Yii2 OAuth 2.0 Server
Description
This extension provides simple implementation of Oauth 2.0 specification using Yii2 framework.
Installation
The preferred way to install this extension is through composer.
To install, either run
$ php composer.phar require conquer/oauth2 "*"
or add
"conquer/oauth2": "*"
to the require
section of your composer.json
file.
To create database tables run migration command
$ yii migrate --migrationPath=@conquer/oauth2/migrations
Usage
OAuth 2.0 Authorization usage
namespace app\controllers;
use app\models\LoginForm;
class AuthController extends \yii\web\Controller
{
public function behaviors()
{
return [
/**
* Checks oauth2 credentions and try to perform OAuth2 authorization on logged user.
* AuthorizeFilter uses session to store incoming oauth2 request, so
* you can do additional steps, such as third party oauth authorization (Facebook, Google ...)
*/
'oauth2Auth' => [
'class' => \conquer\oauth2\AuthorizeFilter::className(),
'only' => ['index'],
],
];
}
public function actions()
{
return [
/**
* Returns an access token.
*/
'token' => [
'class' => \conquer\oauth2\TokenAction::classname(),
],
/**
* OPTIONAL
* Third party oauth providers also can be used.
*/
'back' => [
'class' => \yii\authclient\AuthAction::className(),
'successCallback' => [$this, 'successCallback'],
],
];
}
/**
* Display login form, signup or something else.
* AuthClients such as Google also may be used
*/
public function actionIndex()
{
$model = new LoginForm();
if ($model->load(\Yii::$app->request->post()) && $model->login()) {
return $this->goBack();
} else {
return $this->render('index', [
'model' => $model,
]);
}
}
/**
* OPTIONAL
* Third party oauth callback sample
* @param OAuth2 $client
*/
public function successCallback($client)
{
switch ($client::className()) {
case GoogleOAuth::className():
// Do login with automatic signup
break;
...
default:
break;
}
/**
* If user is logged on, redirects to oauth client with success,
* or redirects error with Access Denied
*/
$this->finishAuthorization();
}
}
Api controller sample
class ApiController extends \yii\web\Controller
{
public function behaviors()
{
return [
/**
* Performs authorization by token
*/
'tokenAuth' => [
'class' => \conquer\oauth2\TokenAuth::className(),
],
];
}
public function beforeAction($action)
{
$this->enableCsrfValidation = false;
\Yii::$app->response->format = Response::FORMAT_JSON;
return parent::beforeAction($action);
}
/**
* Returns username and email
*/
public function actionIndex()
{
$user = \Yii::$app->user->identity;
return [
'username' => $user->username,
'email' => $user->email,
];
}
}
Sample client config
return [
...
'components' => [
'authClientCollection' => [
'class' => 'yii\authclient\Collection',
'clients' => [
'myserver' => [
'class' => 'yii\authclient\OAuth2',
'clientId' => 'unique client_id',
'clientSecret' => 'client_secret',
'tokenUrl' => 'http://myserver.local/auth/token',
'authUrl' => 'http://myserver.local/auth/index',
'apiBaseUrl' => 'http://myserver.local/api',
],
],
],
];
License
conquer/oauth2 is released under the MIT License. See the bundled LICENSE
for details.