Skip to content

Latest commit

 

History

History
100 lines (75 loc) · 2.85 KB

README.md

File metadata and controls

100 lines (75 loc) · 2.85 KB

OAuth2 Server for CakePHP 3

A plugin for implementing an OAuth2 server in CakePHP 3. Built on top of the PHP League's OAuth2 Server.

Installation

Installation is done using composer. Run:

$ composer require uafrica/oauth-server

Once composer has installed the package, the plugin needs to be activated by running:

$ bin/cake plugin load OAuthServer --routes
$ bin/cake plugin load Crud
$ bin/cake plugin load CrudView
$ bin/cake plugin load BootstrapUI

Finally the database migrations need to be run.

$ bin/cake migrations migrate --plugin OAuthServer

Configuration

It is assumed that you already have working Form based authentication using the built in CakePHP 3 authentication component. If you do not, please read the authentication chapter.

Set OAuthServer as an authentication adaptor.

In your AppController beforeFilter method, add (or modify)

$this->Auth->config('authenticate', [
    'Form',
    'OAuthServer'
]);

Change your login method to look as follows:

public function login()
{
    if ($this->request->is('post')) {
        $user = $this->Auth->identify();
        if ($user) {
            $this->Auth->setUser($user);
            $redirect_uri = $this->Auth->redirectUrl();
            if ($this->request->query['redir'] === 'oauth') {
                $redirect_uri = [
                    'plugin' => 'OAuthServer',
                    'controller' => 'OAuth',
                    'action' => 'authorize',
                    '?' => $this->request->query
                ];
            }
            return $this->redirect($redirect_uri);
        } else {
            $this->Flash->error(
                __('Username or password is incorrect'),
                'default',
                [],
                'auth'
            );
        }
    }
}

Alternatively, if you are using the Friends Of Cake CRUD plugin, add

'login' => [
    'className' => 'OAuthServer.Login'
]

to your CRUD actions config.

Usage

Visit example.com/oauth/clients to create OAuth clients, and example.com/oauth/scopes to create OAuth scopes.

The base OAuth2 path with example.com/oauth

Customisation

The OAuth2 Server can be customised, the look for the various pages can be changed by creating templates in Template/Plugin/OAuthServer/OAuth

The server also fires a number of events that can be used to inject values into the process. The current events fired are:

  • OAuthServer.beforeAuthorize - On rendering of the approval page for the user.
  • OAuthServer.afterAuthorize - On the user authorising the client
  • OAuthServer.afterDeny - On the user denying the client
  • OAuthServer.getUser - On loading user details for authentication requests.