unify examples

This commit is contained in:
Julián Gutiérrez 2016-02-12 19:06:31 +01:00
parent 655f6b9771
commit 2bd45f2a6b
7 changed files with 169 additions and 121 deletions

View File

@ -16,10 +16,10 @@ Send the following cURL request:
curl -X "POST" "http://localhost:4444/client_credentials.php/access_token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "Accept: 1.0" \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "client_id=myawesomeapp" \
--data-urlencode "scope=basic email" \
--data-urlencode "client_secret=abc123" \
--data-urlencode "grant_type=client_credentials"
--data-urlencode "scope=basic email"
```
## Testing the password grant example
@ -30,12 +30,12 @@ Send the following cURL request:
curl -X "POST" "http://localhost:4444/password.php/access_token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "Accept: 1.0" \
--data-urlencode "grant_type=password" \
--data-urlencode "client_id=myawesomeapp" \
--data-urlencode "scope=basic email" \
--data-urlencode "client_secret=abc123" \
--data-urlencode "username=alex" \
--data-urlencode "password=whisky" \
--data-urlencode "client_secret=abc123" \
--data-urlencode "grant_type=password"
--data-urlencode "scope=basic email"
```
## Testing the refresh token grant example
@ -51,4 +51,3 @@ curl -X "POST" "http://localhost:4444/refresh_token.php/access_token" \
--data-urlencode "client_secret=abc123" \
--data-urlencode "refresh_token={{REFRESH_TOKEN}}"
```

View File

@ -3,31 +3,31 @@
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\AuthCodeGrant;
use League\OAuth2\Server\Server;
use OAuth2ServerExamples\Repositories\AccessTokenRepository;
use OAuth2ServerExamples\Repositories\AuthCodeRepository;
use OAuth2ServerExamples\Repositories\ClientRepository;
use OAuth2ServerExamples\Repositories\RefreshTokenRepository;
use OAuth2ServerExamples\Repositories\ScopeRepository;
use OAuth2ServerExamples\Repositories\UserRepository;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Slim\App;
use Slim\Http\Request;
use Slim\Http\Response;
use Zend\Diactoros\Stream;
include(__DIR__ . '/../vendor/autoload.php');
// App
$app = new App([
'settings' => [
'displayErrorDetails' => true,
],
Server::class => function () {
// Init our repositories
$clientRepository = new ClientRepository();
$scopeRepository = new ScopeRepository();
$accessTokenRepository = new AccessTokenRepository();
$userRepository = new UserRepository();
$refreshTokenRepository = new RefreshTokenRepository();
$authCodeRepository = new AuthCodeRepository();
$refreshTokenRepository = new RefreshTokenRepository();
$userRepository = new UserRepository();
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
@ -41,7 +41,7 @@ $app = new App([
$publicKeyPath
);
// Enable the password grant on the server with a token TTL of 1 hour
// Enable the authentication code grant on the server with a token TTL of 1 hour
$server->enableGrantType(
new AuthCodeGrant(
$authCodeRepository,
@ -56,27 +56,19 @@ $app = new App([
},
]);
$app->any('/authorize', function (Request $request, Response $response) {
/** @var Server $server */
$server = $this->get(Server::class);
try {
return $server->respondToRequest($request, $response);
} catch (OAuthServerException $e) {
return $e->generateHttpResponse($response);
} catch (\Exception $e) {
return $response->withStatus(500)->write($e->getMessage());
}
});
$app->post('/access_token', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
/* @var \League\OAuth2\Server\Server $server */
$server = $app->getContainer()->get(Server::class);
$app->post('/access_token', function (Request $request, Response $response) {
/** @var Server $server */
$server = $this->get(Server::class);
try {
return $server->respondToRequest($request, $response);
} catch (OAuthServerException $e) {
return $e->generateHttpResponse($response);
} catch (\Exception $e) {
return $response->withStatus(500)->write($e->getMessage());
} catch (OAuthServerException $exception) {
return $exception->generateHttpResponse($response);
} catch (\Exception $exception) {
$body = new Stream('php://temp', 'r+');
$body->write($exception->getMessage());
return $response->withStatus(500)->withBody($body);
}
});

View File

@ -3,25 +3,25 @@
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\ClientCredentialsGrant;
use League\OAuth2\Server\Server;
use OAuth2ServerExamples\Repositories\AccessTokenRepository;
use OAuth2ServerExamples\Repositories\ClientRepository;
use OAuth2ServerExamples\Repositories\ScopeRepository;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Slim\App;
use Slim\Http\Request;
use Slim\Http\Response;
use Zend\Diactoros\Stream;
include(__DIR__ . '/../vendor/autoload.php');
// App
$app = new App([
'settings' => [
'displayErrorDetails' => true,
],
Server::class => function () {
// Init our repositories
$clientRepository = new ClientRepository();
$scopeRepository = new ScopeRepository();
$accessTokenRepository = new AccessTokenRepository();
$scopeRepository = new ScopeRepository();
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
@ -36,21 +36,28 @@ $app = new App([
);
// Enable the client credentials grant on the server with a token TTL of 1 hour
