Simple case of building oau2tp Based on TP and case of building oauth2tp

Simple case of building oau2tp Based on TP and case of building oauth2tp

Notice: Understanding oau22.

OAuth is an open network standard for authorization. It is widely used all over the world. The current version is version 2.0. Today, I tried to set up the environment here as a learning record;

Reference Source:

Http://oauth.net/2/

Http://bshaffer.github.io/oauth2-server-php-docs/cookbook/

Prepare data tables:

---- TABLE structure 'oss _ access_tokens' -- create table if not exists 'oss _ access_tokens' ('Access _ token' text, 'client _ id' text, 'User _ id' text, 'expires' timestamp not null default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, 'scope 'text) ENGINE = InnoDB default charset = utf8; -- the structure of the authorization TABLE 'oss _ authorization_codes '-- create table if not exists 'oss _ authorization_codes' ('authorization _ Code' text, 'client _ id' text, 'User _ id' text, 'redirect _ url' text, 'expires' timestamp not null default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, 'scope 'text, 'Id _ token' text) ENGINE = InnoDB default charset = utf8; -- the structure of the tables TABLE 'oss _ clients '-- create table if not exists 'oss _ clients' ('client _ id' text, 'client _ secret' text, 'redirect _ url' text) ENGINE = InnoDB default charset = utf8; ---- data in the table 'oss _ clients '-- insert into 'oss _ clients' ('client _ id', 'client _ secret', 'redirect _ uri ') VALUES ('demoapp ', 'demopass', 'HTTP: // 127.0.0.1/tp/index. php '); -- struct TABLE structure 'oss _ public_keys' -- create table if not exists 'oss _ public_keys '('client _ id' varchar (80) default null, 'Public _ key' varchar (8000) default null, 'private _ key' varchar (8000) default null, 'encryption _ algorithm 'varchar (80) DEFAULT 'rs256 ') ENGINE = InnoDB default charset = utf8; -- Structure of the tables TABLE 'oss _ refresh_tokens' -- create table if not exists 'oss _ refresh_tokens' ('refresh _ token' text, 'client _ id' text, 'user _ id' text, 'expires' timestamp not null default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, 'scope 'text) ENGINE = InnoDB default charset = utf8; -- users TABLE structure 'oss _ scopes '-- create table if not exists 'oss _ scopes' ('process' text, 'is _ default' tinyint (1) default NULL) ENGINE = InnoDB default charset = utf8; -- struct TABLE structure 'oss _ users' -- create table if not exists 'oss _ users' ('username' varchar (255) not null, 'Password' varchar (2000) default null, 'First _ name' varchar (255) default null, 'last _ name' varchar (255) default null) ENGINE = InnoDB default charset = utf8; ---- Indexes for table 'oss _ users' -- alter table 'oss _ users' add primary key ('username ');

 

Database address: https://github.com/bshaffer/oauth2-server-php

Here I put it in the Vendor/oau2;

 

Authorization request class:

<?phpnamespace Api\Controller;class OAuth2Controller extends \Org\OAuth2\Controller{    public function __construct()    {        parent::__construct();    }    public function authorize()    {// validate the authorize request        if (!$this->oauth_server->validateAuthorizeRequest($this->oauth_request, $this->oauth_response)) {            $this->oauth_response->send();            die;        }// print the authorization code if the user has authorized your client        $this->oauth_server->handleAuthorizeRequest($this->oauth_request, $this->oauth_response, true);        // this is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client        $code = substr($this->oauth_response->getHttpHeader('Location'), strpos($this->oauth_response->getHttpHeader('Location'), 'code=') + 5, 40);        echo json_encode(['code' => $code]);        //$this->oauth_response->send();    }    public function token()    {        $this->oauth_server->handleTokenRequest(\OAuth2\Request::createFromGlobals())->send();    }}

 

The request of the oau2store is encapsulated in Org/oau2;

<?phpnamespace Org\OAuth2;class Controller{    protected $oauth_server;    protected $oauth_storage;    protected $oauth_request;    protected $oauth_response;    public function __construct()    {        // Autoloading (composer is preferred, but for this example let's just do this)//        require_once(VENDOR_PATH . '/OAuth2/Autoloader.php');//        \OAuth2\Autoloader::register();        // $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"        $this->oauth_storage = new \OAuth2\Storage\Pdo(array('dsn' => C('DSN'), 'username' => C('USERNAME'), 'password' => C('PASSWORD')));        // Pass a storage object or array of storage objects to the OAuth2 server class        $this->oauth_server = new \OAuth2\Server($this->oauth_storage);        // Add the "Client Credentials" grant type (it is the simplest of the grant types)        $this->oauth_server->addGrantType(new \OAuth2\GrantType\ClientCredentials($this->oauth_storage));        // Add the "Authorization Code" grant type (this is where the oauth magic happens)        $this->oauth_server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($this->oauth_storage));        $this->oauth_request = \OAuth2\Request::createFromGlobals();        $this->oauth_response = new \OAuth2\Response();    }}<?phpnamespace Org\OAuth2;class Resource extends Controller{    protected $tokenData;    public function __construct()    {        parent::__construct();        // Handle a request to a resource and authenticate the access token        if (!$this->oauth_server->verifyResourceRequest(\OAuth2\Request::createFromGlobals())) {            $this->oauth_server->getResponse()->send();            die;        }        $this->tokenData = $this->oauth_server->getResourceController()->getToken();    }}

　　

Test class:

<?phpnamespace Api\Controller;class TestController extends \Org\OAuth2\Resource{    public function __construct()    {        parent::__construct();    }    public function test()    {        echo json_encode(array('success' => true, 'message' => 'You accessed my APIs!'));    }    public function getToken()    {        echo json_encode(['token' => $this->tokenData]);    }}

 

Configuration file:

Require_once (VENDOR_PATH. '/oau2/ Autoloader. php '); oau2\ Autoloader: register (); return array (// 'config maps '=> 'configuration value' AUTOLOAD _ NAMESPACE' => array ('oss _ 2' => VENDOR_PATH. 'oss/'), // list of extended modules 'dsn' => 'mysql: host = localhost; dbname = os22', 'username' => 'root ', 'Password' => '',);