontakte: # must be "vkontakte" - it activates that type! type: vkontakte # add and set these environment variables in your .env files client_id: '%env(OAUTH_VKONTAKTE_CLIENT_ID)%' client_secret: '%env(OAUTH_VKONTAKTE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_vkontakte_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.wave" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\WaveClient # composer require qdequippe/oauth2-wave wave: # must be "wave" - it activates that type! type: wave # add and set these environment variables in your .env files client_id: '%env(OAUTH_WAVE_CLIENT_ID)%' client_secret: '%env(OAUTH_WAVE_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_wave_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.webflow" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\WebflowClient # composer require koalati/oauth2-webflow webflow: # must be "webflow" - it activates that type! type: webflow # add and set these environment variables in your .env files client_id: '%env(OAUTH_WEBFLOW_CLIENT_ID)%' client_secret: '%env(OAUTH_WEBFLOW_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_webflow_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.yahoo" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\YahooClient # composer require hayageek/oauth2-yahoo yahoo: # must be "yahoo" - it activates that type! type: yahoo # add and set these environment variables in your .env files client_id: '%env(OAUTH_YAHOO_CLIENT_ID)%' client_secret: '%env(OAUTH_YAHOO_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_yahoo_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.yandex" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\YandexClient # composer require aego/oauth2-yandex yandex: # must be "yandex" - it activates that type! type: yandex # add and set these environment variables in your .env files client_id: '%env(OAUTH_YANDEX_CLIENT_ID)%' client_secret: '%env(OAUTH_YANDEX_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_yandex_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true # will create service: "knpu.oauth2.client.zendesk" # an instance of: KnpU\OAuth2ClientBundle\Client\Provider\ZendeskClient # composer require stevenmaguire/oauth2-zendesk zendesk: # must be "zendesk" - it activates that type! type: zendesk # add and set these environment variables in your .env files client_id: '%env(OAUTH_ZENDESK_CLIENT_ID)%' client_secret: '%env(OAUTH_ZENDESK_CLIENT_SECRET)%' # a route name you'll create redirect_route: connect_zendesk_check redirect_params: {} # Your Zendesk subdomain subdomain: null # whether to check OAuth2 "state": defaults to true # use_state: true
配置通用提供者
您想要连接的OAuth服务器不在这里?不用担心!您可以使用generic类型配置一个自定义的“提供者”。
1)找到/创建您的提供者库
首先,看看您的OAuth服务器是否已经有一个您可以使用“提供程序库”:请参阅提供程序客户端库。
如果您在那里找到了一个,太棒了!安装它。如果没有,您将需要创建自己的提供程序类。请参阅有关此内容的提供程序指南。
无论如何,经过这一步,您应该有一个“类”的提供程序(例如,一个扩展AbstractProvider的类)可供使用!
2) 配置
现在,就像配置其他提供程序一样配置您的提供程序,但使用generic类型
# config/packages/knpu_oauth2_client.yaml knpu_oauth2_client: clients: # will create service: "knpu.oauth2.client.foo_bar_oauth" # an instance of: KnpU\OAuth2ClientBundle\Client\OAuth2Client foo_bar_oauth: type: generic provider_class: Some\Class\FooBarProvider # optional: a class that extends OAuth2Client # client_class: Some\Custom\Client # optional: if your provider has custom constructor options # provider_options: {} # now, all the normal options! client_id: '%env(foo_bar_client_id)%' client_secret: '%env(foo_bar_client_secret)%' redirect_route: connect_facebook_check redirect_params: {} # whether to check OAuth2 "state": defaults to true # use_state: true
就是这样!现在您将有一个可以使用的knpu.oauth2.client.foo_bar_oauth服务。
扩展/装饰客户端类
也许您需要在您的客户端类内部添加一些额外的服务?没问题!您可以使用您自己的实现来装饰现有的客户端类。您所需要的只是一个实现了OAuth2ClientInterface的新类
namespace App\Client; use KnpU\OAuth2ClientBundle\Client\OAuth2ClientInterface; use KnpU\OAuth2ClientBundle\Client\Provider\AzureClient; use Symfony\Component\Cache\Adapter\AdapterInterface; class CacheableAzureClient implements OAuth2ClientInterface { private $client; private $cache; public function __construct(AzureClient $client, AdapterInterface $cache) { // ... } // override all public functions and call the method on the internal $this->client object // but add caching wherever you need it }
并对其进行配置
# config/services.yaml services: App\Client\CacheableAzureClient: decorates: knpu.oauth2.client.azure
贡献
当然,开源是由每个人为公共利益贡献一点时间的动力。如果您想看到一个功能,您可以请求它 - 但创建一个pull request是完成工作的更好方式。
无论如何,请放心提交问题或pull request:所有贡献和问题都受到热烈的欢迎 :)