shiftby/oauth2-appid

此包已被弃用且不再维护。未建议替代包。

为PHP League OAuth2 Client提供的IBM App ID OAuth 2.0客户端提供者

维护者

详细信息

github.com/shiftby/oauth2-appid

主页

源代码

安装: 363

依赖者: 0

建议者: 0

安全: 0

星标: 0

关注者: 1

分支: 1

2.0.10 2021-06-07 10:54 UTC

Requires

Requires (Dev)

MIT 7bf95b75b9e7b0af19ec8d45e5c2a36cd99340c5

phpauthorizationapiAuthenticationclientoauthoauth2SSOgooglefacebookidentityidpsingle sign onsamlibmApp ID

This package is auto-updated.

Last update: 2023-04-07 14:48:12 UTC

README

Build Status Scrutinizer coverage (GitHub/BitBucket) GitHub release (latest SemVer) PHP from Packagist Scrutinizer Code Quality GitHub tag (latest SemVer) GitHub Packagist GitHub contributors GitHub last commit contributions welcome

此包为PHP League的OAuth 2.0客户端提供IBM App ID OAuth 2.0支持。请阅读此页面以获取完整文档。

安装

要安装,请使用composer

composer require jampire/oauth2-appid

用法

用法与The League的OAuth客户端相同,使用\Jampire\OAuth2\Client\Provider\AppIdProvider作为提供者。

使用baseAuthUri来指定IBM App ID的基本服务器URL。您可以从IBM App ID服务的应用程序设置中的oAuthServerUrl部分查找正确的值(不带tenantId部分),例如https://us-south.appid.cloud.ibm.com/oauth/v4

使用tenantId来指定IBM App ID的租户ID。您可以从IBM App ID服务的应用程序设置中的tenantId部分查找正确的值,例如abcd-efgh-1234-5678-mnop

您可以在IBM App ID服务的应用程序设置中找到其他所有值。

别忘了在IBM App ID白名单中注册您的重定向URL。请参阅IBM App ID的文档

授权码流

<?php

require_once __DIR__ . '/vendor/autoload.php';

use Jampire\OAuth2\Client\Provider\AppIdProvider;
use Jampire\OAuth2\Client\Provider\AppIdException;

session_start();

try {
    $provider = new AppIdProvider([
        'baseAuthUri'   => '{baseAuthUri}',
        'tenantId'      => '{tenantId}',
        'clientId'      => '{clientId}',
        'clientSecret'  => '{clientSecret}',
        'redirectUri'   => '{redirectUri}',
    ]);
} catch (AppIdException $e) {
    exit('Failed to create provider: ' . $e->getMessage());
}

if (!isset($_GET['code'])) {
    // If we don't have an authorization code then get one

    // Fetch the authorization URL from the provider; this returns the
    // urlAuthorize option and generates and applies any necessary parameters
    // (e.g. state).
    $authorizationUrl = $provider->getAuthorizationUrl();

    // Get the state generated for you and store it to the session.
    $_SESSION['oauth2state'] = $provider->getState();

    // Redirect the user to the authorization URL.
    header('Location: ' . $authorizationUrl);
    exit;
}

if (empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])) {
    // Check given state against previously stored one to mitigate CSRF attack
    if (isset($_SESSION['oauth2state'])) {
        unset($_SESSION['oauth2state']);
    }
    exit('Invalid state');

}

try {
    // Try to get an access token using the authorization code grant.
    $accessToken = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]);

    // We have an access token, which we may use in authenticated
    // requests against the service provider's API.
    echo '<b>Access Token:</b> ', $accessToken->getToken(), '<br>';
    echo '<b>Refresh Token:</b> ', $accessToken->getRefreshToken(), '<br>';
    echo '<b>Expired in:</b> ', $accessToken->getExpires(), '<br>';
    echo '<b>Already expired?</b> ', ($accessToken->hasExpired() ? 'expired' : 'not expired'), '<br>';

    // Using the access token, we may look up details about the
    // resource owner.
    $resourceOwner = $provider->getResourceOwner($accessToken);
} catch (Exception $e) {
    // Failed to get the access token or user details.
    exit($e->getMessage());
}

示例

测试

$ ./vendor/bin/phpunit

贡献

请参阅CONTRIBUTING以获取详细信息。

鸣谢

许可

MIT许可(MIT)。请参阅许可文件以获取更多信息。