dakota
commented
9 years ago Documentation is definitely needed!
Open bobmulder opened 9 years ago
dakota
commented
9 years ago Documentation is definitely needed!
bobmulder
commented
9 years ago When do you think you got some extra documentation? Looking forward to it!
bobmulder
commented
9 years ago @klickagent. Your question has nothing to do with this issue, so don't do that. For help read the readme.md file. Just run composer install uafrica/oauth-server to install
bobmulder
commented
9 years ago @dakota Can you create some docs or will someone else do it?
Greetz
dakota
commented
9 years ago @bobmulder Have not had a change yet! What do you need help with?
bobmulder
commented
9 years ago @dakota For me it's unclear how to connect as cliënt to the API now. Should I use the /login action to send my key and secret or is there another action available?
dakota
commented
9 years ago Ah, ok :)
Assuming you've already created a client and scopes (if any):
/oauth?client_id=x&scope=x&redirect_uri=x&response_type=code (Where the x is replaced with the appropriate value)redirect_uri with a code set in a query parameter./oauth/access_token, with the client_id, client_secret and code set. You will be returned a oauth access tokenHope this helps!
bobmulder
commented
9 years ago I will use oAuth 2 the most for the 'Client credentials' grant type. I asume that I need to do a requestion on /oauth?client_id=id&client_secret=secret then?
Thanks for your help. When I got some more experience I wanna contribute ;) Just give it some time...
dakota
commented
9 years ago This plugin currently only supports the auth code grant and refresh token grant. There are plans to support the other grant types, but no timeline on that.
bobmulder
commented
9 years ago Hm okay, is it hard to implement? Looking forward to that feature!
bobmulder
commented
9 years ago @dakota I've done some reseach about the oauth2 server of thephpleague. Can you explain me where I should add new grant-types so I can implement the Client Credentials?
dakota
commented
9 years ago bobmulder
commented
9 years ago I will take a look when I got time ;), thanks!
Daniel-Gherard
commented
8 years ago How can I use this plugin in an API call?
For example: I have a login call for Android/iOS App. In this call, the application should send username, password, client_id and client_secret (I have decided not to use scopes). But, I want to return the logged user data and the access token. I was able to do it in the browser. But, that would not work on Android or iOS.
For instance, if I run: /oauth/authorize?client_id=x&client_secret=x&response_type=code&redirect_uri=x&redir=oauth
I always get redirected to my login form in userscontroller, even though I already authorized the user before in this call.
And also I would like to jump the approve/deny, since my API will be restricted to my application.
How can I do this?
ikkysleepy
commented
8 years ago I need some help with verifying the Access Token with the plugin. I can get a code and submit a request for access Token, but I can't figure out how to verify the access token.
Here are the steps I took:
2.) Prompt Page, after login: http://localhost:8888/oauth/authorize?redir=oauth&client_id=NTczMjBjOWFiYTBkYjRi&redirect_uri=http%3A%2F%2Flocalhost%3A8888%2Fusers%2Falexa%2F1.json&response_type=code
3.) After Accepting Prompt: http://localhost:8888/users/alexa/1.json?code=KBzKKilJIUsk247CxyCUdrM8JZOLFgBLjMDKSUzv
Now I can authenticate using the code and client info as follows
1.) Post to access Token
http://localhost:8888/oauth/accessToken grant_type = authorization_code client_id = NTczMjBjOWFiYTBkYjRi client_secret = random_key_generated redirect_uri = http://localhost:8888/users/alexa/1.json code =KBzKKilJIUsk247CxyCUdrM8JZOLFgBLjMDKSUzv
Response: { "access_token": "5GfEI8bsVBvbqr1sxMNKW3WazYINlk9Au1Zk8AAF" "token_type": "Bearer" "expires_in": 2592000 "refresh_token": "dtQOgY352DhWun89d5Q9Twic2AhPNKC8ocVkWfSP" }
After a while the PHP Login Auth will expire. I logged out.
How Do I validate the Token an auth the user? I have this url: http://localhost:8888/users/alexa/1.json?token=5GfEI8bsVBvbqr1sxMNKW3WazYINlk9Au1Zk8AAF
Then I have some code, but I don't know where to put it and how to call the OAUTH to verify the token.
$accessToken = $this->request->query('token');
$http = new Client([
'headers' => ['Authorization' => 'Bearer ' . $accessToken]
]);
$response = $http->get('http://localhost:8888/users/alexa/1.json');
sharif2008
commented
8 years ago Hi , I am finding this error
\ @Client authentication failed. League\OAuth2\Server\Exception\InvalidClientException**
League\OAuth2\Server\Grant\AuthCodeGrant->checkAuthorizeParams ROOT/vendor/uafrica/oauth-server/src/Controller/Component/OAuthComponent.php, line 104
When the url is
http://localhost/cakenull/oauth/?redir=oauth&client_id=1&response_type=code&scope=code&redirect_uri=/cakenull/users/callback
here is my versions:
"php": ">=5.5.9",
"cakephp/cakephp": "~3.2",
"mobiledetect/mobiledetectlib": "2._",
"cakephp/migrations": "~1.0",
"cakephp/plugin-installer": "_",
"uafrica/oauth-server": "^0.2.0",
"friendsofcake/crud": "^4.3"
any idea please?
dkantikorn
commented
6 years ago How to verified for the access token?
Thank
DinoSane
commented
6 years ago I second the @dkantikorn question and add another one: along with one paragraph showing us how to use the access token, could you show how to use the password grant? Documentation says it is is not done, but inside it looks like it works. @dakota links to a page where supportedGrants' => ['AuthCode', 'RefreshToken', 'ClientCredentials', 'Password'],
Thanks
Hey uafrica,
The plugin looks nice, I am going to test it tonight. I am new to oAuth2 and trying to understand it. Hope this plugin will help.
Please can you provide me / us with some documentation about how to use this plugin on client side?
Thanks!
Bob