This extension provides simple implementation of Oauth 2.0 specification using Yii2 framework.
The preferred way to install this extension is through composer.
To install, either run
$ php composer.phar require conquer/oauth2 "*"
or add
"conquer/oauth2": "*"
to the require section of your composer.json file.
To create database tables run migration command
$ yii migrate --migrationPath=@conquer/oauth2/migrations
OAuth 2.0 Authorization usage
namespace app\controllers;
use app\models\LoginForm;
class AuthController extends \yii\web\Controller
{
public function behaviors()
{
return [
/**
* Checks oauth2 credentions and try to perform OAuth2 authorization on logged user.
* AuthorizeFilter uses session to store incoming oauth2 request, so
* you can do additional steps, such as third party oauth authorization (Facebook, Google ...)
*/
'oauth2Auth' => [
'class' => \conquer\oauth2\AuthorizeFilter::className(),
'only' => ['index'],
],
];
}
public function actions()
{
return [
/**
* Returns an access token.
*/
'token' => [
'class' => \conquer\oauth2\TokenAction::classname(),
],
/**
* OPTIONAL
* Third party oauth providers also can be used.
*/
'back' => [
'class' => \yii\authclient\AuthAction::className(),
'successCallback' => [$this, 'successCallback'],
],
];
}
/**
* Display login form, signup or something else.
* AuthClients such as Google also may be used
*/
public function actionIndex()
{
$model = new LoginForm();
if ($model->load(\Yii::$app->request->post()) && $model->login()) {
if ($this->isOauthRequest) {
$this->finishAuthorization();
} else {
return $this->goBack();
}
} else {
return $this->render('index', [
'model' => $model,
]);
}
}
/**
* OPTIONAL
* Third party oauth callback sample
* @param OAuth2 $client
*/
public function successCallback($client)
{
switch ($client::className()) {
case GoogleOAuth::className():
// Do login with automatic signup
break;
...
default:
break;
}
/**
* If user is logged on, redirects to oauth client with success,
* or redirects error with Access Denied
*/
if ($this->isOauthRequest) {
$this->finishAuthorization();
}
}
}Api controller sample
class ApiController extends \yii\web\Controller
{
public function behaviors()
{
return [
/**
* Performs authorization by token
*/
'tokenAuth' => [
'class' => \conquer\oauth2\TokenAuth::className(),
],
];
}
public function beforeAction($action)
{
$this->enableCsrfValidation = false;
\Yii::$app->response->format = Response::FORMAT_JSON;
return parent::beforeAction($action);
}
/**
* Returns username and email
*/
public function actionIndex()
{
$user = \Yii::$app->user->identity;
return [
'username' => $user->username,
'email' => $user->email,
];
}
}Sample client config
return [
...
'components' => [
'authClientCollection' => [
'class' => 'yii\authclient\Collection',
'clients' => [
'myserver' => [
'class' => 'yii\authclient\OAuth2',
'clientId' => 'unique client_id',
'clientSecret' => 'client_secret',
'tokenUrl' => 'http://myserver.local/auth/token',
'authUrl' => 'http://myserver.local/auth/index',
'apiBaseUrl' => 'http://myserver.local/api',
],
],
],
];conquer/oauth2 is released under the MIT License. See the bundled LICENSE for details.