OAuth2 builds a simple case based on TP
Reading instructions: Understanding OAuth2
OAuth is about authorization ( authorization) The open network standard is widely used around the world. The current version is version 2.0. Try to set up the environment today. This is only for learning records;
Reference source:
http://oauth.net/2/
http://bshaffer.github.io/oauth2- server-php-docs/cookbook/
Data table preparation:
--
-- 表的结构 `oauth_access_tokens`
--
CREATE TABLE IF NOT EXISTS `oauth_access_tokens` (
`access_token` text,
`client_id` text,
`user_id` text,
`expires` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`scope` text
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- 表的结构 `oauth_authorization_codes`
--
CREATE TABLE IF NOT EXISTS `oauth_authorization_codes` (
`authorization_code` text,
`client_id` text,
`user_id` text,
`redirect_uri` text,
`expires` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`scope` text,
`id_token` text
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- 表的结构 `oauth_clients`
--
CREATE TABLE IF NOT EXISTS `oauth_clients` (
`client_id` text,
`client_secret` text,
`redirect_uri` text
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- 转存表中的数据 `oauth_clients`
--
INSERT INTO `oauth_clients` (`client_id`, `client_secret`, `redirect_uri`) VALUES
('demoapp', 'demopass', 'http://127.0.0.1/tp/index.php');
-- --------------------------------------------------------
--
-- 表的结构 `oauth_public_keys`
--
CREATE TABLE IF NOT EXISTS `oauth_public_keys` (
`client_id` varchar(80) DEFAULT NULL,
`public_key` varchar(8000) DEFAULT NULL,
`private_key` varchar(8000) DEFAULT NULL,
`encryption_algorithm` varchar(80) DEFAULT 'RS256'
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- 表的结构 `oauth_refresh_tokens`
--
CREATE TABLE IF NOT EXISTS `oauth_refresh_tokens` (
`refresh_token` text,
`client_id` text,
`user_id` text,
`expires` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`scope` text
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- 表的结构 `oauth_scopes`
--
CREATE TABLE IF NOT EXISTS `oauth_scopes` (
`scope` text,
`is_default` tinyint(1) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- 表的结构 `oauth_users`
--
CREATE TABLE IF NOT EXISTS `oauth_users` (
`username` varchar(255) NOT NULL,
`password` varchar(2000) DEFAULT NULL,
`first_name` varchar(255) DEFAULT NULL,
`last_name` varchar(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Indexes for table `oauth_users`
--
ALTER TABLE `oauth_users`
ADD PRIMARY KEY (`username`);
OAuth2 library address: https://github.com/bshaffer/oauth2-server-php
Here I put it in Vendor/OAuth2 ;
Authorization request class:
<?php
namespace Api\Controller;
class OAuth2Controller extends \Org\OAuth2\Controller
{
public function __construct()
{
parent::__construct();
}
public function authorize()
{
// validate the authorize request
if (!$this->oauth_server->validateAuthorizeRequest($this->oauth_request, $this->oauth_response)) {
$this->oauth_response->send();
die;
}
// print the authorization code if the user has authorized your client
$this->oauth_server->handleAuthorizeRequest($this->oauth_request, $this->oauth_response, true);
// this is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client
$code = substr($this->oauth_response->getHttpHeader('Location'), strpos($this->oauth_response->getHttpHeader('Location'), 'code=') + 5, 40);
echo json_encode(['code' => $code]);
//$this->oauth_response->send();
}
public function token()
{
$this->oauth_server->handleTokenRequest(\OAuth2\Request::createFromGlobals())->send();
}
}
OAuth2 library request encapsulation is placed in: Org/OAuth2;
<?php
namespace Org\OAuth2;
class Controller
{
protected $oauth_server;
protected $oauth_storage;
protected $oauth_request;
protected $oauth_response;
public function __construct()
{
// Autoloading (composer is preferred, but for this example let's just do this)
// require_once(VENDOR_PATH . '/OAuth2/Autoloader.php');
// \OAuth2\Autoloader::register();
// $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"
$this->oauth_storage = new \OAuth2\Storage\Pdo(array('dsn' => C('DSN'), 'username' => C('USERNAME'), 'password' => C('PASSWORD')));
// Pass a storage object or array of storage objects to the OAuth2 server class
$this->oauth_server = new \OAuth2\Server($this->oauth_storage);
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
$this->oauth_server->addGrantType(new \OAuth2\GrantType\ClientCredentials($this->oauth_storage));
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
$this->oauth_server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($this->oauth_storage));
$this->oauth_request = \OAuth2\Request::createFromGlobals();
$this->oauth_response = new \OAuth2\Response();
}
}
<?php
namespace Org\OAuth2;
class Resource extends Controller
{
protected $tokenData;
public function __construct()
{
parent::__construct();
// Handle a request to a resource and authenticate the access token
if (!$this->oauth_server->verifyResourceRequest(\OAuth2\Request::createFromGlobals())) {
$this->oauth_server->getResponse()->send();
die;
}
$this->tokenData = $this->oauth_server->getResourceController()->getToken();
}
}
Test class:
<?php
namespace Api\Controller;
class TestController extends \Org\OAuth2\Resource
{
public function __construct()
{
parent::__construct();
}
public function test()
{
echo json_encode(array('success' => true, 'message' => 'You accessed my APIs!'));
}
public function getToken()
{
echo json_encode(['token' => $this->tokenData]);
}
}
Configuration file:
require_once(VENDOR_PATH . '/OAuth2/Autoloader.php');
OAuth2\Autoloader::register();
return array(
//'配置项'=>'配置值'
'AUTOLOAD_NAMESPACE' => array('OAuth2' => VENDOR_PATH . 'OAuth2/'), //扩展模块列表
'DSN' => 'mysql:host=localhost;dbname=oauth2',
'USERNAME' => 'root',
'PASSWORD' => '',
);
The above introduces a simple case of building OAuth2 based on TP, including the relevant content. I hope it will be helpful to friends who are interested in PHP tutorials.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
What are the differences between Huawei GT3 Pro and GT4?
