OAuth2 Demo PHP
The purpose of this application is to demonstrate the workflow between the OAuth2.0 client and the server.
If this is your first time here, try the live demo to make the OAuth2.0 flow a better feeling.
Experimenting with the live demo
This library is a oauth2 server running PHP library.
installation
Install this application using Composer:
clone git://github.com/bshaffer/oauth2-demo-php.git$ cd oauth2-demo--S http: // Getcomposer.org/installer | php$./composer.phar Install
Webhost ConfigurationMaster-written configurationConfigure a Web server
Silex requires configure your Web server to run it.
Being sure to run the command in the project root so, the $ chmod -R 777 data/
Web server can create the SQLite file.
using PHP's built-in Web server
You can use PHP's built-in Web server However, you will need to rotate two instances, specifying one of them 数据/ parameters.json
to prevent server locking. The client makes a request to the server because PHP's built-in Web server is single-threaded, which results in a deadlock.
$ cd oauth2-demo-php$ CP data/parameters.json.dist data/parameters. -i ' s? " Grant "?" Http://localhost:8081/lockdin/token "? g ' data/parameters. -i ' s? " Access "?" Http://localhost:8081/lockdin/resource "? g ' Data/parameters.json
now all you have to do is spin up two separate Web servers web
Directory
-S localhost:8080 & Php-s localhost:8081
浏览到 http://localhost:8080
在您的浏览器中,你都准备好了!
What does this program do??
This application simulates the interaction between the OAuth2 client (demo application) and the OAuth2 server (lock). First, visit the home page of the demo application:
Click Authorized Authorize lock you up, simulate data providers (such as Twitter, Facebook, etc.). The lock will assume that you have signed and asked if you want the demo app to grant access to your information:
Once you click Yes, I approve the request. , you will be redirected back and a demo application 授权代码
, it then the client communicates the customer then exchanges for an access token. The demo application then lets another call lock in the API and uses an access token to retrieve the data on your behalf.
If successful, your data from the lock on the last page will be displayed:
The OAuth2 client can be used to test any OAuth2.0 server that can be configured to use configuration file definitions below .
OAuth2 Server
oauth2 server create (see set
controller class Which one of the following endpoints is implemented:
- /Authorized Authorize --Grant the demo application an endpoint
授权代码
- /Token token --Grant the demo application an endpoint
access_token
when providing the above authorization code
- /Resource Resource --Endpoint Grant demo application accesses the protected resource (in this case, your friend) when providing the above access token
The main functions of these three OAUTH2 servers (authorized users, granting user tokens, and validating API calls). When you write the oauth2-compatible server, your interface will be similar.
Note: The above URL prefix /服务器
namespace of the application.
Note:the above URLs is prefixed with to /server
namespace the application. Note: The above URL prefix /服务器
namespace of the application.
Test Your Own OAuth2 server!Test your own OAuth2 server!
You can test this application easily with your own OAuth application. Copied parameters.json.dist
files Parameters.json :
$ cd/path/to/oauth2-demo-php$ CP data/parameters.json.dist Data/parameters.json
Open the parameter. JSON file, note the default configuration:
{ "client_id": "demoapp", "client_secret": "demopass", "token_route": "grant", "authorize_route": "authorize", "resource_route": "access", "resource_method": "GET", "resource_params": {}, "curl_options": {}}
This is the default configuration 就锁在
OAuth2 Server. For your own testing, change these parameters to fit the API server you want to test:
{ "client_id": "OAuth Demo Application", "client_secret": "a3b4b74330724a927bec", "token_route": "https://api.myapp.com/token", "authorize_route": "https://myapp.com/authorize", "resource_route": "https://api.myapp.com/profile", "resource_method": "POST", "resource_params": { "debug": true }, "curl_options": { "http_port": 443, "verifyssl": false }}
The above example uses a new client for a fictitious OAuth authentication server myapp.com
. This is useful when testing your application in production
Note:the Curl Options is set to ignore an SSL certificate, and the resource_params
define a fictional debug parameter. These is isn't required for your APIs, but is meant as a example what can be do with the configuration
Note: The Curly option setting ignores the SSL certificate, and Resource_params defines a fictitious debug parameter. These are not required for your API, but can also be used as an example of configuration.
# # #Test多环境测试
In addition, you can use the Parameters.json file to create multiple environments, and switch between them:
{ "LockdIn": { "client_id": "demoapp", "client_secret": "demopass", "token_route": "grant", "authorize_route": "authorize", "resource_route": "access", "resource_method": "GET", "resource_params": {}, "curl_options": {} }, "My App": { "client_id": "OAuth Demo Application", "client_secret": "a3b4b74330724a927bec", "token_route": "https://api.myapp.com/token", "authorize_route": "https://myapp.com/authorize", "resource_route": "https://api.myapp.com/profile", "resource_method": "POST", "resource_params": { "debug": true }, "curl_options": { "http_port": 443, "verifyssl": false } }}
This will be at the top, which will allow you to switch the environment and test multiple OAuth servers to provide a drop-down
Contact
Brent Shaffer (77811970<at> qq<dot> com) for more information
OAuth2 Demo PHP