我正在使用 Slim Framework 和 Eloquent ORM .试图实现 https://github.com/thephpleague/oauth2-server但我完全不知道该怎么做。用 Composer 添加后,我用这个包中提供的 sql 文件创建了数据库。
现在建议implement Storage interfaces .我不想这样做,所以我只是复制了示例文件夹中的存储类。我想它们应该可以正常工作,因为我使用的是相同的数据库吗?
还不清楚最初如何播种数据库。这是我正在尝试的路由器 password方法。
$server = new \League\OAuth2\Server\AuthorizationServer;
$server->setSessionStorage(new SessionStorage);
$server->setAccessTokenStorage(new AccessTokenStorage);
$server->setClientStorage(new ClientStorage);
$server->setScopeStorage(new ScopeStorage);
$passwordGrant = new \League\OAuth2\Server\Grant\PasswordGrant();
$passwordGrant->setVerifyCredentialsCallback(function ($username, $password) {
// implement logic here to validate a username and password, return an ID if valid, otherwise return false
return 1;
});
$server->addGrantType($passwordGrant);
$app->post('/token',function() use ($server,$app){
try{
$response = $server->issueAccessToken();
$res = $app->response();
$res['Content-Type'] = 'application/json';
$res->body(json_encode($response));
} catch (\Exception $e) {
var_dump($e);
}
});
我对发生的事情感到非常沮丧。
这会引发以下异常。 [我在数据库中添加了作用域ok]
object(League\OAuth2\Server\Exception\InvalidScopeException)[82]
public 'httpStatusCode' => int 400
public 'errorType' => string 'invalid_scope' (length=13)
public 'serverShouldRedirect' => boolean true
protected 'message' => string 'The requested scope is invalid, unknown, or malformed. Check the "ok" scope.' (length=76)
private 'string' (Exception) => string '' (length=0)
protected 'code' => int 0
protected 'file' => string 'C:\wamp\www\linkshare\vendor\league\oauth2-server\src\Grant\AbstractGrant.php' (length=77)
protected 'line' => int 163
private 'trace' (Exception) =>
array (size=11)
0 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\league\oauth2-server\src\Grant\PasswordGrant.php' (length=77)
'line' => int 130
'function' => string 'validateScopes' (length=14)
'class' => string 'League\OAuth2\Server\Grant\AbstractGrant' (length=40)
'type' => string '->' (length=2)
'args' =>
array (size=2)
...
1 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\league\oauth2-server\src\AuthorizationServer.php' (length=77)
'line' => int 330
'function' => string 'completeFlow' (length=12)
'class' => string 'League\OAuth2\Server\Grant\PasswordGrant' (length=40)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
2 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\index.php' (length=31)
'line' => int 67
'function' => string 'issueAccessToken' (length=16)
'class' => string 'League\OAuth2\Server\AuthorizationServer' (length=40)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
3 =>
array (size=2)
'function' => string '{closure}' (length=9)
'args' =>
array (size=0)
...
4 =>
array (size=4)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Route.php' (length=53)
'line' => int 462
'function' => string 'call_user_func_array' (length=20)
'args' =>
array (size=2)
...
5 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Slim.php' (length=52)
'line' => int 1326
'function' => string 'dispatch' (length=8)
'class' => string 'Slim\Route' (length=10)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
6 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Middleware\Flash.php' (length=64)
'line' => int 85
'function' => string 'call' (length=4)
'class' => string 'Slim\Slim' (length=9)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
7 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Middleware\MethodOverride.php' (length=73)
'line' => int 92
'function' => string 'call' (length=4)
'class' => string 'Slim\Middleware\Flash' (length=21)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
8 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Middleware\PrettyExceptions.php' (length=75)
'line' => int 67
'function' => string 'call' (length=4)
'class' => string 'Slim\Middleware\MethodOverride' (length=30)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
9 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Slim.php' (length=52)
'line' => int 1271
'function' => string 'call' (length=4)
'class' => string 'Slim\Middleware\PrettyExceptions' (length=32)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
10 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\index.php' (length=31)
'line' => int 131
'function' => string 'run' (length=3)
'class' => string 'Slim\Slim' (length=9)
'type' => string '->' (length=2)
'args' =>
array (size=0)
最佳答案
OAuth 2.0 很难正确理解和使用。事实上,OAuth 2.0 的领先地位 famously walked away from the protocol after years of developing for it .根据 Eran Hammer(上述首席开发人员)的说法:
When compared with OAuth 1.0, the 2.0 specification is more complex, less interoperable, less useful, more incomplete, and most importantly, less secure.
To be clear, OAuth 2.0 at the hand of a developer with deep understanding of web security will likely result is a secure implementation. However, at the hands of most developers – as has been the experience from the past two years – 2.0 is likely to produce insecure implementations.
不用说,关于 OAuth 2.0 存在一些争论。 PHP League 的 OAuth 2.0-Server 框架的首席开发人员 Alex Bilbie 似乎是 OAuth 2.0 知识渊博的开发人员之一,尽管毫无疑问还有更多。尽管如此,请牢记 Hammer 较大的提示之一 - 缺乏互操作性和完整性 - 您可能希望在 OAuth 2.0 实现中寻找以下内容:
- 积极发展
- 完全符合 OAuth 2.0
我个人使用并推荐 Alex Bilbie 的 OAuth 2.0-Server,它现在包含 MAC 承载 token 并旨在完全兼容。它也在积极开发中。
那么,这对您的项目意味着什么?阅读规范。我们使用的包声称完全合规,这意味着您最好的资源是 OAuth 2.0's specification本身。 PHP League website 下也有不错的文档可以帮助您完成此特定实现。
话虽如此,您可能缺少客户/用户组合的范围。 OAuth2.0 的结构方式,您的用户需要接受客户端请求的范围。这意味着您的“范围”需要链接到您的其他表中。如果“OK”没有被用户(在数据库中)批准,那么它将不会被批准。
编辑
听起来示波器对您来说不是问题。这个场所不太适合进行故障排除,因此我建议您确保拥有您选择使用的任何框架的最新版本,并向开发人员报告任何错误(对于 PHPLeague,它是通过 Github)。
关于php - 指导我使用 phpleague 库实现 Oauth2 PHP 服务器,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26317300/