Usage Example

[demorf]

Hello, thanks for the good work on this module it looks cool and professional :)

Can you please update the Usage example as it is not very clear.

I added the behaviors on my SiteController and seems to work,
but can not manage to send a proper requests I always get this error:

"You are requesting with an invalid credential."

Is there anything special about the controller or the params to make it work ?

[jvalecillos]

Hello, I also have some questions about the use of this module. How are you supposed to use the authentication?

[anders-akero]

I also have same question. Anyone here who have an answer yet?
Some more example would be nice.

[marnap89]

I have also a problem with implementation of this extension.

[mtangoo]

@jvalecillos @anders-akero this is implementation of OAuth2. So I guess you have to read what it says of it

[nucreativa]

i don't undestand with this statement "common\models\User - user model implementing an interface \OAuth2\Storage\UserCredentialsInterface, so the oauth2 credentials data stored in user table", can someone help me?

[mtangoo]

I guess I will have to write simple tutorial!

[nucreativa]

<?php

namespace app\models;

use Yii;

/**
 * This is the model class for table "oauth_users".
 *
 * @property string $username
 * @property string $password
 * @property string $first_name
 * @property string $last_name
 */
class User extends \yii\db\ActiveRecord implements \OAuth2\Storage\UserCredentialsInterface
{

@mtangoo is this correct?

[mtangoo]

I will put together a very simple tutorial this night!

[AlQurashi]

+1
It would be really nice if we have a more detailed example. describing all functionality.
Thx

[levi-putna]

+1 Need some more examples, it took me a few hours to work out what I needed to do to get this working.

[zolek86]

+1
Hey, I'm also struggling with the documentation, I'm not really sure what I should do in findIdentityByAccessToken method in my User model. I'm getting the token as I'm supposed to but what then?

[mtangoo]

Not sure how useful it is but have a look at this http://www.yiiframework.com/forum/index.php/topic/60293-oauth2-server/page__pid__281355#entry281355

[sanusi87]

+1

here is what i found out

'oauth2' => [
    'class' => 'filsh\yii2\oauth2server\Module',
    'tokenParamName' => 'accessToken',
    'tokenAccessLifetime' => 3600 * 24,
    'storageMap' => [
        'user_credentials' => 'common\models\User',
    ],
    'grantTypes' => [
        'user_credentials' => [
            'class' => 'OAuth2\GrantType\UserCredentials',
        ],
        'refresh_token' => [
            'class' => 'OAuth2\GrantType\RefreshToken',
            'always_issue_new_refresh_token' => true
        ]
    ]
]

this snippet should be included inside application configuration, that is on the same level as

$config = [
   ...
   'components' => [...],
   'params' => ....
   'oauth2' => ...
   ...
];

and another thing is my vendor folder, there is no DefaultController class that is use to load the /oauth2/token url, so i download the file from this repo and add it into the vendor folder, maybe this is not a good approach, but it works for me.

Then, when I try to get the access token:

curl -v -i -H "Accept:application/json" -H "Content-Type:application/json" "http://api.jenjobs.local/oauth2/token" -XPOST -d '{"grant_type":"password","username":"xxx","password":"xxx","client_id":"testclient","client_secret":"testpass"}'

the result

{"access_token":"0a9e3d64ad9efe228abca5a846d74e4a8b2a0ea5","expires_in":86400,"token_type":"Bearer","scope":null

[mtangoo]

#43

[fonemi]

Here is my User::findIdentityByAccessToken method code:

public static function findIdentityByAccessToken($token, $type = null) {
        $retval = null;

        $oauthServer = Yii::$app->getModule('oauth2')->getServer();
        $oauthRequest = Yii::$app->getModule('oauth2')->getRequest();

        $oauthServer->verifyResourceRequest($oauthRequest);

        $token = $oauthServer->getAccessTokenData($oauthRequest);
        $retval = self::findOne($token['user_id']);

        return $retval;
    }

Inspired by yii2-oauth2-server/filters/auth/CompositeAuth.php.

You should change use filsh\yii2\oauth2server\filters\auth\CompositeAuth; to use yii\filters\auth\CompositeAuth; (to default one) in your controllers' code in order to avoid double verification.

Maybe it helps.

[marnap89]

:( This version is so buggy... I should not do any fixes in external library! (But I have to :/)

[mtangoo]

and share back a fix

[varp]

Please, be guided by the latest readme in the master branch.