通过以下链接搜索 
trikoder / oauth2-bundle
Symfony 扩展,提供 OAuth 2.0 授权/资源服务器功能。
v4.0.0
2023-06-29 02:59 UTC
Requires
- php: >=8.1
- ajgarlag/psr-http-message-bundle: ^1.1
- doctrine/doctrine-bundle: ^2.4.3
- doctrine/orm: ^2.10
- league/oauth2-server: ^8.5.1
- psr/http-factory: ^1.0
- symfony/framework-bundle: ^4.4.30|^5.4
- symfony/psr-http-message-bridge: ^2.0
- symfony/security-bundle: ^4.4.30|^5.4
Requires (Dev)
- ext-xdebug: *
- laminas/laminas-diactoros: ^2.25|^3.0
- nyholm/psr7: ^1.8
- phpunit/phpunit: ^9.6.9
- symfony/browser-kit: ^4.4.30|^5.4
- symfony/http-foundation: ^4.4.30|^5.4
- symfony/phpunit-bridge: ^6.3
Suggests
- defuse/php-encryption: For better performance when doing encryption
- nelmio/cors-bundle: For handling CORS requests
- nyholm/psr7: For a super lightweight PSR-7/17 implementation
This package is auto-updated.
Last update: 2024-08-27 13:10:48 UTC
README
Symfony 扩展,提供 OAuth 2.0 授权/资源服务器功能。授权和资源服务器参与者使用 thephpleague/oauth2-server 库实现。
重要说明
此扩展为 thephpleague/oauth2-server 库和 Symfony 之间的“粘合剂”。它按照官方文档指定的方式实现了 thephpleague/oauth2-server 库。对于将其集成到 Symfony 项目中,请参阅 扩展文档 和官方 Symfony 安全文档。
状态 ⚠️
由于此存储库正在迁移到 thephpleague/oauth2-server-bundle 项目,目前暂停积极开发。
当 oauth2-server-bundle 准备好 v1.0 发布时,当前存储库将 停止维护。 有关更多信息,请参阅 此评论。
功能
要求
- PHP 7.2 或更高版本
- Symfony 4.4 或 Symfony 5.x
安装
-
使用 Composer 需要扩展和 PSR 7/17 实现
composer require trikoder/oauth2-bundle nyholm/psr7
如果您的项目使用 Symfony Flex 管理,则无需执行以下步骤。请按照安装后的说明操作!🎉
注意:此扩展需要 PSR 7/17 实现才能运行。我们建议您使用 nyholm/psr7。如果您想使用不同的实现,请查阅此 文档。
-
在
config/packages/trikoder_oauth2.yaml下创建扩展配置文件。以下是参考配置文件trikoder_oauth2: authorization_server: # Required # Full path to the private key file. # How to generate a private key: https://oauth2.thephpleague.com/installation/#generating-public-and-private-keys private_key: ~ # Required, Example: /var/oauth/private.key # Passphrase of the private key, if any. private_key_passphrase: null # The plain string or the ascii safe string used to create a Defuse\Crypto\Key to be used as an encryption key. # How to generate an encryption key: https://oauth2.thephpleague.com/installation/#string-password encryption_key: ~ # Required # The type of value of "encryption_key". encryption_key_type: plain # One of "plain"; "defuse" # How long the issued access token should be valid for, used as a default if there is no grant type specific value set. # The value should be a valid interval: https://php.ac.cn/manual/en/dateinterval.construct.php#refsect1-dateinterval.construct-parameters access_token_ttl: PT1H # How long the issued refresh token should be valid for, used as a default if there is no grant type specific value set. # The value should be a valid interval: https://php.ac.cn/manual/en/dateinterval.construct.php#refsect1-dateinterval.construct-parameters refresh_token_ttl: P1M # How long the issued authorization code should be valid for. # The value should be a valid interval: https://php.ac.cn/manual/en/dateinterval.construct.php#refsect1-dateinterval.construct-parameters auth_code_ttl: ~ # Deprecated ("trikoder_oauth2.authorization_server.auth_code_ttl" is deprecated, use "trikoder_oauth2.authorization_server.grant_types.authorization_code.auth_code_ttl" instead.) # Whether to require code challenge for public clients for the authorization code grant. require_code_challenge_for_public_clients: ~ # Deprecated ("trikoder_oauth2.authorization_server.require_code_challenge_for_public_clients" is deprecated, use "trikoder_oauth2.authorization_server.grant_types.authorization_code.require_code_challenge_for_public_clients" instead.) # Whether to enable the authorization code grant. enable_auth_code_grant: ~ # Deprecated ("trikoder_oauth2.authorization_server.enable_auth_code_grant" is deprecated, use "trikoder_oauth2.authorization_server.grant_types.authorization_code.enable" instead.) # Whether to enable the client credentials grant. enable_client_credentials_grant: ~ # Deprecated ("trikoder_oauth2.authorization_server.enable_client_credentials_grant" is