• Stars
    star
    107
  • Rank 323,587 (Top 7 %)
  • Language
    PHP
  • License
    MIT License
  • Created over 11 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

OAuth2 for your Symfony Application

OAuth2 Server Bundle

OAuth2 Server Bundle for Symfony 2, built on the oauth2-server-php library.

Build Status

Getting Started

See the Complete Documentation for information regarding the OAuth2.0 protocol and the PHP library used by this bundle to implement it.

For documentation specific to this bundle, continue reading below.

Bundle Overview

The following grant types are supported out the box:

  • Client Credentials
  • Authorization Code
  • Refresh Token
  • User Credentials (see below)

You can make token requests to the /token path via POST.

You can restrict the grant types available per client in the database, use a Compiler Pass or in your own TokenController you could do something like:

public function tokenAction()
{
    $server = $this->get('oauth2.server');

    // Override default grant types to authorization code only
    $server->addGrantType($this->get('oauth2.grant_type.authorization_code'));

    return $server->handleTokenRequest($this->get('oauth2.request'), $this->get('oauth2.response'));
}

Installation

Step 1: Add package to Composer

Use composer to add the requirement and download it by running the command:

$ php composer.phar require bshaffer/oauth2-server-bundle

Composer will update your composer.json and install the bundle to your project's vendor/bshaffer directory.

Step 2: Enable the bundle

Enable the bundle in the kernel:

<?php
// app/AppKernel.php

public function registerBundles()
{
    $bundles = array(
        // ...
        new OAuth2\ServerBundle\OAuth2ServerBundle(),
    );
}

Step 3: Install database

You'll need to update your schema to setup the Entities provided by this module.

$ php app/console doctrine:schema:update --force

Step 4: Add routes

You'll need to add the following to your routing.yml

# app/config/routing.yml

oauth2_server:
    resource: "@OAuth2ServerBundle/Controller/"
    type:     annotation
    prefix:   /

Step 5: Create a scope

You'll need to setup a scope before you can create a client, use this command. The description you give here will appear on the Authorization page.

$ php app/console OAuth2:CreateScope scope (description)

Step 6: Create a client

Use this console command to create a new client:

$ php app/console OAuth2:CreateClient client_id redirect_uri (grant_types) (scope)

Optional Configuration

You can override any of the built-in components in your own bundle by adding new parameters in your config.yml:

# app/config/config.yml

parameters:
    oauth2.storage.client_credentials.class: Amce\OAuth2ServerBundle\Storage\ClientCredentials

Where Amce\OAuth2ServerBundle\Storage\ClientCredentials is your own implementation of the ClientCredentials interface.

If you provide your own storage managers then you'll be able to hook everything up to your own custom Entities.

User Credentials (Resource Owner Password)

To make it easy to plug-in your own User Provider we've conformed to the UserInterface, UserProviderInterface & EncoderFactoryInterface.

Therefore to make proper use of the user credentials grant type you'll need to modify your config.yml with the relevant classes.

# app/config/config.yml

parameters:
    oauth2.user_provider.class: Amce\OAuth2ServerBundle\User\OAuth2UserProvider

If you want to take advantage of scope restriction on a per user basis your User entity will need to implement the OAuth2\ServerBundle\OAuth2UserInterface or OAuth2\ServerBundle\AdvancedOAuth2UserInterface.

Out of the box we do provide a basic user provider and entity for you to use. Setup your security.yml to use it:

# app/config/security.yml

security:
    encoders:
        OAuth2\ServerBundle\Entity\User:
            algorithm:          sha512
            encode_as_base64:   true
            iterations:         5000

    providers:
        oauth2:
            id: oauth2.user_provider

You'll need some users first though! Use the console command to create a new user:

$ php app/console OAuth2:CreateUser username password

Configuring Grant Types

You'll need to use a Compiler Pass to configure settings for a grant type. For example say we want our refresh tokens to always get renewed:

// Amce/OAuth2ServerBundle/AmceOAuth2ServerBundle.php

namespace Amce\OAuth2ServerBundle;

use Symfony\Component\HttpKernel\Bundle\Bundle;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Amce\OAuth2ServerBundle\DependencyInjection\Compiler\OAuth2CompilerPass;

class AmceOAuth2ServerBundle extends Bundle
{
    public function build(ContainerBuilder $container)
    {
        parent::build($container);

