Giter VIP home page Giter VIP logo

yii2-roa's People

Contributors

aguevarail avatar ayrozjlc avatar berkantc avatar faryshta avatar josejesusguzman avatar miguelbeatles21 avatar neverabe avatar onca-vega avatar roaresearch-creator avatar seether69 avatar

Watchers

avatar avatar avatar

Forkers

aguevarail cmllamosas

yii2-roa's Issues

Restricción de acceso a nivel documentación /api/*

Restricción de acceso a nivel documentación /api/*

  • Pasos para reproducir el error:
  1. Clonar el repositorio de yii2-app-roa
  2. Instalar workflow
  3. Correr composer deploy
  4. Configurar el Version Container de la siguiente forma
<?php

namespace backend\api;

use roaresearch\yii2\oauth2server\filters\auth\CompositeAuth;
use yii\filters\auth\{HttpBearerAuth, QueryParamAuth};
use yii\helpers\ArrayHelper;

class VersionContainer extends \roaresearch\yii2\roa\modules\ApiContainer
{
    public function behaviors()
    {
        return [
            'authenticator' => [
                'class' => CompositeAuth::class,
                'oauth2Module' => $this->getOauth2Module(),
                'authMethods' => [
                    ['class' => HttpBearerAuth::class],
                    [
                        'class' => QueryParamAuth::class,
                        // !Important, GET request parameter to get the token.
                        'tokenParam' => 'accessToken',
                    ],
                ],
                 // no requerir token para generar token
                'except' => [$this->oauth2ModuleId . '/*'],
            ],
        ];
    }
    
    /**
     * @inheritdoc
     */
    public $identityClass = models\User::class;

    /**
     * @inheritdoc
     */
    public $versions = [
        'v1' => [
            'class' => v1\Version::class,
        ],
        'dev' => [
            'class' => v1\Version::class,
        ],
        'w1' => [
            'class' => 'roaresearch\yii2\workflow\roa\modules\Version',
        ],
    ];
}
  • Resultado Actual:

Podemos ver que aparece un error de servidor error 500 con authorization vencido y sin authorization

 imagen con authorization vencido (con la configuración del pastebin del punto 4)

Screen Shot 2020-03-13 at 14 49 35

 imagen sin authorization (con la configuración del pastebin del punto 4)

Screen Shot 2020-03-13 at 14 49 23

 imagen con authorization (con la configuración del pastebin del punto 4)

Screen Shot 2020-03-13 at 14 49 06

  • Resultado esperado:
    El resultado esperado es Unauthorized

Screen Shot 2020-03-13 at 14 46 08

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.