longthanhtran / yii2-oauth2-resource-server
OAuth 2.0 Resource Server
Installs: 0
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Type:yii2-extension
pkg:composer/longthanhtran/yii2-oauth2-resource-server
Requires
- php: >= 7.4 | 8.0
- guzzlehttp/guzzle: ^7.3
- league/oauth-server: ^8.3
- yiisoft/yii2: ~2.0.14
Requires (Dev)
- symfony/var-dumper: ^5.3
README
Introduction.
The package is a wrapper with League's OAuth2 Server package to implement
Resource Server function. This take bearer access_token
and validates against
define OAuth2 authz server before accepting the request.
Current support grant to communicate with OAuth2 authz server is
client_credentials
Setup.
Parameters.
- Prepare the pair of
clientId
andclientSecret
inside@app/config/params.php
file. Authorization Server url also has it detail.
...
'resourceServer' => [
'authzServerUrl' => 'your-oauth-authz-server-url',
'publicKey' => 'your-public-key-path'
],
'clientCredentials' => [
'clientId' => 'your-client-id',
'clientSecret' => 'your-client-secret',
]
...
OAuthRequester component
- Inside
@app/config/web.php
, put component definition forOAuthRequest
...
'oauthRequester' => [
'class' => 'longthanhtran\oauth2\filters\OAuthRequester'
]
...
Usage
From your (rest) controller, attach the RequestValidator
in behaviors
function, e.g
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = [
'class' => 'longthanhtran\oauth2\filters\RequestValidator'
];
return $behaviors;
}