Set of simple tools that helps to build API based on
alegz/yii2-oauth2-server package., (*1)
Installation
Via command line:, (*2)
composer require the-real-start/yii2-oauth2-server-tools, (*3)
Or add lime to composer.json requirement section:, (*4)
"require": {
...
"the-real-start/yii2-oauth2-server-tools": "*"
...
}
Usage
Package namepsace: TRS\yii2\oauth2server\tools, (*5)
Package provides 5 classes for setting up oauth2-server:, (*6)
- Abstract class AppIdentity
- Abstract class User
- Class ErrorHandler
- Class AccessRules
- Class JsonHttpException
AppIdentity
Abstract class for client credentials grant_type
(see https://tools.ietf.org/html/rfc6749 for details)., (*7)
You should declare getIsPublic method for you version of AppIdentity
class. See example below:, (*8)
```
<?php, (*9)
namespace common\components;, (*10)
use common\components\enums\Scope;
use TRS\yii2\oauth2server\tools\oauth2\AppIdentity as BaseAppIdentity, (*11)
class AppIdentity extends BaseAppIdentity
{
/**
* @inheritdoc
*/
abstract public function isPublicClient($client_id){
$app = self::findByClientId($client_id);, (*12)
return !!$app && $app->scope == Scope::_PUBLIC;
}
}
```, (*13)
Example with setting up module of yii2-oauth2-server:, (*14)
modules' => [
...
'oauth2' => [
'class' => \filsh\yii2\oauth2server\Module::className(),
...
'storageMap' => [
...
'client_credentials' => \common\components\AppIdentity::class,
],
...
],
...
],, (*15)
User
This abstract class extends yii\web\User adds getIsPublic method and
changes logic around logging user out., (*16)
This class requires to declare method getIsPublic for User, (*17)
Example of class:, (*18)
<?php
namespace common\components;
use common\enums\Scope;
use TRS\yii2\oauth2server\tools\oauth2\User as BaseUser;
class User extends BaseUser
{
/**
* @ingeritdoc
*/
public function getIsPublic()
{
/** @var \common\models\User $identity */
$identity = $this->getIdentity(false);
return ( $identity->scope == Scope::_PUBLIC );
}
}
Setting up example:, (*19)
'components' => [
...
'user' => [
'class' => \common\components\User::className(),
'identityClass' => \common\models\User::className(),
'enableAutoLogin' => true,
],
...
],
ErrorHandler
Simple error handler that were designed to be used with API., (*20)
Setup example in yii2 main.php config file in components section:, (*21)
...
'errorHandler' => [
'class' => \v1\components\oauth2\rest\ErrorHandler::className(),
],
...
AccessRules
Extended version of yii2 AccessRule. Adds support of user scope
filtering., (*22)
Example of rule, (*23)
public function accessRules()
{
return [
[
'allow' => true,
'roles' => [ '@' ],
'actions' => [ 'registration', 'send-recovery-email', 'reset-password', 'check-reset-token' ],
'scopes' => [ Scope::_PUBLIC ],
],
];
}
Setup example:, (*24)
public function behaviors()
{
$behaviors = parent::behaviors();
...
$behaviors = ArrayHelper::merge(
$behaviors,
[
...
'access' => [
'class' => AccessControl::className(),
'rules' => $this->accessRules(),
'ruleConfig' => ['class' => AccessRule::class],
],
...
]
);
return $behaviors;
}
In this and previous examples accessRules were declared as abstract
method in base controller., (*25)
JsonHttpException
It's simple wrapper over HTTPException that can accept array as message., (*26)
Array is converted to json., (*27)
Designed to use with ErrorHandler but you are free to adopt it to your
tools., (*28)
Small example, (*29)
/** @var array */
$errors = $model->getErrors();
throw new JsonHttpException(400, $errors);
Participation and development
Hope you will find this set of tools helpful., (*30)
If you have suggestions welcome to issues on github., (*31)
If you wish to improve thia package feel free to submit pull requests., (*32)
Wallogit.com
alegz