michalkvasnicak/oauth2-server-bundle

Symfony OAuth 2.0 服务器包

维护者

详细信息

github.com/michalkvasnicak/oauth2-server-bundle

主页

源代码

问题

安装数量: 1,556

依赖者: 1

建议者: 0

安全: 0

星标: 4

关注者: 4

分支: 0

开放问题: 0

类型:symfony-bundle

v1.0.0-alpha8 2016-05-23 13:33 UTC

Requires

Requires (Dev)

Suggests

MIT cd96df0b0f83e3a93a9090240b9da9c701e6b17b

symfonyauthorizationsecurityAuthenticationoauth

This package is not auto-updated.

Last update: 2024-09-25 13:36:23 UTC

README

Symfony 2 框架的 OAuth 2.0 服务器包

  • 开发: 构建状态
  • 主分支: 构建状态
  • Coverage Status
  • Gittip
  • Flattr this git repo

需求

  • PHP >= 5.4
  • HHVM

安装

使用 composer

{
    "require": {
        "michalkvasnicak/oauth2-server-bundle": "*"
    }
}

配置

基本配置

这些是默认值。

oauth2_server:
    access_tokens:
        lifetime: 1209600 # 14 days lifetime of token (default)

    authorization_codes:
        lifetime: 60 # 60 seconds lifetime of authorization code (used only by authorization code grant type)

    refresh_tokens:
        generate: true # generate refresh tokens (default)
        lifetime: 2678400 # 31 days lifetime of token (default)

    # www_realm returned WWW-Authenticate HTTP header if you are unauthenticated
    www_realm: 'OAuth2Server'

    # accepted token used to sign requests
    classes:
        token_type: 'OAuth2\TokenType\Bearer'

告诉 Security 包使用此包

security:
    firewalls:
        o_auth2_server_token_endpoint:
            pattern: ^/auth/v2/token
            security: false

    providers:
        o_auth2_provider:
            id: o_auth2_server.user_provider

    encoders:
        OAuth2\Storage\IUser:
            algorithm: sha512
            encode_as_base64: true
            iterations: 512

注册路由

在应用程序的 routing.yml 中注册包。

o_auth2_server:
    resource: "@OAuth2ServerBundle/Resources/config/routing.yml"

存储

您可以使用 michalkvasnicak/OAuth2ServerMongoDBBundle 包 或创建自己的模型。如果您想创建自己的模型,您必须定义 用户提供者 和您将使用的授权类型所需的服务。

# this is needed for authentication
# service has to implement Symfony\Component\Security\Core\User\UserProviderInterface
oauth2_server:
    user_provider: 'service id'


# STORAGES
oauth2_server:
    storage:

        # this is needed for authentication and authorization of protected requests
        # also is used by all grant types
        # has to implement OAuth2\Storage\IAccessTokenStorage
        access_token: 'service id'


        # this is needed for client identification
        # also this is used in client credentials grant type
        # has to implement OAuth2\Storage\IClientStorage
        client: 'service id'


        # optional but if you are using authorization code grant type you have to set it
        # has to implement OAuth2\Storage\IAuthorizationCodeStorage
        authorization_code: 'service id'


        # optional but if you are using refresh token grant type or generating refresh tokens
        # you have to set it
        # has to implement OAuth2\Storage\IRefreshTokenStorage
        refresh_token: 'service id'

授权类型

已预安装了一些授权类型。要使用它们,只需启用它们(默认情况下,它们都是禁用的)。

oauth2_server:
    grant_types:
        authorization_code: false
        client_credentials: false
        implicit: true
        refresh_token: true
        resource_owner_password_credentials: true

自定义授权类型

您也可以使用自定义授权类型,只需创建服务并将它们标记为 oauth2_server.grant_type。所有服务都必须实现 OAuth2\GrantType\IGrantType

my_custom_grant_type:
    class: My\Own\GrantType
    tags:
        - { name: o_auth2_server.grant_type }

待办事项

  • 授权端点