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1H'));
$server->enableGrantType(
new ClientCredentialsGrant(),
new \DateInterval('PT1H')
);
return $server;
}
]);
$app->post('/access_token', function (Request $request, Response $response) {
/** @var Server $server */
$server = $this->get(Server::class);
$app->post('/access_token', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
/* @var \League\OAuth2\Server\Server $server */
$server = $app->getContainer()->get(Server::class);
try {
return $server->respondToRequest($request, $response);
} catch (OAuthServerException $e) {
return $e->generateHttpResponse($response);
} catch (\Exception $e) {
return $response->withStatus(500)->write($e->getMessage());
} catch (OAuthServerException $exception) {
return $exception->generateHttpResponse($response);
} catch (\Exception $exception) {
$body = new Stream('php://temp', 'r+');
$body->write($exception->getMessage());
return $response->withStatus(500)->withBody($body);
}
});

View File

@ -1,33 +1,35 @@
<?php
use League\OAuth2\Server\Grant\PasswordGrant;
use League\OAuth2\Server\Grant\AuthCodeGrant;
use League\OAuth2\Server\Grant\RefreshTokenGrant;
use League\OAuth2\Server\Middleware\AuthenticationServerMiddleware;
use League\OAuth2\Server\Middleware\ResourceServerMiddleware;
use League\OAuth2\Server\Server;
use OAuth2ServerExamples\Repositories\AccessTokenRepository;
use OAuth2ServerExamples\Repositories\AuthCodeRepository;
use OAuth2ServerExamples\Repositories\ClientRepository;
use OAuth2ServerExamples\Repositories\RefreshTokenRepository;
use OAuth2ServerExamples\Repositories\ScopeRepository;
use OAuth2ServerExamples\Repositories\UserRepository;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Slim\App;
use Zend\Diactoros\Stream;
include(__DIR__ . '/../vendor/autoload.php');
// App
$app = new App([
'settings' => [
'displayErrorDetails' => true,
],
Server::class => function () {
// Init our repositories
$clientRepository = new ClientRepository();
$accessTokenRepository = new AccessTokenRepository();
$scopeRepository = new ScopeRepository();
$userRepository = new UserRepository();
$authCodeRepository = new AuthCodeRepository();
$refreshTokenRepository = new RefreshTokenRepository();
$userRepository = new UserRepository();
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
@ -41,21 +43,53 @@ $app = new App([
$publicKeyPath
);
// Enable the grants
// Enable the authentication code grant on the server with a token TTL of 1 hour
$server->enableGrantType(
new PasswordGrant($userRepository, $refreshTokenRepository),
new AuthCodeGrant(
$authCodeRepository,
$refreshTokenRepository,
$userRepository,
new \DateInterval('PT10M')
),
new \DateInterval('PT1H')
);
// Enable the refresh token grant on the server with a token TTL of 1 month
$server->enableGrantType(
new RefreshTokenGrant($refreshTokenRepository),
new \DateInterval('PT1H')
new \DateInterval('PT1M')
);
return $server;
}
]);
// Access token issuer
$app->post('/access_token', function () {
})->add(new AuthenticationServerMiddleware($app->getContainer()->get(Server::class)));
// Secured API
$app->group('/api', function() {
$this->get('/user', function (ServerRequestInterface $request, ResponseInterface $response) {
$params = [];
if (in_array('basic', $request->getAttribute('oauth_scopes', []))) {
$params = [
'id' => 1,
'name' => 'Alex',
'city' => 'London'
];
}
if (in_array('email', $request->getAttribute('oauth_scopes', []))) {
$params['email'] = 'alex@example.com';
}
$body = new Stream('php://temp', 'r+');
$body->write(json_encode($params));
return $response->withBody($body);
});
})->add(new ResourceServerMiddleware($app->getContainer()->get(Server::class)));
$app->run();

View File

@ -3,27 +3,27 @@
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\PasswordGrant;
use League\OAuth2\Server\Server;
use OAuth2ServerExamples\Repositories\AccessTokenRepository;
use OAuth2ServerExamples\Repositories\ClientRepository;
use OAuth2ServerExamples\Repositories\RefreshTokenRepository;
use OAuth2ServerExamples\Repositories\ScopeRepository;
use OAuth2ServerExamples\Repositories\UserRepository;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Slim\App;
use Slim\Http\Request;
use Slim\Http\Response;
use Zend\Diactoros\Stream;
include(__DIR__ . '/../vendor/autoload.php');
// App
$app = new App([
'settings' => [
'displayErrorDetails' => true,
],
Server::class => function () {
// Init our repositories
$clientRepository = new ClientRepository();
$scopeRepository = new ScopeRepository();
$accessTokenRepository = new AccessTokenRepository();
$scopeRepository = new ScopeRepository();
$userRepository = new UserRepository();
$refreshTokenRepository = new RefreshTokenRepository();
@ -49,15 +49,19 @@ $app = new App([
}
]);
$app->post('/access_token', function (Request $request, Response $response) {
/** @var Server $server */
$server = $this->get(Server::class);
$app->post('/access_token', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
/* @var \League\OAuth2\Server\Server $server */
$server = $app->getContainer()->get(Server::class);
try {
return $server->respondToRequest($request, $response);
} catch (OAuthServerException $e) {
