Comments (6)
-
Password Credentials grant type
usage example code here: https://github.com/grasses/codeigniter-oauth2-server/blob/master/application/controllers/Oauth2/PasswordCredentials.php -
This is oauth server, you just need to add some code in class construct:
function __construct(){
@session_start();
parent::__construct();
$this->load->library("Server", "server");
$this->server->password_credentials(); //credentials check here
}
- You need an oauth client, just like: http://bshaffer.github.io/oauth2-server-php-docs/overview/grant-types/, using curl command or other services requesting oauth server.
3.1 Get access token:
curl -u testclient:testpass "http://oauth-server.example.com/oauth2/PasswordCredentials" -d 'grant_type=password&username=someuser&password=somepassword'
{"access_token":"206c80413b9a96c1312cc346b7d2517b84463edd","expires_in":3600,"token_type":"bearer","scope":null}
Now you get access_token = 206c80413b9a96c1312cc346b7d2517b84463edd
3.2 Using access token, to access oauth srever api:
curl "http://oauth-server.example.com/oauth2/resource" -d "access_token=206c80413b9a96c1312cc346b7d2517b84463edd"
{"success":true,"message":"You accessed my APIs!"}
My testing example: https://oauth2.homeway.me/oauth/test
from codeigniter-oauth2-server.
I just run: curl "https://oauth2.homeway.me/oauth/resource" -d "access_token=e96758df45dbf1c6268573ef28b974f7ce12db9d"
and return the right response; error access_token or scope will return http code 401 Unauthorized.
For null array: the return is defined by yourself, see my test code: https://github.com/grasses/codeigniter-oauth2-server/blob/master/application/controllers/Oauth2/Resource.php
By the way, you just need to send access_token to access resource api, because mysql has defined scope in table oauth2.oauth_access_tokens
.
from codeigniter-oauth2-server.
Hello,
Thanks for your reply. It makes sense now. I'm successfully able to get the token. However, I'm not able to access the resource using that token.
When I'm trying to access the resource, it returns me an empty array.
The route is correct by the way.
I figure out that it is because of this line from Oauth2/Resoource.php:
$this->server->require_scope("userinfo cloud file node");
If I comment out that line, I'm successfully getting this response:
{"success":true,"message":"You accessed my APIs!"}
But in this case, it doesn't validate the access token. Even I remove access token or send an invalid access token, it still gives me the same response.
Thanks
from codeigniter-oauth2-server.
You need to know oauth scope
at first: https://www.oauth.com/oauth2-servers/scope/
As OAuth2.0 protocol saying: Scope is a way to limit an app’s access to a user’s data. Rather than granting complete access to a user’s account.
-
When third party developer registes app in oauth server, oauth server platform need to give third party app a privilege scope, which includes in mysql table:
oauth2
.oauth_clients
. -
Every time, third party app gets access_token, oauth server need to check grant_types, username, password, scope, then after third party app has an access_token, oauth server will check access_token. In mysql table
oauth2
.oauth_access_tokens
, you can see access_token with it`s scope.
As mentioned above, $this->server->require_scope("userinfo cloud file node");
is the checking code, "userinfo cloud file node" is the scope, you can get it from database or others, I just write in code for simplicity.
For source code, you can see: https://github.com/grasses/codeigniter-oauth2-server/blob/master/application/libraries/Server.php, I just call it from Oauth server library.
from codeigniter-oauth2-server.
But it still gives me null array even if I pass the scope in request
Here is how I'm trying to access the resource using Postman:
POST http://localhost/codeigniter-oauth2-server/resource
access_token 58781e25bd7648f4ae0c60372e81411a8ae848cf
scope userinfo
Is it compulsory to pass the scope in the request? If yes then how the following request works(From Access Token get Resource) where you are just passing access token without scope:
https://oauth2.homeway.me/oauth/test
Thanks
from codeigniter-oauth2-server.
It is working now.
Thanks a lot for your support.
from codeigniter-oauth2-server.
Related Issues (10)
- How to get user info after authorization success HOT 1
- Avoiding client id and client secret in password grant type
- Severity: Warning label:bug
- how to use this library for REST API HOT 2
- How to replace the PDO way storage with Codeigniter's model way?
- having trouble dealing with scopes HOT 1
- Multiple database connection HOT 2
- Automatic Deletion of authorization code
- Request and Response in XML format HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from codeigniter-oauth2-server.