搜索matware-lab / oauth2
Joomla OAuth2 服务器包
Requires
- php: ^5.3.10|~7.0
- joomla/application: ~1.0|~2.0
- joomla/controller: 2.0.x-dev
- joomla/date: ^1.2
- joomla/http: ^1.2.2|~2.0
- joomla/input: ~1.2|~2.0
- joomla/session: ~1.0|~2.0
Requires (Dev)
- joomla/coding-standards: ~2.0@alpha
- phpunit/phpunit: ^4.8.35|^5.4.3|~6.0
This package is auto-updated.
Last update: 2024-09-21 22:06:09 UTC
README
1. Introduction
2. Instalation
3. How it works
1. 简介
Joomla Api 应用程序的 OAuth 2.0 基于Louis Landry关于Joomla!平台oauth1服务器支持的工件。
https://github.com/LouisLandry/joomla-platform/tree/9bc988185ccc3e1c437256cc2c927e49312b3d00/libraries/joomla/oauth1
此外,这个库基于RFC 6849 (http://tools.ietf.org/html/rfc6749)
这是使用OAuth 2.0进行身份验证过程的基本图示
+-------------------------+ +-----------------------------+
| Client | | Server |
|-------------------------| |-----------------------------|
| | | |
| Request temporary token.| +---------------GET------------------> | Receive request and send |
| | | the temporary token. |
| Get the temporary token | <-JSON-------------------------------+ | |
| and send authorization | | |
| request. | +---------------POST-----------------> | Authorise or deny and return|
| | | the status and new temporary|
| Get the status and the | <-JSON-------------------------------+ | token. |
| new temporary token, | | |
| then request the access | +---------------POST-----------------> | Compare temporary token and |
| token. | | authentication and return |
| | | the access token. |
| Get the access token for| <-JSON-------------------------------+ | |
| request protected | | |
| resources. | | |
| | | |
| | | |
+-------------------------+ +-----------------------------+
2. 安装
- 安装一个新的Joomla! 4安装
- 配置composer minimum-stability 和 prefer-stable
$ composer config minimum-stability dev
$ composer config prefer-stable true
- 安装Oauth2库
$ composer require "matware-lab/oauth2:dev-master"
-
安装api-authentication插件,将https://github.com/matware-lab/oauth2/tree/master/www/plugins/api-authentication/oauth2复制到您的
JPATH_ROOT/plugins/api-authentication文件夹并发现它 -
禁用Joomla!基本认证
3. 工作原理
为了获取一个访问令牌以获取您的私有资源,需要执行3个GET或POST请求。
临时令牌
参数
- oauth_response_type= temporary
- oauth_client_id= ZmFzdHNsYWNrOg==
- oauth_client_secret= WW1Ga05UUXhNekkyTUcOaE5tRTNaVGt6WldZellqRdNNek5tWldNNE16TT06YlhsclNtTXdlVlZLT1cwb2QzMTFhMDVNYm1ZNg==
- oauth_signature_method= PLAINTEXT
curl -X GET \
'http://joomla40.test/api/index.php/v1/article?oauth_response_type=temporary&oauth_client_id=ZmFzdHNsYWNrOg==&oauth_client_secret=WW1Ga05UUXhNekkyTUcOaE5tRTNaVGt6WldZellqRdNNek5tWldNNE16TT06YlhsclNtTXdlVlZLT1cwb2QzMTFhMDVNYm1ZNg==&oauth_signature_method=PLAINTEXT' \
-H 'Accept: */*' \
-H 'Authorization: Bearer Basic ZWxhc3RpYzpjaGFuZ2VtZQ==' \
-H 'Cache-Control: no-cache' \
-H 'Connection: keep-alive' \
-H 'Host: joomla40.test' \
-H 'PHP_AUTH_PW: JOOMLAPASSWORD' \
-H 'PHP_AUTH_USER: JOOMLAUSERNAME' \
-H 'Postman-Token: 25dcb4a9-90e5-4c6c-883d-86321da9e00c,7c94eb6f-7f46-4507-9524-b4c80c65a3af' \
-H 'User-Agent: PostmanRuntime/7.15.0' \
-H 'accept-encoding: gzip, deflate' \
-H 'cache-control: no-cache' \
-H 'cookie: 91a11700197c2613cccdfa4ed11ded00=0icb9v3vkmqn77agqb8gd41hgn' \
-b 91a11700197c2613cccdfa4ed11ded00=0icb9v3vkmqn77agqb8gd41hgn
响应: {"oauth_code":"c0a2c2eae9c8a29add5d8d8b0342532d","oauth_state":true}
授权令牌
参数
-
oauth_response_type= temporary
-
oauth_client_id= ZmFzdHNsYWNrOg==
-
oauth_client_secret= WW1Ga05UUXhNekkyTUcOaE5tRTNaVGt6WldZellqRdNNek5tWldNNE16TT06YlhsclNtTXdlVlZLT1cwb2QzMTFhMDVNYm1ZNg==
-
oauth_signature_method= PLAINTEXT
-
oauth_code= c0a2c2eae9c8a29add5d8d8b0342532d
响应:
{"oauth_code":"5484f5657786c1c64a81cbf5b5af21ed","oauth_state":true}
访问令牌
参数
-
oauth_response_type= token
-
oauth_client_id= ZmFzdHNsYWNrOg==
-
oauth_client_secret= WW1Ga05UUXhNekkyTUcOaE5tRTNaVGt6WldZellqRdNNek5tWldNNE16TT06YlhsclNtTXdlVlZLT1cwb2QzMTFhMDVNYm1ZNg==
-
oauth_signature_method= PLAINTEXT
-
oauth_code= c0a2c2eae9c8a29add5d8d8b0342532d
响应:
{"access_token":"fad0feb70b053f02f4ecdd2ff06de531","expires_in":"PT4H","refresh_token":"a3de34aed76f98a6f5d158262154be69"}