search

thephpleague / oauth2-server

A spec compliant, secure by default PHP OAuth 2.0 Server
https://oauth2.thephpleague.com
MIT License
6.53k stars 1.12k forks source link

Using oauth2-server with Slim #1290

Closed DavidAtanasoski closed 2 years ago

DavidAtanasoski commented 2 years ago

I got started with PHP and Slim few weeks ago, so I'm beginner using this technology. Now I want to make a project where I will implement authorization, creating toke etc.

I looked at the documentation of this package, but I struggle to use it. I've successfully installed it, but now I don't know how to use it. For example, I know that I need a database and tables, but have no idea what they should contain ( from what I've seen is that this package doesn't come with migrations ). Also, how to do all the magic that comes with this package.

Looking forward for an answers and guiding me toward right directions of making this work.

Sephster commented 2 years ago

Hello - sorry for the delayed reply. We don't provide migrations because we don't want to tie you down to any one storage solution. The main thing you need to do is make sure you are adhering to the interfaces provided.

For example, the system provides a number of repository classes and these can be mapped to your storage solution. Typically this will be a MySQL database but it could be whatever you like.

If we look in the repositories folder you will see a number of classes there. The first one is called AccessTokenRepositoryInterface which extends the RepositoryInterface class with four methods:

You will need to implement these methods yourself depending on your storage solution. If we look at the persistNewAccessToken() method, we can see that it accepts an AccessTokenEntity.

If we look at the interface for this class, we can see it extends TokenInterface which has a number of setters:

In MySQL you'd want a table that can store all of these fields. Probably a table called access_tokens or something similar.

It would also be worth looking at the examples directory - it doesn't contain a DB backed implementation but has the general scaffolding required to get the server up and running. I hope this is useful and sorry again for the delayed response.

I will mark this issue as closed but if you do have further questions, please don't hesitate to get back in touch and I will do my best to answer them.