bshaffer / oauth2-server-php-docs

documentation for the oauth2-server-php library
231 stars 148 forks source link

Grant type sample tables #5

Open Rockstar04 opened 11 years ago

Rockstar04 commented 11 years ago

There is an open issue with the library requesting table definitions for a grant type. #170

Would it be a good idea to add a sample table to the grant types page. The issue with this is it obviously depends on the storage adapter you are using, so maybe even a new page all together covering the storage adapters and hoe to use them with the different grants?

bshaffer commented 11 years ago

I think in general the grant types page needs a TON of work. I wouldn't mind having a table of contents, and each grant type having a more detailed description with code samples / SQL queries

Rockstar04 commented 11 years ago

Sounds good, I will fork this and take a stab at helping out with that.

bshaffer commented 11 years ago

You're a rockstar!

Rockstar04 commented 11 years ago

Sorry, I was going to try to get a start tonight, but I got my Leap Motion in the mail today and spent all night waving my hands in front of my laptop like a retard. . . . .

I will get focused tomorrow night.

yankeeinlondon commented 11 years ago

Hi guys ... i'm desperate to find a Resource Owner Password Credentials example. Is there one that you could point me to?

Rockstar04 commented 11 years ago

The table that deals specifically with the Resource Owner Password Credentials grant is the users table, but this may be significantly different depending on your existing setup. Below its the table the PDO Storage uses for its unit testing.

CREATE TABLE oauth_users (username TEXT, password TEXT, first_name TEXT, last_name TEXT

If you have any questions feel free to ask away, but maybe in another issue, to help guide us where the documentation is lacking the most.

yankeeinlondon commented 11 years ago

Yes sorry I get that the user table will be very implementation specific. What I was looking for was the code example, not the data structure. BTW, regarding data structure. I just started creating this picture for my own benefit ... it's very rough drafty but would it be useful to share this?

oauth 2 - workflow

bshaffer commented 11 years ago

This diagram seems pretty difficult to understand to me, and I understand the spec pretty well. I would rather see per-grant-type flow diagrams.

Rockstar04 commented 11 years ago

@ksnyde As far as code, once you have your storage set up its just another grant. Do you need the headers to send for a proper request or something else?? I ended up writing my own storage library so we could have more control over our backend data and leverage some caching, I am assuming you would want to extend the PDO storage and over-ride the methods that deal with the checking the user credentials so they match your exsting system.

This is all I have for code to handle a basic resourceOwner grant in the API I am starting (Using ZF2)


    /**
     * This method accepts a post with OAuth headers and post data, may return an access token
     * @return JsonModel A JSON view model with the approiate response
     */
    public function handleTokenRequest()
    {
        $response = $this->getOauthServer()->handleTokenRequest($this->getCurrentRequest());

        $this->response->setStatusCode($response->getStatusCode());
        $this->response->getHeaders()->addHeaders($response->getHttpHeaders());

        return new JsonModel($response->getParameters());
    }

And here is where I set up my factory and storage

    /**
     * Return a configured OAuth2 Server
     * @return Object  OAuth2\Server
     */
    public function getOauthServer()
    {
        if ($this->OauthServer === null) {
            $this->OauthServer = new OauthServer($this->getOauthStorage());

            $this->OauthServer->addGrantType(new AuthorizationCode($this->getOauthStorage()));
            $this->OauthServer->addGrantType(new RefreshToken($this->getOauthStorage()));
            $this->OauthServer->addGrantType(new UserCredentials($this->getOauthStorage()));
        }

        return $this->OauthServer;
    }

    /**
     * Return a configured Oauth\Storage\Mysqli Storage object
     * @return Object  Oauth\Storage\Mysqli
     */
    public function getOauthStorage()
    {
        if ($this->OauthStorage === null) {
            $this->OauthStorage = $this->getServiceLocator()->get('Oauth\Storage\Mysqli');
        }

        return $this->OauthStorage;
    }
yankeeinlondon commented 11 years ago

@bshaffer, I don't know if you saw the email I sent you a week or so ago but I have flow diagrams too. The storage diagram is just for someone who needs to implement the storage adaptor. They don't need the full flow, just the data structure for the various elements that the Storage class will access. Here's an example of the flow for the Authorise Code workflow. If you don't like this either no problem ... it's helping me but I can keep it to myself :)

authorization code

Flow 0 is registration, flow 1 is authentication, and flow 2 is authorisation

yankeeinlondon commented 11 years ago

@Rockstar04, yes thanks. I have created a Storage object for Couchbase and have similar code to yours although being absent minded I didn't realise until I saw your code that I'd left off the UserCredentials grant type. That's one step closer. :+1:

dsquier commented 11 years ago

I've also been working with Couchbase and came across this issue again. I managed to get a working object as well. It's somewhat based on the PDO object, using the table name as a prefix to the Couchbase key. I'd like to shorten the keys, but was otherwise impressed with speed (faster than PDO MySQL library), which is to be expected.

I'll open an Issue on the library to see if @bshaffer is interested in integrating Couchbase storage.