2017 © Pedro Peláez
 

yii2-extension yii2oauthserver

A module that implement's TheLeague's OAuth component for Yii2

image

rowasc/yii2oauthserver

A module that implement's TheLeague's OAuth component for Yii2

  • Sunday, November 22, 2015
  • by rowasc
  • Repository
  • 1 Watchers
  • 0 Stars
  • 9 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 5 Versions
  • 0 % Grown

The README.md

  • Copy the migration file to your own migrations directory (inside of your yii2 project) , and run the migrations. Make sure you update the client_id and client_secret before using it in your project, since they are not safe the way they are added in the migration!, (*1)

  • Edit your yii2 configuration to include the following under "components", (*2)

    'ResourceServerComponent'=> [
        'class' => 'rowasc\yii2oauthserver\components\ResourceServerComponent'
    ],
    'AuthServerComponent'=> [
        'class' => 'rowasc\yii2oauthserver\components\AuthServerComponent'
    ],
  • Edit your yii2 configuration to include the following under "modules"
     'yii2oauthserver' => [
               'class' => '@vendor\rowasc\yii2oauthserver\Module',
     ]
  • In your .htaccess file, allow the Authorization headers to pass, since they will be stripped most of the time witouth this line
    SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

  • Have your base api controller extend " \rowasc\yii2oauthserver\controllers\ApiController" ., (*3)

  • Create an AuthorizationController, and extend \rowasc\yii2oauthserver\controllers\AuthorizationController in it., (*4)

  • In your User model, extend rowasc\yii2oauthserver\models\User, (*5)

This will create an "/authorization/login" and a "/authorization/logout" endpoint which will allow you to get and expire bearer tokens for your api auth., (*6)

Examples: getting a new bearer token

POST /v1/authorization/login HTTP/1.1 Host: api.yii2-starter-kit.dev Content-Type: application/json Cache-Control: no-cache Postman-Token: 7dd28588-b30d-a252-5c7e-5ecc9d1ab740, (*7)

{
    "client_id": "client_name",
    "client_secret": "client_secret",
    "username": "webmaster",
    "password": "webmaster" 
}

Response:, (*8)

{
    "access_token": "ENMTcmTSgQTmwCpVbaO3AHHbhbJYgziiZzjWzWUd",
    "token_type": "Bearer",
    "expires_in": 43200
}

Examples: invalidating the token so users do not have access to the api

POST /v1/authorization/logout HTTP/1.1 Host: api.yii2-starter-kit.dev Content-Type: application/json Authorization: Bearer ENMTcmTSgQTmwCpVbaO3AHHbhbJYgziiZzjWzWUd Cache-Control: no-cache Postman-Token: 9b86bad2-dd05-898b-5888-6047e0dd2772, (*9)

{
    "client_id": "client_name",
    "client_secret": "client_secret",
    "username": "webmaster",
    "password": "webmaster" 
}

Response:, (*10)

{
  "status": true
}

Help wanted:

This project is in need of better tests.

The Versions

22/11 2015

dev-master

9999999-dev

A module that implement's TheLeague's OAuth component for Yii2

  Sources   Download

MIT

The Requires

 

The Development Requires

by Romina Suarez

18/10 2015

1.0.3

1.0.3.0

A module that implement's TheLeague's OAuth component for Yii2

  Sources   Download

MIT

The Requires

 

The Development Requires

by Romina Suarez

13/10 2015

1.0.2

1.0.2.0

A module that implement's TheLeague's OAuth component for Yii2

  Sources   Download

MIT

The Requires

 

The Development Requires

by Romina Suarez

12/10 2015

1.0.1

1.0.1.0

A module that implement's TheLeague's OAuth component for Yii2

  Sources   Download

MIT

The Requires

 

The Development Requires

by Romina Suarez

06/09 2015

1.0.0

1.0.0.0

A module that implement's TheLeague's OAuth component for Yii2

  Sources   Download

MIT

The Requires

 

The Development Requires

by Romina Suarez