somoza/oauth2-client-middleware

此包已被弃用,不再维护。未建议替代包。

league/oauth2-client 的 OAuth2 PSR7 中间件

维护者

详细信息

github.com/gsomoza/oauth2-middleware

源代码

问题

安装: 41,543

依赖者: 3

建议者: 0

安全: 0

星标: 21

关注者: 6

分支: 3

开放问题: 0

0.3.0 2017-06-25 12:24 UTC

Requires

Requires (Dev)

MIT a6d89e5d58982a96689984d6c96b49e115df4f18

  • Gabriel Somoza <gabriel.woop@somoza.me>

This package is auto-updated.

Last update: 2023-04-18 07:54:03 UTC

README

This is to inform all users that this package has been abandoned and will no longer receive any 
updates or maintenance. We highly recommend users to migrate to an alternative library package. 
We apologize for any inconvenience caused.

league/oauth2-client 的 OAuth2 客户端中间件

Build Status Scrutinizer Code Quality Code Coverage Latest Stable Version

Author License

使用 league/oauth2-client 来与 OAuth2 服务器进行认证请求的 PSR7 中间件。

安装

composer require somoza/oauth2-client-middleware

使用

当前实现间接依赖于 Guzzle 6,因为它是 league/oauth2-client 的直接依赖。

使用 Guzzle

use Somoza\OAuth2Middleware\OAuth2Middleware;
use Somoza\OAuth2Middleware\TokenService\Bearer;

$stack = new \GuzzleHttp\HandlerStack();
$stack->setHandler(new CurlHandler());
$client = new \GuzzleHttp\Client(['handler' => $stack]);

// instantiate a provider, see league/oauth2-client docs
$provider = new GenericProvider(
    [
        'clientId' => 'your_client_id',
        'clientSecret' => 'your_client_secret',
        'urlAuthorize' => 'your_authorization_url',
        'urlAccessToken' => 'your_access_token_url',
        'urlResourceOwnerDetails' => 'your_resource_owner_url', 
    ], 
    [ 'httpClient' => $client ] // or don't pass it and let the oauth2-client create its own Guzzle client
);

// attach our oauth2 middleware
$bearerMiddleware = new OAuth2Middleware(
    new Bearer($provider), // use the Bearer token type
    [ // ignore (do not attempt to authorize) the following URLs
        $provider->getBaseAuthorizationUrl(),
        $provider->getBaseAccessTokenUrl(),
    ]
);
$stack->push($bearerMiddleware);

// if you want to debug, it might be useful to attach a PSR7 logger here

缓存访问令牌

可以将回调分配给中间件,以保存访问令牌供将来使用。请确保您了解存储访问令牌的安全影响(自行承担风险)。

示例

use Somoza\OAuth2Middleware\OAuth2Middleware;
use Somoza\OAuth2Middleware\TokenService\Bearer;
use League\OAuth2\Client\Token\AccessToken;

// see previous example for initialization
$tokenStore = new EncryptedCache(); // you can use whatever you want here
$token = null;
if ($tokenStore->contains($userId)) {
    $tokenData = json_decode($cache->fetch($userId));
    $token = new AccessToken($tokenData);
}

$bearerMiddleware = new OAuth2Middleware(
    new Bearer(
        $provider, // defined as in the "Usage" example
        $token, 
        function (AccessToken $newToken, AccessToken $oldToken) 
          use ($tokenStore, $userId) {
            // called whenever a new AccessToken is fetched
            $tokenStore->save($userId, $newToken->jsonSerialize());
        }
    ), 
);

$stack->push($bearerMiddleware);

许可

MIT - 查看 LICENSE.md