public function actionAuthorize() { $server = Yii::$app->getModule('oauth2')->getServer(); $request = Yii::$app->getModule('oauth2')->getRequest(); $response = new \OAuth2\Response(); // validate the authorize request if (!$server->validateAuthorizeRequest($request, $response)) { $response->send(); die; } if (Yii::$app->request->isPost) { // print the authorization code if the user has authorized your client $is_authorized = Yii::$app->request->post('authorized') === 'yes'; $server->handleAuthorizeRequest($request, $response, $is_authorized, Yii::$app->user->identity->id); if (Yii::$app->request->get('test')) { // this is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40); exit("Result: Authorized. Authorization Code: {$code}"); } $response->send(); die; } // Get client $client = OauthClients::findOne(['client_id' => Yii::$app->request->get('client_id')]); return $this->render('authorize', ['client' => $client]); }