chadicus / slim-oauth2-routes Goto Github PK
View Code? Open in Web Editor NEWOAuth2 routes for use within a Slim Framework API
License: MIT License
OAuth2 routes for use within a Slim Framework API
License: MIT License
Travis-CI now allows PHP 7.2 builds. It should be added to the .travis-ci.yml file.
Requires the user to authenticate and redirects back to the client with an authorization code (Authorization Code grant type) or access token (Implicit grant type).
Hi!
I have used your package in my project and it has worked. However, due to a server disk failure, I transferred my project to localhost and reconfigured it to a local database storage. When I accessed /authorize
, the invoke seems to not work. I've put var_dumps at the functions, but it seems the var_dump inside the __invoke magic function did not execute, thus the authorization form did not appear.
What seems to be the problem?
Earl
satooshi/php-coveralls
has become php-coveralls/php-coveralls
. The dev dependencies should be updated accordingly.
When a user authorizes a client, the user_id should be saved with the authorization code if the user_id argument is set.
The authorization code is created but without any user_id (the column user_id
in table oauth_authorization_codes
remains NULL)
Invoke the Authorize route, with or without a user_id argument.
The Authorize route calls handleAuthorizeRequest()
on the OAuth2 server, but doesn't pass the user_id argument (which then defaults to null). Therefore the OAuth2 server won't link the authorization code to the user_id.
I suggest adding the user_id at line 84 of Authorize.php
:
$user_id = isset($arguments['user_id']) ? $arguments['user_id'] : null;
$this->server->handleAuthorizeRequest($oauth2Request, $oauth2Response, $authorized === 'yes', $user_id);
In my application I use Slim middleware to validate the user credentials and then set the user_id argument:
$loginMiddelware = function ($request, $response, $next)
{
$email = $request->getParam('email');
$password = $request->getParam('password');
// Validate the user credentials
$user_id = getUserIdIfValidCredentials($email, $password);
if ($user_id === FALSE || !is_numeric($user_id)) {
return $response->withStatus(303)->withHeader('Location', URL_AUTHORIZE_INVALID_CREDENTIALS);
}
// Set the user_id argument so that Routes\Authorize can give it to handleAuthorizeRequest
$route = $request->getAttribute('route');
$route->setArgument('user_id', $user_id);
// Credentials are valid, continue so the authorization code can be sent to the clients callback_uri
$response = $next($request, $response);
return $response;
};
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.