Dec 29, 2023 pm 02:27 PM
Many users will choose the Huawei brand when choosing smart watches. Among them, Huawei GT3pro and GT4 are very popular choices. Many users are curious about the difference between Huawei GT3pro and GT4. Let’s introduce the two to you. . What are the differences between Huawei GT3pro and GT4? 1. Appearance GT4: 46mm and 41mm, the material is glass mirror + stainless steel body + high-resolution fiber back shell. GT3pro: 46.6mm and 42.9mm, the material is sapphire glass + titanium body/ceramic body + ceramic back shell 2. Healthy GT4: Using the latest Huawei Truseen5.5+ algorithm, the results will be more accurate. GT3pro: Added ECG electrocardiogram and blood vessel and safety
Fix: Snipping tool not working in Windows 11
Aug 24, 2023 am 09:48 AM
Why Snipping Tool Not Working on Windows 11 Understanding the root cause of the problem can help find the right solution. Here are the top reasons why the Snipping Tool might not be working properly: Focus Assistant is On: This prevents the Snipping Tool from opening. Corrupted application: If the snipping tool crashes on launch, it might be corrupted. Outdated graphics drivers: Incompatible drivers may interfere with the snipping tool. Interference from other applications: Other running applications may conflict with the Snipping Tool. Certificate has expired: An error during the upgrade process may cause this issu simple solution. These are suitable for most users and do not require any special technical knowledge. 1. Update Windows and Microsoft Store apps
How to install, uninstall, and reset Windows server backup
Mar 06, 2024 am 10:37 AM
WindowsServerBackup is a function that comes with the WindowsServer operating system, designed to help users protect important data and system configurations, and provide complete backup and recovery solutions for small, medium and enterprise-level enterprises. Only users running Server2022 and higher can use this feature. In this article, we will explain how to install, uninstall or reset WindowsServerBackup. How to Reset Windows Server Backup If you are experiencing problems with your server backup, the backup is taking too long, or you are unable to access stored files, then you may consider resetting your Windows Server backup settings. To reset Windows
PHP and OAuth: Implementing Microsoft Login Integration
Jul 28, 2023 pm 05:15 PM
PHP and OAuth: Implementing Microsoft login integration With the development of the Internet, more and more websites and applications need to support users to log in using third-party accounts to provide a convenient registration and login experience. Microsoft account is one of the widely used accounts around the world, and many users want to use Microsoft account to log in to websites and applications. In order to achieve Microsoft login integration, we can use the OAuth (Open Authorization) protocol to achieve it. OAuth is an open-standard authorization protocol that allows users to authorize third-party applications to act on their behalf
How to do Google Drive integration using PHP and OAuth
Jul 31, 2023 pm 04:41 PM
How to do GoogleDrive integration using PHP and OAuth GoogleDrive is a popular cloud storage service that allows users to store files in the cloud and share them with other users. Through GoogleDriveAPI, we can use PHP to write code to integrate with GoogleDrive to implement file uploading, downloading, deletion and other operations. To use GoogleDriveAPI we need to authenticate via OAuth and
OAuth in PHP: Create a JWT authorization server
Jul 28, 2023 pm 05:27 PM
OAuth in PHP: Creating a JWT authorization server With the rise of mobile applications and the trend of separation of front-end and back-end, OAuth has become an indispensable part of modern web applications. OAuth is an authorization protocol that protects users' resources from unauthorized access by providing standardized processes and mechanisms. In this article, we will learn how to create a JWT (JSONWebTokens) based OAuth authorization server using PHP. JWT is a type of
How to Fix Can't Connect to App Store Error on iPhone
Jul 29, 2023 am 08:22 AM
Part 1: Initial Troubleshooting Steps Checking Apple’s System Status: Before delving into complex solutions, let’s start with the basics. The problem may not lie with your device; Apple's servers may be down. Visit Apple's System Status page to see if the AppStore is working properly. If there's a problem, all you can do is wait for Apple to fix it. Check your internet connection: Make sure you have a stable internet connection as the "Unable to connect to AppStore" issue can sometimes be attributed to a poor connection. Try switching between Wi-Fi and mobile data or resetting network settings (General > Reset > Reset Network Settings > Settings). Update your iOS version:
Windows Server 2025 preview version welcomes update, Microsoft improves Insiders testing experience
Feb 19, 2024 pm 02:36 PM
On the occasion of releasing the build 26040 version of Windows Server, Microsoft announced the official name of the product: Windows Server 2025. Also launched is the Windows11WindowsInsiderCanaryChannel version build26040. Some friends may still remember that many years ago someone successfully converted Windows NT from workstation mode to server mode, showing the commonalities between various versions of Microsoft operating systems. Although there are clear differences between Microsoft's current version of the server operating system and Windows 11, those who pay attention to the details may be curious: why Windows Server updated the brand,
