routes to get the token about codeigniter-oauth2-server HOT 6 CLOSED

1. Password Credentials grant type usage example code here: https://github.com/grasses/codeigniter-oauth2-server/blob/master/application/controllers/Oauth2/PasswordCredentials.php

2. This is oauth server, you just need to add some code in class construct:

function __construct(){
    @session_start();
    parent::__construct();
    $this->load->library("Server", "server");
    $this->server->password_credentials();	//credentials check here
}

3. You need an oauth client, just like: http://bshaffer.github.io/oauth2-server-php-docs/overview/grant-types/, using curl command or other services requesting oauth server.

3.1 Get access token:

curl -u testclient:testpass "http://oauth-server.example.com/oauth2/PasswordCredentials" -d 'grant_type=password&username=someuser&password=somepassword'
{"access_token":"206c80413b9a96c1312cc346b7d2517b84463edd","expires_in":3600,"token_type":"bearer","scope":null}

Now you get access_token = 206c80413b9a96c1312cc346b7d2517b84463edd

3.2 Using access token, to access oauth srever api:

curl "http://oauth-server.example.com/oauth2/resource" -d "access_token=206c80413b9a96c1312cc346b7d2517b84463edd"
{"success":true,"message":"You accessed my APIs!"}

My testing example: https://oauth2.homeway.me/oauth/test

from codeigniter-oauth2-server.

I just run: curl "https://oauth2.homeway.me/oauth/resource" -d "access_token=e96758df45dbf1c6268573ef28b974f7ce12db9d"
and return the right response; error access_token or scope will return http code 401 Unauthorized.

For null array: the return is defined by yourself, see my test code: https://github.com/grasses/codeigniter-oauth2-server/blob/master/application/controllers/Oauth2/Resource.php

By the way, you just need to send access_token to access resource api, because mysql has defined scope in table oauth2.oauth_access_tokens.

from codeigniter-oauth2-server.

Hello,

Thanks for your reply. It makes sense now. I'm successfully able to get the token. However, I'm not able to access the resource using that token.

When I'm trying to access the resource, it returns me an empty array.

The route is correct by the way.

I figure out that it is because of this line from Oauth2/Resoource.php:

$this->server->require_scope("userinfo cloud file node");

If I comment out that line, I'm successfully getting this response:

{"success":true,"message":"You accessed my APIs!"}

But in this case, it doesn't validate the access token. Even I remove access token or send an invalid access token, it still gives me the same response.

Thanks

from codeigniter-oauth2-server.

You need to know oauth scope at first: https://www.oauth.com/oauth2-servers/scope/

As OAuth2.0 protocol saying: Scope is a way to limit an app’s access to a user’s data. Rather than granting complete access to a user’s account.

1. When third party developer registes app in oauth server, oauth server platform need to give third party app a privilege scope, which includes in mysql table: oauth2.oauth_clients.

2. Every time, third party app gets access_token, oauth server need to check grant_types, username, password, scope, then after third party app has an access_token, oauth server will check access_token. In mysql table oauth2.oauth_access_tokens, you can see access_token with it`s scope.

As mentioned above, $this->server->require_scope("userinfo cloud file node"); is the checking code, "userinfo cloud file node" is the scope, you can get it from database or others, I just write in code for simplicity.

For source code, you can see: https://github.com/grasses/codeigniter-oauth2-server/blob/master/application/libraries/Server.php, I just call it from Oauth server library.

from codeigniter-oauth2-server.

But it still gives me null array even if I pass the scope in request

Here is how I'm trying to access the resource using Postman:

POST http://localhost/codeigniter-oauth2-server/resource

access_token   58781e25bd7648f4ae0c60372e81411a8ae848cf
scope          userinfo

Is it compulsory to pass the scope in the request? If yes then how the following request works(From Access Token get Resource) where you are just passing access token without scope:

https://oauth2.homeway.me/oauth/test

Thanks

from codeigniter-oauth2-server.

It is working now.

Thanks a lot for your support.

from codeigniter-oauth2-server.