plhw / hf-api-client
PLHW API Client provides means to authenticate clients against with OAuth2 server and issue authorized requests to our api endpoints
Requires
- php: ^7.4 | ^8.0
- beberlei/assert: ^3.3
- fig/http-message-util: ^1.1
- laminas/laminas-cache: ^3.0
- laminas/laminas-cache-storage-adapter-filesystem: ^2.0
- laminas/laminas-http: ^2.14
- laminas/laminas-serializer: ^2.10
- league/oauth2-client: ^2.6
- ocramius/package-versions: ^2.1
- ramsey/uuid: ^4.1
- symfony/var-dumper: ^5.3
Requires (Dev)
- plhw/hf-cs-fixer-config: ^2.0
- roave/security-advisories: dev-master
- dev-main
- 3.0.0
- 2.4.0
- 2.3.1
- 2.3.0
- 2.2.0
- 2.1.0
- 2.0.1
- 2.0.0
- 1.0.1
- 1.0.0
- 1.0.0-beta11
- 1.0.0-beta10
- 1.0.0-beta9
- 1.0.0-beta8
- 1.0.0-beta7
- 1.0.0-beta6
- 1.0.0-beta5
- 1.0.0-beta4
- 1.0.0-beta3
- 1.0.0-beta2
- 1.0.0-beta1
- 0.2.3
- 0.2.2
- 0.2.1
- 0.2.0
- 0.1.0
- dev-renovate/major-symfony
- dev-renovate/lint-staged-15.x
- dev-develop
This package is auto-updated.
Last update: 2024-10-29 13:25:47 UTC
README
PLHW API Client provides means to authenticate clients against our OAuth2 server and issue authorized requests to our api endpoints.
Installation
composer require plhw/hf-api-client
Example API calls
Once you have succesfully installed the application, some example scripts are located at. To use them first copy an configuration file to your app root.
cp ./vendor/plhw/hf-api-client/example/.hf-api-client-secrets.php.dist ./.hf-api-client-secrets.php
Open .hf-api-client-secrets.php
and configure it with credentials you got from us.
Finally the example scripts are configured to use data/cache
as directory for its cached accss tokens. This directory must exist (only for the examples).
Now you can run the example scripts;
php ./vendor/plhw/hf-api-client/example/practicesPos.php
Usage
To implement usage in your application you can have a look at the example scripts.
$options = \HF\ApiClient\Options\Options::fromArray( [ 'server_uri' => 'https://api.plhw.nl', 'client_id' => 'id', 'client_secret' => 'secret', 'scope' => 'customer_pos', 'grant_type' => 'client_credentials', ] ); $api = \HF\ApiClient\ApiClient::createClient($options, /* $cache OPTIONAL */);
The above is all that is nessesary to configure, though I recommend you tweak the caching meganism. Currently we use the zendframework/zend-cache component. This might change when v3 is released to use the psr-7 caching FIG standard.
When you have ApiClient
instance you can use it by calling methods as defined in /vendor/plhw/hf-api-client/data/v1
on it. Additionally API documentation can be found here.
for example, search the published practices around a coordinate.
$results = $api->customer_posAroundCoordinate('52.3629882,4.8593175', 15000, 'insoles'); if ($api->isSuccess()) { foreach ($results['data'] as $result) { printf("Practice %s on %skm\n", $result['attributes']['name'], round(($result['attributes']['distance'] / 100)) / 10); printf(" - sells %s\n", implode(', ', $result['attributes']['products'])); } } else { printf("Error (%d): %s\n", $api->getStatusCode(), $result); }
Under the hood
When you call any method on the APIClient instance an access token is requested from our OAuth2 server. This access token is then cached for aditional uses up to the moment it expires or is deleted. It will then get a new access token.
Any calls to our API are now signed
with that access token and is used by our permission system to determain if you have access or not.
Our API will accept and return json payload with are automaticly (de)encoded.
OAuth2 ClientCredentialsGrant
For machine to machine communication OAuth2 ClientCredentialGrant is appropiate. You must obtain the following information from us.
- client ID
- client secret
- scope
Your client side application should communicate via a proxy to our server.
[webbrowser] <----- internet -----> [application] <----- internet -----> [api.plhw.nl]
1. request data -> request -> do we have valid access token?
2. NO, get access token -> request -> id,secret,scope
3. validate request
4. store token in cache <- response <- access token
5. YES, request & token. -> request -> validate token
6. data <- response <- data
7. data <- response <- data
Run all examples in the 'commerce' domain:
find ./example/commerce/ -maxdepth 1 -type f -exec {} \;
Upgrading
v2 has been rewritten for php 8+. Principals are the same but there are a few minor changes that will break your application.
Please see our examples to see how you interact with the api.