chadicus / slim-oauth2-middleware
OAuth2 middleware for use within a Slim Framework API
Installs: 350 098
Dependents: 1
Suggesters: 5
Security: 0
Stars: 47
Watchers: 6
Forks: 17
Open Issues: 1
Requires
- php: ^5.6 || ^7.0 || ^8.0
- bshaffer/oauth2-server-php: ^1.9
- chadicus/psr-middleware: ^1.1
- chadicus/slim-oauth2-http: ^3.2
- container-interop/container-interop: ^1.1
- psr/http-message: ^1.0
Requires (Dev)
- laminas/laminas-diactoros: ^1.8 || ^2.0
- php-di/php-di: ^5.4
- phpunit/phpunit: ^5.7 || ^6.5 || ^9.6 || ^10.1
- squizlabs/php_codesniffer: ^3.7
Suggests
- chadicus/slim-oauth2-routes: Offers standard OAuth2 routes for slim applications
README
Middleware for using OAuth2 Server within a Slim 3 Framework API
Requirements
Chadicus\Slim\OAuth2\Middleware requires PHP 5.6 (or later).
Composer
To add the library as a local, per-project dependency use Composer! Simply add a dependency on
chadicus/slim-oauth2-middleware
to your project's composer.json
file such as:
composer require chadicus/slim-oauth2-middleware
Contact
Developers may be contacted at:
Project Build
With a checkout of the code get Composer in your PATH and run:
composer install ./vendor/bin/phpunit ./vendor/bin/phpcs
Community
Example Usage
Simple example for using the authorization middleware.
use Chadicus\Slim\OAuth2\Middleware; use OAuth2; use OAuth2\Storage; use OAuth2\GrantType; use Slim; //set up storage for oauth2 server $storage = new Storage\Memory( [ 'client_credentials' => [ 'administrator' => [ 'client_id' => 'administrator', 'client_secret' => 'password', 'scope' => 'superUser', ], 'foo-client' => [ 'client_id' => 'foo-client', 'client_secret' => 'p4ssw0rd', 'scope' => 'basicUser canViewFoos', ], 'bar-client' => [ 'client_id' => 'foo-client', 'client_secret' => '!password1', 'scope' => 'basicUser', ], ], ] ); // create the oauth2 server $server = new OAuth2\Server( $storage, [ 'access_lifetime' => 3600, ], [ new GrantType\ClientCredentials($storage), ] ); //create the basic app $app = new Slim\App(); // create the authorization middlware $authMiddleware = new Middleware\Authorization($server, $app->getContainer()); //Assumes token endpoints available for creating access tokens $app->get('foos', function ($request, $response, $args) { //return all foos, no scope required })->add($authMiddleware); $getRouteCallback = function ($request, $response, $id) { //return details for a foo, requires superUser scope OR basicUser with canViewFoos scope }; $app->get('foos/id', $getRouteCallback)->add($authMiddleware->withRequiredScope(['superUser', ['basicUser', 'canViewFoos']])); $postRouteCallback = function ($request, $response, $args) { //Create a new foo, requires superUser scope }; $app->post('foos', $postRouteCallback)->add($authMiddleware->withRequiredScope(['superUser'])); $app->run();