mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-13 00:38:57 +05:30
65 lines
1.8 KiB
Markdown
Executable File
65 lines
1.8 KiB
Markdown
Executable File
---
|
|
layout: default
|
|
title: Authorization server with resource owner password credentials grant
|
|
permalink: /authorization-server/resource-owner-password-credentials-grant/
|
|
---
|
|
|
|
# Authorization server with resource owner password credentials grant
|
|
|
|
## Setup
|
|
|
|
Wherever you intialise your objects, initialize a new instance of the authorization server and bind the storage interfaces and authorization code grant:
|
|
|
|
~~~ php
|
|
$server = new \League\OAuth2\Server\AuthorizationServer;
|
|
|
|
$server->setSessionStorage(new Storage\SessionStorage);
|
|
$server->setAccessTokenStorage(new Storage\AccessTokenStorage);
|
|
$server->setClientStorage(new Storage\ClientStorage);
|
|
$server->setScopeStorage(new Storage\ScopeStorage);
|
|
|
|
$passwordGrant = new \League\OAuth2\Server\Grant\PasswordGrant();
|
|
$passwordGrant->setVerifyCredentialsCallback(function ($username, $password) {
|
|
// implement logic here to validate a username and password, return an ID if valid, otherwise return false
|
|
});
|
|
|
|
$server->addGrantType($passwordGrant);
|
|
~~~
|
|
|
|
|
|
## Implementation
|
|
|
|
The client will request an access token so create an `/access_token` endpoint.
|
|
|
|
~~~ php
|
|
$router->post('/access_token', function (Request $request) use ($server) {
|
|
|
|
try {
|
|
|
|
$response = $server->issueAccessToken();
|
|
return new Response(
|
|
json_encode($response),
|
|
200,
|
|
[
|
|
'Content-type' => 'application/json',
|
|
'Cache-Control' => 'no-store',
|
|
'Pragma' => 'no-store'
|
|
]
|
|
);
|
|
|
|
} catch (\Exception $e) {
|
|
|
|
return new Response(
|
|
json_encode([
|
|
'error' => $e->errorType,
|
|
'message' => $e->getMessage()
|
|
]),
|
|
$e->httpStatusCode,
|
|
$e->getHttpHeaders()
|
|
);
|
|
|
|
}
|
|
|
|
});
|
|
~~~
|