$router->setStrategy(\Orno\Route\RouteStrategyInterface::RESTFUL_STRATEGY);
// Set up the OAuth 2.0 authorization server
$server = new \League\OAuth2\Server\AuthorizationServer();
$server->setSessionStorage(new Storage\SessionStorage());
$server->setAccessTokenStorage(new Storage\AccessTokenStorage());
$server->setRefreshTokenStorage(new Storage\RefreshTokenStorage());
$server->setClientStorage(new Storage\ClientStorage());
$server->setScopeStorage(new Storage\ScopeStorage());
$server->setAuthCodeStorage(new Storage\AuthCodeStorage());
$authCodeGrant = new \League\OAuth2\Server\Grant\AuthCodeGrant();
$server->addGrantType($authCodeGrant);
$refrehTokenGrant = new \League\OAuth2\Server\Grant\RefreshTokenGrant();
$server->addGrantType($refrehTokenGrant);
// Routing setup
$request = (new Request())->createFromGlobals();
$router = new \Orno\Route\RouteCollection();
$router->get('/authorize', function (Request $request) use($server) {
// First ensure the parameters in the query string are correct
try {
$authParams = $server->getGrantType('authorization_code')->checkAuthorizeParams();
} catch (\Exception $e) {
return new Response(json_encode(['error' => $e->errorType, 'message' => $e->getMessage()]), $e->httpStatusCode, $e->getHttpHeaders());
}
// Normally at this point you would show the user a sign-in screen and ask them to authorize the requested scopes
// ...
// ...
// ...
// Create a new authorize request which will respond with a redirect URI that the user will be redirected to
$redirectUri = $server->getGrantType('authorization_code')->newAuthorizeRequest('user', 1, $authParams);
$response = new Response('', 200, ['Location' => $redirectUri]);
return $response;
$passwordGrant->setVerifyCredentialsCallback(function ($username, $password) {
$result = (new Model\Users())->get($username);
if (count($result) !== 1) {
return false;
}
if (password_verify($password, $result[0]['password'])) {
return $username;
}
return false;
});
$server->addGrantType($passwordGrant);
$refrehTokenGrant = new \League\OAuth2\Server\Grant\RefreshTokenGrant();
$server->addGrantType($refrehTokenGrant);
// Routing setup
$request = (new Request())->createFromGlobals();
$router = new \Orno\Route\RouteCollection();
$router->post('/access_token', function (Request $request) use($server) {
try {
$response = $server->issueAccessToken();
return new Response(json_encode($response), 200);
} catch (\Exception $e) {
return new Response(json_encode(['error' => $e->errorType, 'message' => $e->getMessage()]), $e->httpStatusCode, $e->getHttpHeaders());
}
});
$dispatcher = $router->getDispatcher();
try {
// A successful response
$response = $dispatcher->dispatch($request->getMethod(), $request->getPathInfo());
} catch (\Orno\Http\Exception $e) {
// A failed response
$response = $e->getJsonResponse();
use League\OAuth2\Server\ResourceServer;
use Orno\Http\Exception\NotFoundException;
use Orno\Http\Request;
use Orno\Http\Response;
use RelationalExample\Model;
use RelationalExample\Storage;
include __DIR__ . '/vendor/autoload.php';
// Set up the OAuth 2.0 resource server
$sessionStorage = new Storage\SessionStorage();
$accessTokenStorage = new Storage\AccessTokenStorage();
$clientStorage = new Storage\ClientStorage();
$scopeStorage = new Storage\ScopeStorage();
$server = new ResourceServer($sessionStorage, $accessTokenStorage, $clientStorage, $scopeStorage);
// Routing setup
$request = (new Request())->createFromGlobals();
$router = new \Orno\Route\RouteCollection();
// GET /tokeninfo
$router->get('/tokeninfo', function (Request $request) use($server) {
$accessToken = $server->getAccessToken();
$session = $server->getSessionStorage()->getByAccessToken($accessToken);
$token = ['owner_id' => $session->getOwnerId(), 'owner_type' => $session->getOwnerType(), 'access_token' => $accessToken, 'client_id' => $session->getClient()->getId(), 'scopes' => $accessToken->getScopes()];
return new Response(json_encode($token));
});
// GET /users
$router->get('/users', function (Request $request) use($server) {
$results = (new Model\Users())->get();
$users = [];
foreach ($results as $result) {
$user = ['username' => $result['username'], 'name' => $result['name']];
if ($server->getAccessToken()->hasScope('email')) {
$user['email'] = $result['email'];
/**
* ¶ÔÍâapi
*/
public function index()
{
// Routing setup
$request = (new Request())->createFromGlobals();
$router = new \Orno\Route\RouteCollection();
$router->setStrategy(\Orno\Route\RouteStrategyInterface::RESTFUL_STRATEGY);
// Set up the OAuth 2.0 authorization server
$server = new \League\OAuth2\Server\AuthorizationServer();
$server->setSessionStorage(new Storage\SessionStorage());
$server->setAccessTokenStorage(new Storage\AccessTokenStorage());
$server->setRefreshTokenStorage(new Storage\RefreshTokenStorage());
$server->setClientStorage(new Storage\ClientStorage());
$server->setScopeStorage(new Storage\ScopeStorage());
$server->setAuthCodeStorage(new Storage\AuthCodeStorage());
$clientCredentials = new \League\OAuth2\Server\Grant\ClientCredentialsGrant();
$server->addGrantType($clientCredentials);
$passwordGrant = new \League\OAuth2\Server\Grant\PasswordGrant();
$passwordGrant->setVerifyCredentialsCallback(function ($username, $password) {
$result = (new Model\Users())->get($username);
if (count($result) !== 1) {
return false;
}
if (password_verify($password, $result[0]['password'])) {
return $username;
}
return false;
});
$server->addGrantType($passwordGrant);
$refrehTokenGrant = new \League\OAuth2\Server\Grant\RefreshTokenGrant();
$server->addGrantType($refrehTokenGrant);
// Routing setup
$request = (new Request())->createFromGlobals();
$router = new \Orno\Route\RouteCollection();
$router->post('/access_token', function (Request $request) use($server) {
try {
$response = $server->issueAccessToken();
return new Response(json_encode($response), 200);
} catch (\Exception $e) {
return new Response(json_encode(['error' => $e->errorType, 'message' => $e->getMessage()]), $e->httpStatusCode, $e->getHttpHeaders());
}
});
$dispatcher = $router->getDispatcher();
try {
// A successful response
$response = $dispatcher->dispatch($request->getMethod(), $request->getPathInfo());
} catch (\Orno\Http\Exception $e) {
// A failed response
$response = $e->getJsonResponse();
$response->setContent(json_encode(['status_code' => $e->getStatusCode(), 'message' => $e->getMessage()]));
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
$response = new Response(json_encode(['error' => $e->errorType, 'message' => $e->getMessage()]), $e->httpStatusCode);
foreach ($e->getHttpHeaders() as $header) {
$response->headers($header);
}
} catch (\Exception $e) {
$response = new \Orno\Http\Response();
$response->setStatusCode(500);
$response->setContent(json_encode(['status_code' => 500, 'message' => $e->getMessage()]));
} finally {
// Return the response
$response->headers->set('Content-type', 'application/json');
$response->send();
}
}
