2017 © Pedro Peláez
 

yii2-extension yii2-authserver

Authentication server compatible with OAuth2.

image

jakim-pj/yii2-authserver

Authentication server compatible with OAuth2.

  • Sunday, July 2, 2017
  • by jakim
  • Repository
  • 1 Watchers
  • 0 Stars
  • 241 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 3 Versions
  • 8 % Grown

The README.md

The main purpose of this package is simplify the authentication process in restapi for mobile apps

Latest Stable Version Total Downloads Latest Unstable Version License, (*1)

Authentication server is compatible with OAuth 2.0

Success response RFC 6749 

HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Wed, 23 Nov 2016 15:35:13 GMT
Content-Type: application/json; charset=UTF-8

```json { "access_token": "4U0B6zMngrDuiNPyTErzsZ35gBVexoxC_1479923192", "token_type": "bearer", "expires_in": 7200, "refresh_token": "e-KaqLwjAgWrpp5A8c1zISfeK4dOEZex_1482507992" }, (*2)


### Error response [RFC 6749](https://tools.ietf.org/html/rfc6749#section-5.2)
```http
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8

```json { "error":"invalid_request" }, (*3)


### Errors
The authorization server responds with an HTTP 400 (Bad Request) status code 
and includes the following parameters with the response:
- **invalid_request**
The request is missing a required parameter, other than grant type.
- **invalid_grant**
The provided authorization grant (e.g., authorization code, resource owner credentials or refresh token) is invalid, expired, revoked.
- **unsupported_grant_type**
The authorization grant type is not supported by the authorization server.

### Installation

 1 . Configure component in `config/web.php`

Example:
```php
'components' => [
    'authServer' => [
        'class' => \jakim\authserver\Server::class,
        'grantTypes' => [
            'password' => \jakim\authserver\grants\PasswordCredentials::class,
            'refresh_token' => \jakim\authserver\grants\RefreshToken::class,
            'facebook_token' => [
                'class' => \jakim\authserver\grants\FacebookToken::class,
                'app_id' => $params['facebook.app_id'],
                'app_secret' => $params['facebook.app_secret'],
                'fields' => 'birthday,email,name,about,gender,picture.type(large){url}',
            ],
        ],
    ],
],

2 . Implement identity interfaces (typically in User model): - jakim\authserver\base\UserIdentityInterface for password grant and refresh token grant - jakim\authserver\base\FacebookUserIdentityInterface for facebook token grant, (*4)

Example:, (*5)

public static function findIdentityByCredentials($username, $password)
{
    $security = \Yii::$app->security;
    $model = static::findOne(['email' => $username]);
    if ($model && $security->validatePassword($password, $model->password)) {
        return $model;
    }

    return null;
}

public static function findIdentityByRefreshToken($refreshToken)
{
    return static::findOne(['refresh_token' => $refreshToken]);
}

public static function findIdentityByFacebookGraphUser($user)
{
    /** @var GraphUser $user */
    $model = static::findOne(['facebook_id' => $user->getId()]);
    if ($model === null) {
        $model = static::findOne(['email' => $user->getEmail()]);
    }

    // auto create user from facebook
    if ($model === null) {
        /** @var User $model */
        $model = UserFactory::newFromFacebookGraphUser($user);
        if (!$model->save()) {
            \Yii::error('Unable to create new user from facebook: ' . print_r($model->getErrors(), true), __METHOD__);

            return null;
        }
    } else {
        $model = UserFactory::updateFromFacebookGraphUser($model, $user);
        if (!$model->save()) {
            \Yii::error('Unable to update user from facebook: ' . print_r($model->getErrors(), true), __METHOD__);

            return null;
        }
    }

    return $model;
}

public function setAccessToken($token)
{
    $this->access_token = $token;
}

public function getAccessToken()
{
    return $this->access_token;
}

public function setRefreshToken($token)
{
    $this->refresh_token = $token;
}

public function getRefreshToken()
{
    return $this->refresh_token;
}

3 . Create token action in auth controller, (*6)

Example - custom action:, (*7)

public function actionToken()
{
    /** @var Server $server */
    $server = Instance::ensure('authServer', Server::class);

    if (($response = $server->getResponse()) === null) {

        return $server->getError();
    }

    return $response;
}

Example - predefined action class:, (*8)

    public function actions()
    {
        return [
            'token' => TokenAction::class,
        ];
    }

API Usage example:, (*9)

Arguments for password grant type

Property Type Required Description
username varchar(255) Yes Email
password varchar(255) Yes Password
grant_type varchar(255) Yes Value always: password

Arguments for password grant type

Property Type Required Description
refresh_token varchar(255) Yes Refresh Token
grant_type varchar(255) Yes Value always: refresh_token

Arguments for facebook grant type

Property Type Required Description
facebook_token varchar(255) Yes Facebook Token
grant_type varchar(255) Yes Value always: facebook_token

4 . Use custom auth filter jakim\authserver\filters\HttpBearerAuth (optionally), (*10)

The Versions

02/07 2017

dev-master

9999999-dev

Authentication server compatible with OAuth2.

  Sources   Download

MIT

The Requires

 

by Paweł Jakimowski

api component extension oauth auth rest yii2 server yii oauth2 mobile

10/03 2017

1.0.0-beta.2

1.0.0.0-beta2

Authentication server compatible with OAuth2.

  Sources   Download

MIT

The Requires

 

by Paweł Jakimowski

05/12 2016

1.0.0-beta.1

1.0.0.0-beta1

Authentication server compatible with OAuth2.

  Sources   Download

MIT

The Requires

 

by Paweł Jakimowski