Skip to content

alnutile/oauth_how_to

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

.idea

.idea

 
 

app

app

 
 

bootstrap

bootstrap

 
 

config

config

 
 

database

database

 
 

public

public

 
 

resources

resources

 
 

storage

storage

 
 

tests

tests

 
 

.env.example

.env.example

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

artisan

artisan

 
 

composer.json

composer.json

 
 

composer.lock

composer.lock

 
 

gulpfile.js

gulpfile.js

 
 

oauth_try_2.json.postman_collection

oauth_try_2.json.postman_collection

 
 

package.json

package.json

 
 

phpspec.yml

phpspec.yml

 
 

phpunit.xml

phpunit.xml

 
 

readme.md

readme.md

 
 

server.php

server.php

 
 

Repository files navigation

Laravel 5.1 and Oauth2 Server

Video coming soon...

Example repo is here https://github.com/alnutile/oauth_how_to

The library we will use is

https://github.com/lucadegasperi/oauth2-server-laravel

This will setup a server both client_type and password_type for Grant Types.

Coming to Terms with Oauth

Coming to terms with this stuff is long and tedious. The docs are here https://github.com/lucadegasperi/oauth2-server-laravel/wiki will help and then these lead to the League docs as well http://oauth2.thephpleague.com/

There is also a podcast interview with the Alex Bilbie who made the League Oauth Library http://fullstackradio.com/episodes/4/

What I will cover is mainly the instalation going beyond the docs above into the details of getting this thing going. I will also provide a "play" repo for you to review.

Base Laravel Install

Install laravel as normal, install the library as normal. You will see some extra stuff I have in the repo for helping out as well (this will be seen in the video too)

app/OauthTools

Some commands to use artisan to make users, tokens etc.

So in the end my app/Console/Kernel.php looked like https://github.com/alnutile/oauth_how_to/blob/master/app/Console/Kernel.php

So I could easily do

php artisan oauth-tools:adduser admin@foo.com

or

php artisan oauth-tools:generate-token 33591b34-03c2-4ece-a763-d531aee0298a admin@foo.com client

Also note composer.json I use a uuid library to help with these commands etc.

Finally to have all of this work out of the box with the Postman file I shared run it this way for now

cd public
php -S localhost:8181

The database for this example is sqlite so

touch storage/database.sqlite
php artisan migrate:refresh --seed

And you should now have a db and migrations

Since it is sqlite just rm the file and touch it again to re-migrate and save your self the headache of DBAL driver etc since this just just a quick working demo.

Setup your oauth config

config/oauth2.php file as seen here BUT only if you want these. And my access_token_ttl is way too big so see the defaults in the docs. Also note it points to OauthPasswordVerifier which the docs talk about as well.

Route

As noted you add the code to your route

Route::post('oauth/access_token', function() {
    return Response::json(Authorizer::issueAccessToken());
});


Route::get('test', ['middleware' => 'oauth', function() {
    return Response::json("Welcome");
}]);

Later on you will see this instead

Route::post('oauth/access_token', function() {
    return Response::json(Authorizer::issueAccessToken());
});


Route::get('test', ['middleware' => 'oauthOrAuth', function() {
    return Response::json("Welcome");
}]);

With the oauthOrAuth I will explain that in the video as well. But basically and api endpoint can be used by a local session based user and a remote application using oauth. It is just how our APIs go.

So this lets that work just fine.

Postman

Just to show it all working you will see in the video me using postman. You will see that in the repo here

Now What

Between the links above and Postman you have a working

About

Again Oauth

Resources

Readme
Activity

Stars

3 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages