Sephster
commented
2 years ago Typically the user will click on a link to be taken to the login page. It is the login page's responsibility to redirect the client to the auth server after authorisation has been successful. You might use the header() function to achieve this.
There is no paradigm that I'm aware of for the resource owner data. Typically I see /api or /resource but it is entirely up to you.
I would highly recommend reading through OAuth 2.0 Simplified if you need further assistance. Hope this helps you and thanks for using the library.
ogi77gr
I am new to creating oauth2 server and I would really appreciate some help. I have studied the auth code flow and I understand it. Can you please tell me some things according to the code bellow // Validate the HTTP request and return an AuthorizationRequest object. // The auth request object can be serialized into a user's session $authRequest = $server->validateAuthorizationRequest($request);
// // Once the user has logged in set the user on the AuthorizationRequest $authRequest->setUser(new UserEntity()); //return var_dump($authRequest); // Once the user has approved or denied the client update the status // (true = approved, false = denied) $authRequest->setAuthorizationApproved(true); First of all what kind of code should I use here to send it to the login page. I understand that this implementation takes user login for granted Secondly what is the link to access the Resource owner data after the access token is send by the client. Is there a paradigm that could help my implementation (actually what is the call the client does when it gets the access token)? So a paradigm of redirection to login page and sending data (what is in the scope) will help Maybe the things I ask are trivial, but not for me. Thank you in advance