uafrica/oauth-server

基于PHP League的OAuth2 Server的CakePHP 3 OAuth服务器

此包的规范仓库似乎已消失,因此已冻结此包。

维护者

详细信息

github.com/uafrica/oauth-server

安装: 72,061

依赖项: 0

建议者: 0

安全: 0

星标: 51

关注者: 13

分支: 51

类型:cakephp-plugin

v0.2.0 2016-02-10 13:43 UTC

Requires

Requires (Dev)

MIT 74376320f4b2c265582cf11686d01664a0843f9e

  • Walther Lalk <walther.woop@uafrica.com>

oauthoauth2cakephpoauth2 serveroauth server

This package is not auto-updated.

Last update: 2024-09-14 18:14:56 UTC

README

Software License Build Status

CakePHP 3中实现OAuth2服务器的插件。基于PHP League的OAuth2 Server构建。目前我们支持以下授权类型:AuthCode、RefreshToken、ClientCredentials。

安装

使用composer进行安装。运行

$ composer require uafrica/oauth-server

一旦composer已安装该包,需要通过运行以下命令来激活插件

$ bin/cake plugin load -r OAuthServer

最后,需要运行数据库迁移。

$ bin/cake migrations migrate --plugin OAuthServer

配置

假设您已经使用内置的CakePHP 3认证组件使用基于表单的认证。如果您没有,请阅读认证章节

将OAuthServer设置为认证适配器。

在您的AppController::beforeFilter()方法中,添加(或修改)

$this->Auth->config('authenticate', [
    'Form',
    'OAuthServer.OAuth'
]);

更改您的登录方法如下

public function login()
{
    if ($this->request->is('post')) {
        $user = $this->Auth->identify();
        if ($user) {
            $this->Auth->setUser($user);
            $redirectUri = $this->Auth->redirectUrl();
            if ($this->request->query['redir'] === 'oauth') {
                $redirectUri = [
                    'plugin' => 'OAuthServer',
                    'controller' => 'OAuth',
                    'action' => 'authorize',
                    '?' => $this->request->query
                ];
            }
            return $this->redirect($redirectUri);
        } else {
            $this->Flash->error(
                __('Username or password is incorrect'),
                'default',
                [],
                'auth'
            );
        }
    }
}

或者,如果您正在使用Friends Of Cake CRUD插件,请添加

'login' => [
    'className' => 'OAuthServer.Login'
]

到您的CRUD操作配置中。

用法

基础OAuth2路径为example.com/oauth

要添加客户端和OAuth范围,您需要创建一个ClientsController和一个ScopesController(这不是此插件的一部分)

最简单的方法是使用Friends Of Cake CRUD-View插件

通过运行以下命令安装它

$ composer require friendsofcake/bootstrap-ui:dev-master
$ composer require friendsofcake/crud:dev-master
$ composer require friendsofcake/crud-view:dev-master

然后创建一个看起来像这样的ClientsController

<?php
namespace App\Controller;

use Crud\Controller\ControllerTrait;

/**
 * OauthClients Controller
 *
 * @property \OAuthServer\Model\Table\ClientsTable $Clients
 */
class ClientsController extends AppController
{

    use ControllerTrait;

    public $modelClass = 'OAuthServer.Clients';

    /**
     * @return void
     */
    public function initialize()
    {
        parent::initialize();
        $this->viewClass = 'CrudView\View\CrudView';
        $tables = [
            'Clients',
            'Scopes'
        ];
        $this->loadComponent('Crud.Crud', [
            'actions' => [
                'index' => [
                    'className' => 'Crud.Index',
                    'scaffold' => [
                        'tables' => $tables
                    ]
                ],
                'view' => [
                    'className' => 'Crud.View',
                    'scaffold' => [
                        'tables' => $tables
                    ]
                ],
                'edit' => [
                    'className' => 'Crud.Edit',
                    'scaffold' => [
                        'tables' => $tables,
                        'fields' => [
                            'name',
                            'redirect_uri',
                            'parent_model',
                            'parent_id' => [
                                'label' => 'Parent ID',
                                'type' => 'text'
                            ]
                        ]
                    ]
                ],
                'add' => [
                    'className' => 'Crud.Add',
                    'scaffold' => [
                        'tables' => $tables,
                        'fields' => [
                            'name',
                            'redirect_uri',
                            'parent_model',
                            'parent_id' => [
                                'label' => 'Parent ID',
                                'type' => 'text'
                            ]
                        ]
                    ]
                ],
                'delete' => [
                    'className' => 'Crud.Delete',
                    'scaffold' => [
                        'tables' => $tables
                    ]
                ],
            ],
            'listeners' => [
                'CrudView.View',
                'Crud.RelatedModels',
                'Crud.Redirect',
                'Crud.Api'
            ],
        ]);
    }
}

以及一个看起来像这样的ScopesController

<?php
namespace App\Controller;

use Crud\Controller\ControllerTrait;

/**
 * Scopes Controller
 *
 * @property \OAuthServer\Model\Table\ScopesTable $Scopes
 */
class ScopesController extends AppController
{

    use ControllerTrait;

    public $modelClass = 'OAuthServer.Scopes';

    /**
     * @return void
     */
    public function initialize()
    {
        parent::initialize();
        $this->viewClass = 'CrudView\View\CrudView';
        $tables = [
            'Clients',
            'Scopes'
        ];
        $this->loadComponent('Crud.Crud', [
            'actions' => [
                'index' => [
                    'className' => 'Crud.Index',
                    'scaffold' => [
                        'tables' => $tables
                    ]
                ],
                'view' => [
                    'className' => 'Crud.View',
                    'scaffold' => [
                        'tables' => $tables
                    ]
                ],
                'edit' => [
                    'className' => 'Crud.Edit',
                    'scaffold' => [
                        'tables' => $tables,
                        'fields' => [
                            'id' => [
                                'label' => 'ID',
                                'type' => 'text'
                            ],
                            'description',
                        ]
                    ]
                ],
                'add' => [
                    'className' => 'Crud.Add',
                    'scaffold' => [
                        'tables' => $tables,
                        'fields' => [
                            'id' => [
                                'label' => 'ID',
                                'type' => 'text'
                            ],
                            'description',
                        ]
                    ]
                ],
                'delete' => [
                    'className' => 'Crud.Delete',
                    'scaffold' => [
                        'tables' => $tables
                    ]
                ],
            ],
            'listeners' => [
                'CrudView.View',
                'Crud.RelatedModels',
                'Crud.Redirect',
            ],
        ]);
    }
}

自定义

OAuth2服务器可以自定义,可以通过在Template/Plugin/OAuthServer/OAuth中创建模板来更改各种页面的外观

服务器还会触发多个事件,可以用来在过程中注入值。当前触发的事件有

  • OAuthServer.beforeAuthorize - 在渲染用户批准页面时。
  • OAuthServer.afterAuthorize - 用户批准客户端时。
  • OAuthServer.afterDeny - 用户拒绝客户端时。
  • OAuthServer.getUser - 在加载用于认证请求的用户详细信息时。

您可以通过在src/Template/Plugin/OAuthServer/OAuth/authorize.ctp中创建覆盖模板文件来自定义OAuth授权页面