        $container->addCompilerPass(new OAuth2CompilerPass());
    }
}
// Amce/OAuth2ServerBundle/DependencyInjection\Compiler\OAuth2CompilerPass.php

namespace Amce\OAuth2ServerBundle\DependencyInjection\Compiler;

use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
use Symfony\Component\DependencyInjection\Reference;

class OAuth2CompilerPass implements CompilerPassInterface
{
    public function process(ContainerBuilder $container)
    {
        // Override Refresh Token Grant Type Settings
        $serviceId = 'oauth2.grant_type.refresh_token';
        if ($container->hasDefinition($serviceId)) {
            $definition = $container->getDefinition($serviceId);
            $definition->replaceArgument(1, array(
                'always_issue_new_refresh_token' => TRUE
            ));
        }
    }
}

More Repositories

1

oauth2-server-php

A library for implementing an OAuth2 Server in php
PHP
3,214
star
2

oauth2-demo-php

A demo application for running an OAuth2 server
PHP
743
star
3

oauth2-server-php-docs

documentation for the oauth2-server-php library
CSS
229
star
4

php-echonest-api

PHP classes for the Echo Nest API
PHP
99
star
5

oauth2-server-httpfoundation-bridge

Integrate HttpFoundation into your oauth2-server library
PHP
51
star
6

csDoctrineActAsSortablePlugin

Sortable behavior for Doctrine objects
PHP
28
star
7

redmine-assets-plugin

Provides a central location to view all your project's assets
Ruby
24
star
8

phpunit-retry-annotations

Traits for retrying test methods and classes in PHPUnit
PHP
22
star
9

sfHadoriThemePlugin

symfony admin generator with a beautiful theme and clean generated code.
PHP
21
star
10

Donate-Nashville

A relief effort to connect donators with those in need
PHP
16
star
11

csDoctrineActAsGeolocatablePlugin

Automatically fetch latitude and longitude for your Doctrine model
PHP
14
star
12

Symfony-Snippets

Symfony Code Snippets
PHP
14
star
13

csSettingsPlugin

Add simple user-editable settings to your application
PHP
12
star
14

symfony-on-app-engine-flex

A demo application for symfony on app engine flexible
PHP
9
star
15

sfThemeGeneratorPlugin

Plugin for creating and extending modules using a theme
PHP
8
star
16

Symplist

Symfony Plugins List
PHP
7
star
17

csDoctrineActAsAttachablePlugin

Attachable Behavior for file uploads
PHP
6
star
18

Hadori-Demo

Demo application for the Hadori Admin Generator
PHP
6
star
19

faceswap-docker

Dockerization for the faceswap library `matthewearl/faceswap`
6
star
20

faceswap-app

Python
5
star
21

csSecurityTaskExtraPlugin

Task for assessing the security coverage of your application
PHP
4
star
22

sfUploadPlugin

An easy way to add multiple uploads to your model
PHP
3
star
23

csBackupPlugin

A plugin for easily backing up your MySQL database, Rsyncing files, etc.
Shell
3
star
24

ChartDown

Short Hand for Chart Writing
PHP
2
star
25

google-mybusiness-php-client

PHP
2
star
26

sfDoctrineMarkdownPlugin

Use the Markdown syntax for a field on your Doctrine models via a Doctrine behavior
PHP
2
star
27

dlib-elixir

dlib for Elixir
C++
2
star
28

sfImageCachePlugin

A plugin for caching images of various sizes
PHP
2
star
29

BasicParameterValidation

Basic Parameter Validator for PHP
PHP
2
star
30

format-owlbot-pr-chrome-extension

JavaScript
1
star
31

sfDoctrineActAsLocalizablePlugin

Automatically convert a localizable field using the Localizable template
PHP
1
star
32

faceswap-wordpress

PHP
1
star
33

sfHyperwordPlugin

Link words dynamically in your code to link to other pages (similar to "Wikipedia")
PHP
1
star
34

composer-git-proxy

Repository for splitting a single git repository into multiple composer packages
Shell
1
star
35

P4-CLI

Scripts to make P4 CLI easier to use
PHP
1
star
36

sfServiceContainerPlugin

A Symfony 1.4 Plugin for using the Service Container
PHP
1
star