OAuth2 Demo PHP

Source: Internet
Author: User
Tags curl options oauth ssl certificate

OAuth2 Demo PHP

The purpose of this application is to demonstrate the workflow between the OAuth2.0 client and the server.
If this is your first time here, try the live demo to make the OAuth2.0 flow a better feeling.

Experimenting with the live demo

This library is a oauth2 server running PHP library.


Install this application using Composer:

clone git://github.com/bshaffer/oauth2-demo-php.git$ cd oauth2-demo--S http: // Getcomposer.org/installer | php$./composer.phar Install

Webhost ConfigurationMaster-written configurationConfigure a Web server

Silex requires configure your Web server to run it.

Being sure to run the command in the project root so, the $ chmod -R 777 data/ Web server can create the SQLite file.

using PHP's built-in Web server

You can use PHP's built-in Web server However, you will need to rotate two instances, specifying one of them 数据/ parameters.json  to prevent server locking. The client makes a request to the server because PHP's built-in Web server is single-threaded, which results in a deadlock.

$ cd oauth2-demo-php$ CP data/parameters.json.dist data/parameters.  -i ' s? " Grant "?" Http://localhost:8081/lockdin/token "? g ' data/parameters.  -i ' s? " Access "?" Http://localhost:8081/lockdin/resource "? g ' Data/parameters.json

now all you have to do is spin up two separate Web servers web Directory

-S localhost:8080 & Php-s localhost:8081

浏览到 http://localhost:8080 在您的浏览器中,你都准备好了!

What does this program do??

This application simulates the interaction between the OAuth2 client (demo application) and the OAuth2 server (lock). First, visit the home page of the demo application:

Click Authorized Authorize lock you up, simulate data providers (such as Twitter, Facebook, etc.). The lock will assume that you have signed and asked if you want the demo app to grant access to your information:

Once you click Yes, I approve the request. , you will be redirected back and a demo application 授权代码  , it then the client communicates the customer then exchanges for an access token. The demo application then lets another call lock in the API and uses an access token to retrieve the data on your behalf.

If successful, your data from the lock on the last page will be displayed:

The OAuth2 client can be used to test any OAuth2.0 server that can be configured to use configuration file definitions below .

OAuth2 Server

oauth2 server   create   (see   set   controller class   Which one of the following endpoints is implemented:

    • /Authorized Authorize --Grant the demo application an endpoint授权代码
    • /Token token --Grant the demo application an endpoint access_token  when providing the above authorization code
    • /Resource Resource --Endpoint Grant demo application accesses the protected resource (in this case, your friend) when providing the above access token

The main functions of these three OAUTH2 servers (authorized users, granting user tokens, and validating API calls). When you write the oauth2-compatible server, your interface will be similar.

Note: The above URL prefix /服务器  namespace of the application.

Note:the above URLs is prefixed with to /server namespace the application. Note: The above URL prefix /服务器  namespace of the application.

Test Your Own OAuth2 server!Test your own OAuth2 server!

You can test this application easily with your own OAuth application. Copied parameters.json.dist  files Parameters.json :

$ cd/path/to/oauth2-demo-php$ CP data/parameters.json.dist Data/parameters.json

Open the parameter. JSON file, note the default configuration:

{  "client_id": "demoapp",  "client_secret": "demopass",  "token_route": "grant",  "authorize_route": "authorize",  "resource_route": "access",  "resource_method": "GET",  "resource_params": {},  "curl_options": {}}

This is the default configuration 就锁在  OAuth2 Server. For your own testing, change these parameters to fit the API server you want to test:

{  "client_id": "OAuth Demo Application",  "client_secret": "a3b4b74330724a927bec",  "token_route": "https://api.myapp.com/token",  "authorize_route": "https://myapp.com/authorize",  "resource_route": "https://api.myapp.com/profile",  "resource_method": "POST",  "resource_params": { "debug": true },  "curl_options": { "http_port": 443, "verifyssl": false }}

The above example uses a new client for a fictitious OAuth authentication server myapp.com  . This is useful when testing your application in production

Note:the Curl Options is set to ignore an SSL certificate, and the resource_params define a fictional debug parameter. These is isn't required for your APIs, but is meant as a example what can be do with the configuration

Note: The Curly option setting ignores the SSL certificate, and Resource_params defines a fictitious debug parameter. These are not required for your API, but can also be used as an example of configuration.

# # #Test多环境测试

In addition, you can use the Parameters.json file to create multiple environments, and switch between them:

{    "LockdIn": {      "client_id": "demoapp",      "client_secret": "demopass",      "token_route": "grant",      "authorize_route": "authorize",      "resource_route": "access",      "resource_method": "GET",      "resource_params": {},      "curl_options": {}    },    "My App": {      "client_id": "OAuth Demo Application",      "client_secret": "a3b4b74330724a927bec",      "token_route": "https://api.myapp.com/token",      "authorize_route": "https://myapp.com/authorize",      "resource_route": "https://api.myapp.com/profile",      "resource_method": "POST",      "resource_params": { "debug": true },      "curl_options": { "http_port": 443, "verifyssl": false }    }}

This will be at the top, which will allow you to switch the environment and test multiple OAuth servers to provide a drop-down


Brent Shaffer (77811970<at> qq<dot> com) for more information

OAuth2 Demo PHP

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.