deprecated, use "trikoder_oauth2.authorization_server.grant_types.client_credentials.enable" instead.) # Whether to enable the implicit grant. enable_implicit_grant: ~ # Deprecated ("trikoder_oauth2.authorization_server.enable_implicit_grant" is deprecated, use "trikoder_oauth2.authorization_server.grant_types.implicit.enable" instead.) # Whether to enable the password grant. enable_password_grant: ~ # Deprecated ("trikoder_oauth2.authorization_server.enable_password_grant" is deprecated, use "trikoder_oauth2.authorization_server.grant_types.password.enable" instead.) # Whether to enable the refresh token grant. enable_refresh_token_grant: ~ # Deprecated ("trikoder_oauth2.authorization_server.enable_refresh_token_grant" is deprecated, use "trikoder_oauth2.authorization_server.grant_types.refresh_token.enable" instead.) # Enable and configure grant types. grant_types: authorization_code: # Whether to enable the authorization code grant. enable: true # How long the issued access token should be valid for the authorization code grant. access_token_ttl: ~ # How long the issued refresh token should be valid for the authorization code grant. refresh_token_ttl: ~ # How long the issued authorization code should be valid for. # The value should be a valid interval: https://php.ac.cn/manual/en/dateinterval.construct.php#refsect1-dateinterval.construct-parameters auth_code_ttl: PT10M # Whether to require code challenge for public clients for the authorization code grant. require_code_challenge_for_public_clients: true client_credentials: # Whether to enable the client credentials grant. enable: true # How long the issued access token should be valid for the client credentials grant. access_token_ttl: ~ implicit: # Whether to enable the implicit grant. enable: true # How long the issued access token should be valid for the implicit grant. access_token_ttl: ~ password: # Whether to enable the password grant. enable: true # How long the issued access token should be valid for the password grant. access_token_ttl: ~ # How long the issued refresh token should be valid for the password grant. refresh_token_ttl: ~ refresh_token: # Whether to enable the refresh token grant. enable: true # How long the issued access token should be valid for the refresh token grant. access_token_ttl: ~ # How long the issued refresh token should be valid for the refresh token grant. refresh_token_ttl: ~ resource_server: # Required # Full path to the public key file. # How to generate a public key: https://oauth2.thephpleague.com/installation/#generating-public-and-private-keys public_key: ~ # Required, Example: /var/oauth/public.key # Scopes that you wish to utilize in your application. # This should be a simple array of strings. scopes: [] # Configures different persistence methods that can be used by the bundle for saving client and token data. # Only one persistence method can be configured at a time. persistence: # Required doctrine: # Name of the entity manager that you wish to use for managing clients and tokens. entity_manager: default in_memory: ~ # The priority of the event listener that converts an Exception to a Response. exception_event_listener_priority: 10 # Set a custom prefix that replaces the default "ROLE_OAUTH2_" role prefix. role_prefix: ROLE_OAUTH2_
-
在
config/bundles.php中通过将其添加到数组中启用扩展Trikoder\Bundle\OAuth2Bundle\TrikoderOAuth2Bundle::class => ['all' => true]
-
更新数据库,以便使用 Doctrine 持久化扩展实体
bin/console doctrine:schema:update --force
-
将
config/routes.yaml文件内的路由导入oauth2: resource: '@TrikoderOAuth2Bundle/Resources/config/routes.xml'
您可以通过向 /token 端点发出 POST 请求来验证一切是否正常工作。
❮ 注意 ❯ 建议您控制授权端点的访问,以便只有登录用户才能批准授权请求。您应该检查您的 security.yml 文件。以下是示例配置
security: access_control: - { path: ^/authorize, roles: IS_AUTHENTICATED_REMEMBERED }
配置
贡献
有关详细信息,请参阅 贡献指南。
版本管理
本项目遵循 语义化版本控制 2.0.0。随机破坏公共API不是可选项。
然而,从版本4开始,我们只保证在标记有 @api 标签 的结构元素上遵循SemVer。
变更
所有包发布记录在 变更日志 文件中。
问题报告
使用 问题跟踪器 报告任何可能遇到的问题。
许可证
有关许可证权利和限制(MIT),请参阅 LICENSE 文件。