将OAuth 2.0与CodeIgniter集成 [英] Integrating OAuth 2.0 with CodeIgniter
问题描述
https://github.com/alexbilbie/CodeIgniter-OAuth-2.0-Server p>
我在GitHub上找到了这个,但实现的步骤并不真正有助于安装OAuth代码到CodeIgniter,并没有找到任何真正好的文章如何做到这一点
有没有人能帮我设定这项功能?
HéHoang,
oAuth库不是真正的自我解释。这是我的工作方式:
基本
- 阅读 oAuth 2.0草案23 ,刚好足以获得oAuth的基本概念
- 然后按照在CodeIgniter安装中从alexbilbie安装控制器和库的说明
- 安装表并添加应用程序和一些角色(想想Facebook应用程序和您可以请求权限的角色)
- 确保您在oAuth_server.php文件中的底部某处设置了validate_user函数
-
执行请求
作为客户端执行授权请求。这些几个简单的步骤记录在此部分中。
编辑:Philsturgeon的oAuth 2.0授权库可用于自动化。
对于库,这意味着:
/index.php / oauth?client_id = IN_YOUR_APPLICATION& redirect_uri = IN_YOUR_APPLICATION& response_type = code& scope = YOUR_ROLE
使用您输入数据库的数据填写variabels。 p>
调试一些错误,它可能给出。
如果一切顺利, >
登录 - >授权应用程序 - >使用?code = XXXXXXX
查看您的redirect_uri页面您需要XXXXXXX代码
然后在redirect_uri上发布帖子到/index.php/oauth/access_token
(您现在都知道他们)
- client_id(在应用程序表中)
- client_secret表格)
- redirect_uri(在应用程式表格中,您要储存access_token的位置)
- 代码(XXXXXX)
- grant_type(必须是authorization_code)你读完这一节后就知道了!
该帖子返回一个包含access_token(或错误)的JSON字符串。 YEAH!
下一步
将access_token保存在实际应用程序中,它在请求。在你的资源服务器(可能是一个API和与授权服务器相同的CodeIgniter项目,我刚才解释),你需要在返回结果之前验证access_token。
:
$ this-> load-> library('oauth_resource_server');
if(!$ this-> oauth_resource_server-> has_scope(array('account.basic')))
{
//错误逻辑 - 访问令牌不正确权限
show_error('需要访问令牌来请求此资源'。
}
else
{
// GO RETURN RESULTS
}
希望这可以帮助你开始运行!
PS:你需要建立一些管理区域来管理应用程序,会话和角色。
Eric
https://github.com/alexbilbie/CodeIgniter-OAuth-2.0-Server
I have found this on GitHub however the steps to implement don't really help with installing the OAuth code into CodeIgniter and haven't found any really good articles on how to do this
Has anyone already done this that can offer me help setting this up?
Hé Hoang,
The oAuth library isn't really self explanatory. This is how I got it working:
Basics
- Read the oAuth 2.0 draft 23 just enough to get a basic idea of oAuth, the roles and flows.
- Then follow the instructions for installing the controller and libraries from alexbilbie in your CodeIgniter install
- Install the tables and add an application and some roles (think off a Facebook App and the roles you can request permissions for)
- Make sure you made your validate_user function in the oAuth_server.php file, at the bottom somewhere
Do a request
Now you want to perform an Authorization Request as a client. These few easy steps are documented in this section.
Edit: Philsturgeon's oAuth 2.0 authorization library could be used to automate this. Described here is the manual way.
For the library, this means going to:
/index.php/oauth?client_id=IN_YOUR_APPLICATION&redirect_uri=IN_YOUR_APPLICATION&response_type=code&scope=YOUR_ROLE
Fill in the variabels with the data you've putten in the database.
Debug some of the error's it might give..
If all goes well you dit the following:
Sign in -> Authorize application -> See you redirect_uri page with ?code=XXXXXXX
You'll want that XXXXXXX code
Then on the redirect_uri make a post to /index.php/oauth/access_token
With these variabels (you know them all now)
- client_id (in application table)
- client_secret (in application table)
- redirect_uri (in application table: where you want to go to save the access_token)
- code (the XXXXXX)
- grant_type (must be 'authorization_code') You know this after reading that section!
That post returns a JSON string containing the access_token (or an error). YEAH!
What's next
Save the access_token in you actual application and use it in requests. On your resource server (probably an API and the same CodeIgniter project as the Authorization server I just explained) you need to validate the access_token before returning results.
This works like this:
$this->load->library('oauth_resource_server');
if (!$this->oauth_resource_server->has_scope(array('account.basic')))
{
// Error logic here - "access token does not have correct permission"
show_error('An access token is required to request this resource.');
}
else
{
//GO RETURN RESULTS
}
Hope this gets you up and running!
PS: You need to build some admin area to manage applications, sessions and roles yourself though.
Eric
这篇关于将OAuth 2.0与CodeIgniter集成的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
