Open pdrosos opened 8 years ago
I recently had this very same problem and ended up building a custom grant type for the social network logins we support. I've attached the grant and interfaces if you want an idea of what needs to be done to make it work.
SocialProviderEntityInterface.txt SocialProviderRepositoryInterface.txt SocialGrant.txt
The required request parameters are: 1) grant_type = urn:alex:params:oauth:grant-type:social 2) identifier = the identifier of the user returned by the social network 3) provider = an identifier saying which social network it is
Implementing looks like this:
// Init our repositories
$clientRepository = new ClientRepository( );
$scopeRepository = new ScopeRepository( );
$accessTokenRepository = new AccessTokenRepository( );
$refreshTokenRepository = new RefreshTokenRepository( );
$userRepository = new UserRepository( );
$socialProviderRepository = new SocialProviderRepository( );
// Setup the authorization server
$this->_server = new AuthorizationServer(
$clientRepository,
$accessTokenRepository,
$scopeRepository,
$this->_private_key_path,
$this->_public_key_path
);
$grant = new SocialGrant( $userRepository, $socialProviderRepository, $refreshTokenRepository );
$grant->setRefreshTokenTTL( new \DateInterval( 'P1M' ) );
$this->_server->enableGrantType( $grant, new \DateInterval( 'PT1H' ) );
@alexplumb thank you for your answer and for the grant code! Your solution is very similar to my idea how to solve it, it's good to know that I am on the right way :)
I am looking at doing the exact same thing. Thanks @pdrosos for asking this question and thanks @alexplumb for going above and beyond on the answer.
Hi,
I am currently developing mobile app and API, using the OAuth2 server with Password grant. I must also implement user login via Facebook and LinkedIn.
As far as I understand I need to develop custom grant types to integrate the Facebook and LinkedIn login with the OAuth2 server. But I can't find any documentation to point me in the right direction how to do it. This docs page is still not written: http://oauth2.thephpleague.com/authorization-server/custom-grants/
I am wondering, is it possible and is it a good idea instead of custom grant types just to validate the user via the FB / LinkedIn APIs and manually issue access + refresh token for him?
@alexbilbie it would be very nice if you could give me some advice how to solve this use case and how to implement custom grant type or manually issue access token and refresh token.
Thanks in advance!