通过 
搜索
搜索markus-g / oauth2-youtrack
为 PHP League OAuth2-Client 提供的 YouTrack OAuth 2.0 客户端提供程序
2.0.0
2018-02-22 16:24 UTC
Requires
- php: >=7.0.0
- league/oauth2-client: ^2.3.0
Requires (Dev)
- mockery/mockery: ^0.9
- phpunit/phpunit: ^6.0
This package is not auto-updated.
Last update: 2024-09-28 20:14:39 UTC
README
此软件包为 PHP League 的 OAuth 2.0 客户端 提供了 YouTrack OAuth 2.0 支持。
安装
要安装,请使用 composer
composer require markus-g/oauth2-youtrack
用法
用法与 The League 的 OAuth 客户端相同,使用 MarkusG\OAuth2\Client\Provider\Youtrack 作为提供程序。
授权码流程
有关更多信息,请参阅 https://www.jetbrains.com/help/hub/2.5/Authorization-Code.html
$provider = new \MarkusG\OAuth2\Client\Provider\Youtrack([ 'clientId' => 'YOUR_CLIENT_ID', 'clientSecret' => 'YOUR_CLIENT_SECRET', 'youtrackUrl' => 'http://your-youtrack-url.com', 'redirectUri' => 'https://example.com/callback-url', 'scope' => 'SCOPE', //use YouTrack service ID. 'requestCredentials' => 'skip', // (optional) ]); // If we don't have an authorization code then get one if (!isset($_GET['code'])) { // Fetch the authorization URL from the provider; this returns the // urlAuthorize option and generates and applies any necessary parameters // (e.g. state). $authorizationUrl = $provider->getAuthorizationUrl(); // Get the state generated for you and store it to the session. $_SESSION['oauth2state'] = $provider->getState(); // Redirect the user to the authorization URL. header('Location: ' . $authorizationUrl); exit; // Check given state against previously stored one to mitigate CSRF attack } elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) { unset($_SESSION['oauth2state']); exit('Invalid state'); } else { try { // Try to get an access token using the authorization code grant. $accessToken = $provider->getAccessToken('authorization_code', [ 'code' => $_GET['code'] ]); // We have an access token, which we may use in authenticated // requests against the service provider's API. echo $accessToken->getToken() . "\n"; echo $accessToken->getRefreshToken() . "\n"; echo $accessToken->getExpires() . "\n"; echo ($accessToken->hasExpired() ? 'expired' : 'not expired') . "\n"; // Using the access token, we may look up details about the // resource owner. $resourceOwner = $provider->getResourceOwner($accessToken); var_dump($resourceOwner->getCreationTime()); var_dump($resourceOwner->getLastAccessTime()); var_dump($resourceOwner->toArray()); } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { // Failed to get the access token or user details. exit($e->getMessage()); } }
客户端凭据授权
有关更多信息,请参阅 https://www.jetbrains.com/help/hub/2.5/Client-Credentials.html
当您的应用程序代表自己访问其控制/拥有的服务提供程序中的资源时,它可以使用客户端凭据授权类型。当您的应用程序凭据是私密存储且永远不会暴露(例如,通过网页浏览器等)给最终用户时,此选项最佳。此授权类型与资源所有者密码凭据授权类型功能相似,但它不请求用户的用户名或密码。它仅使用服务提供商颁发给您的客户端的客户端 ID 和密钥。
与早期示例不同,以下示例不适用于正在运行的演示服务提供程序。它仅提供示例目的。
// Note: the GenericProvider requires the `urlAuthorize` option, even though // it's not used in the OAuth 2.0 client credentials grant type. $provider = new \League\OAuth2\Client\Provider\GenericProvider([ 'clientId' => 'YOUR_CLIENT_ID', 'clientSecret' => 'YOUR_CLIENT_SECRET', 'youtrackUrl' => 'http://your-youtrack-url.com', 'redirectUri' => 'https://example.com/callback-url', ]); try { // Try to get an access token using the client credentials grant. // Use the YouTrack ID under service in YouTrack HUB for the scope parameter $accessToken = $provider->getAccessToken('client_credentials', ['scope' => 'SCOPE']); } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { // Failed to get the access token exit($e->getMessage()); }
刷新令牌
刷新令牌仅提供给请求离线访问的应用程序。您可以通过设置提供程序中的 accessType 选项来指定离线访问
$provider = new MarkusG\OAuth2\Client\Provider\Youtrack([ 'clientId' => 'YOUR_CLIENT_ID', 'clientSecret' => 'YOUR_CLIENT_SECRET', 'redirectUri' => 'http://your-redirect-uri', 'accessType' => 'offline', ]);
请注意,刷新令牌仅在第一次请求后返回,之后它将是 null。您应在返回时安全地存储刷新令牌。
$grant = new \League\OAuth2\Client\Grant\RefreshToken(); $token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);