通过
搜索
搜索xp-forge / web-auth
Web身份验证
v5.2.0
2024-07-17 17:45 UTC
Requires
- php: >=7.4.0
- xp-forge/address: ^6.0 | ^5.3
- xp-forge/json: ^5.0 | ^4.0 | ^3.1
- xp-forge/sessions: ^3.0 | ^2.0 | ^1.0
- xp-forge/web: ^4.0 | ^3.0 | ^2.0 | ^1.0
- xp-framework/core: ^12.0 | ^11.0 | ^10.0
- xp-framework/http: ^10.0 | ^9.0 | ^8.0 | ^7.0
Requires (Dev)
- xp-framework/test: ^2.0 | ^1.0
This package is auto-updated.
Last update: 2024-09-17 18:08:41 UTC
README
为Web服务提供身份验证。支持对带有片段的URL进行身份验证,例如https://example.com/#/users/thekid,在重定向时不会丢失信息。
☑ 通过Twitter(OAuth 1)、Microsoft Office 365、Facebook、GitHub和LinkedIn(OAuth 2)验证。
示例
HTTP基本身份验证
use web\auth\Basic; use util\Secret; $auth= new Basic('Administration', function($user, Secret $secret) { return 'admin' === $user && $secret->equals('secret') ? ['id' => 'admin'] : null; }); return ['/' => $auth->required(function($req, $res) { $res->send('Hello @'.$req->value('user')['id'], 'text/plain'); })];
通过Twitter进行身份验证
use web\auth\SessionBased; use web\auth\oauth\OAuth1Flow; use web\session\ForTesting; $flow= new OAuth1Flow( 'https://api.twitter.com/oauth', [$credentials->named('twitter_oauth_key'), $credentials->named('twitter_oauth_secret')], $callback ); $auth= new SessionBased( $flow, new ForTesting(), $flow->fetchUser('https://api.twitter.com/1.1/account/verify_credentials.json') ); return ['/' => $auth->required(function($req, $res) { $res->send('Hello @'.$req->value('user')['screen_name'], 'text/plain'); })];
$callback参数应该是与Twitter注册的回调URI中的路径匹配的路径。
通过GitHub进行身份验证
use web\auth\SessionBased; use web\auth\oauth\OAuth2Flow; use web\session\ForTesting; $flow= new OAuth2Flow( 'https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/access_token', [$credentials->named('github_oauth_key'), $credentials->named('github_oauth_secret')], $callback ); $auth= new SessionBased( $flow, new ForTesting(), $flow->fetchUser('https://api.github.com/user') ); return ['/' => $auth->required(function($req, $res) { $res->send('Hello @'.$req->value('user')['login'], 'text/plain'); })];
$callback参数应该是与GitHub注册的回调URI中的路径匹配的路径。
通过Office 365 Azure AD进行身份验证
use util\Secret; use web\auth\SessionBased; use web\auth\oauth\{OAuth2Flow, BySecret, ByCertificate}; use web\session\ForTesting; // Depending on what you have set up under "Certificates & Secrets", use one // of the following. For certificate-based authentication, $privateKey can // hold either the key's contents or reference it as 'file://private.key' $credentials= new BySecret('[APP-ID]', new Secret('...')); $credentials= new ByCertificate('[APP-ID]', '[THUMBPRINT]', $privateKey); $flow= new OAuth2Flow( 'https://login.microsoftonline.com/[TENANT_ID]/oauth2/v2.0/authorize', 'https://login.microsoftonline.com/[TENANT_ID]/oauth2/v2.0/token', $credentials, $callback, ['openid', 'profile', 'offline_access', 'User.Read'] ); $auth= new SessionBased( $flow, new ForTesting(), $flow->fetchUser('https://graph.microsoft.com/v1.0/me') ); return ['/' => $auth->required(function($req, $res) { $res->send('Hello @'.$req->value('user')['login'], 'text/plain'); })];
$callback参数应该是与Azure AD应用程序注册的回调URI中的路径匹配的路径。
通过CAS(“中央身份验证服务”)进行身份验证
use web\auth\SessionBased; use web\auth\cas\CasFlow; use web\session\ForTesting; $flow= new CasFlow('https://sso.example.com/'); $auth= new SessionBased($flow, new ForTesting()); return ['/' => $auth->required(function($req, $res) { $res->send('Hello @'.$req->value('user')['username'], 'text/plain'); })];
目标URL
默认情况下,流实例使用请求URI来确定服务运行的位置。在代理后面,这很可能是用户界面URI。要更改此行为,请使用target()方法并传递以下UseURL实例
use web\auth\UseURL; use web\auth\cas\CasFlow; $flow= (new CasFlow('https://sso.example.com/'))->target(new UseURL('https://service.example.com/'));