return $e->generateHttpResponse($response);
} catch (\Exception $e) {
return $response->withStatus(500)->write($e->getMessage());
} catch (OAuthServerException $exception) {
return $exception->generateHttpResponse($response);
} catch (\Exception $exception) {
$body = new Stream('php://temp', 'r+');
$body->write($exception->getMessage());
return $response->withStatus(500)->withBody($body);
}
});

View File

@ -3,57 +3,63 @@
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\RefreshTokenGrant;
use League\OAuth2\Server\Server;
use OAuth2ServerExamples\Repositories\AccessTokenRepository;
use OAuth2ServerExamples\Repositories\ClientRepository;
use OAuth2ServerExamples\Repositories\RefreshTokenRepository;
use OAuth2ServerExamples\Repositories\ScopeRepository;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Slim\App;
use Slim\Http\Request;
use Slim\Http\Response;
use Zend\Diactoros\Stream;
include(__DIR__ . '/../vendor/autoload.php');
$app = new App([
'settings' => [
'displayErrorDetails' => true,
],
Server::class => function () {
// Init our repositories
$clientRepository = new ClientRepository();
$accessTokenRepository = new AccessTokenRepository();
$scopeRepository = new ScopeRepository();
$refreshTokenRepository = new RefreshTokenRepository();
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
// App
$app = new App([Server::class => function () {
// Init our repositories
$clientRepository = new ClientRepository();
$scopeRepository = new ScopeRepository();
$accessTokenRepository = new AccessTokenRepository();
$refreshTokenRepository = new RefreshTokenRepository();
// Setup the authorization server
$server = new Server(
$clientRepository,
$accessTokenRepository,
$scopeRepository,
$privateKeyPath,
$publicKeyPath
);
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
// Enable the refresh token grant on the server with a token TTL of 1 hour
$server->enableGrantType(
new RefreshTokenGrant($refreshTokenRepository),
new \DateInterval('PT1H')
);
// Setup the authorization server
$server = new Server(
$clientRepository,
$accessTokenRepository,
$scopeRepository,
$privateKeyPath,
$publicKeyPath
);
return $server;
}
]);
// Enable the refresh token grant on the server
$server->enableGrantType(new RefreshTokenGrant($refreshTokenRepository), new \DateInterval('PT1H'));
$app->post('/access_token', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
/* @var \League\OAuth2\Server\Server $server */
$server = $app->getContainer()->get(Server::class);
return $server;
}]);
$app->post('/access_token', function (Request $request, Response $response) {
/** @var Server $server */
$server = $this->get(Server::class);
try {
return $server->respondToRequest($request, $response);
} catch (OAuthServerException $e) {
return $e->generateHttpResponse($response);
} catch (\Exception $e) {
return $response->withStatus(500)->write(
sprintf('<h1>%s</h1><p>%s</p>', get_class($e), $e->getMessage())
);
} catch (OAuthServerException $exception) {
return $exception->generateHttpResponse($response);
} catch (\Exception $exception) {
$body = new Stream('php://temp', 'r+');
$body->write($exception->getMessage());
return $response->withStatus(500)->withBody($body);
}
});

View File

@ -1,48 +1,54 @@
<?php
use League\OAuth2\Server\Middleware\ResourceServerMiddleware;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Server;
use OAuth2ServerExamples\Repositories\AccessTokenRepository;
use OAuth2ServerExamples\Repositories\ClientRepository;
use OAuth2ServerExamples\Repositories\ScopeRepository;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Slim\App;
use Slim\Http\Request;
use Slim\Http\Response;
use Zend\Diactoros\Stream;
include(__DIR__ . '/../vendor/autoload.php');
// App
$app = new App([
'settings' => [
'displayErrorDetails' => true,
],
Server::class => function () {
// Init our repositories
$clientRepository = new ClientRepository();
$scopeRepository = new ScopeRepository();
$accessTokenRepository = new AccessTokenRepository();
$scopeRepository = new ScopeRepository();
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
// Setup the authorization server
$server = new Server(
return new Server(
$clientRepository,
$accessTokenRepository,
$scopeRepository,
$privateKeyPath,
$publicKeyPath
);
return $server;
}
]);
$app->add(new ResourceServerMiddleware($app->getContainer()->get(Server::class)));
$app->post('/api/example', function (Request $request, Response $response) {
$app->get('/user', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
$server = $app->getContainer()->get(Server::class);
$body = new Stream('php://temp', 'r+');
try {
$request = $server->validateRequest($request);
} catch (OAuthServerException $exception) {
return $exception->generateHttpResponse($response);
} catch (\Exception $exception) {
$body->write($exception->getMessage());
return $response->withStatus(500)->withBody($body);
}
$params = [];
@ -58,9 +64,9 @@ $app->post('/api/example', function (Request $request, Response $response) {
$params['email'] = 'alex@example.com';
}
$response->getBody()->write(json_encode($params));
$body->write(json_encode($params));
return $response;
return $response->withBody($body);
});
$app->run();