通过 
搜索
搜索ominity / oauth2-ominity-php
Ominity OAuth 2.0 客户端提供者
v1.0.0
2024-05-14 11:22 UTC
Requires
- php: ^7.4|^8.0
- league/oauth2-client: ^2.7
Requires (Dev)
- mockery/mockery: ^1.5
- phpstan/phpstan: 0.12.99
- phpunit/phpunit: ^9.6|^10.0
Suggests
- ominity/ominity-api-php: To use the Ominity API client to interact with the Ominity API.
This package is not auto-updated.
Last update: 2024-09-18 11:19:02 UTC
README
此软件包为 PHP League 的 OAuth 2.0 客户端 提供了 Ominity OAuth 2.0 支持。
使用 Ominity OAuth,您可以轻松地将 Ominity 用户与管理员账户连接到您的应用程序。
安装
安装 Ominity API 客户端的简便方法是通过 Composer 需要。
$ composer require ominity/oauth2-ominity-php ^1.0
{
"require": {
"ominity/oauth2-ominity-php": "^1.0"
}
}
您还可以使用 git checkout 或 下载所有文件,然后手动包含 OAuth 2.0 提供者。
使用方法
使用方法与 The League 的 OAuth 客户端相同,使用 \Ominity\OAuth2\Client\Provider\Ominity 作为提供者。
授权代码流
$provider = new \Ominity\OAuth2\Client\Provider\Ominity([ 'clientId' => 'YOUR_CLIENT_ID', 'clientSecret' => 'YOUR_CLIENT_SECRET', 'redirectUri' => 'https://your-redirect-uri', ]); // If we don't have an authorization code then get one if (!isset($_GET['code'])) { // Fetch the authorization URL from the provider; this returns the // urlAuthorize option and generates and applies any necessary parameters // (e.g. state). $authorizationUrl = $provider->getAuthorizationUrl([ // Optional, only use this if you want to ask for scopes the user previously denied. 'approval_prompt' => 'force', // Optional, a list of scopes. Defaults to only 'me.read'. 'scope' => [ \Ominity\OAuth2\Client\Provider\Ominity::SCOPE_ME_READ, \Ominity\OAuth2\Client\Provider\Ominity::SCOPE_USERS_READ ], ]); // Get the state generated for you and store it to the session. $_SESSION['oauth2state'] = $provider->getState(); // Redirect the user to the authorization URL. header('Location: ' . $authorizationUrl); exit; } // Check given state against previously stored one to mitigate CSRF attack elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) { unset($_SESSION['oauth2state']); exit('Invalid state'); } else { try { // Try to get an access token using the authorization code grant. $accessToken = $provider->getAccessToken('authorization_code', [ 'code' => $_GET['code'] ]); // Using the access token, we may look up details about the resource owner. $resourceOwner = $provider->getResourceOwner($accessToken); print_r($resourceOwner->toArray()); } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { // Failed to get the access token or user details. exit($e->getMessage()); } }
刷新令牌
$provider = new \Ominity\OAuth2\Client\Provider\Ominity([ 'clientId' => 'YOUR_CLIENT_ID', 'clientSecret' => 'YOUR_CLIENT_SECRET', 'redirectUri' => 'https://your-redirect-uri', ]); $grant = new \League\OAuth2\Client\Grant\RefreshToken(); $token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);
使用 AccessToken 进行身份验证(ominity-api-php 示例)
刷新 AccessToken 后,以下是如何使用 ominity-api-php 软件包 的示例。请注意,使用 getToken() 方法获取访问令牌字符串。
$ominity = new \Ominity\Api\OminityApiClient; $ominity->setAccessToken($token->getToken()); // With the correct scopes, you can now interact with Ominity's API on behalf of the User $orders = $ominity->commerce->orders->page(); // returns paginated user orders
注意
为了通过 \Ominity\Api\OminityApiClient 访问 ominity API,需要 ominity/ominity-api-php 库!
撤销令牌
AccessTokens 和 RefreshTokens 都可以撤销。以下是如何撤销 AccessToken 的示例
$provider = new \Ominity\OAuth2\Client\Provider\Ominity([ 'clientId' => 'YOUR_CLIENT_ID', 'clientSecret' => 'YOUR_CLIENT_SECRET', 'redirectUri' => 'https://your-redirect-uri', ]); $provider->revokeAccessToken($accessToken->getToken());
同样,以下是如何撤销 RefreshToken 的示例
注意:当您撤销刷新令牌时,基于同一授权的令牌也会被撤销。
$provider = new \Ominity\OAuth2\Client\Provider\Ominity([ 'clientId' => 'YOUR_CLIENT_ID', 'clientSecret' => 'YOUR_CLIENT_SECRET', 'redirectUri' => 'https://your-redirect-uri', ]); $provider->revokeRefreshToken($refreshToken->getToken());
想要帮助我们使我们的 API 客户端变得更好吗?
想要帮助我们使我们的 API 客户端变得更好?我们接受 pull requests。
许可证
BSD (伯克利软件发行版) 许可证。版权所有 (c) 2024,Ominity。