Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
OAuth 1.0 and 2.0 ServiceProvider Plugin for the framework symfony
PHP
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
config
doc
lib
modules
LICENSE
README
README.markdown
TODO.txt

README.markdown

sfOauthServerPlugin

Introduction

This plugin allows you to create easily an authentication system for a module or an action. It works with OAuth 1.0 and 2.0 For example, it allows you to secure an API and control access and permissions of each customer (application).

If you find bugs or if you have some suggestions, please contact me.

Installation

  • Install the plugin (via a package)

    symfony plugin:install sfOauthServerPlugin
    
  • Activate the plugin in the config/ProjectConfiguration.class.php

    [php]
    class ProjectConfiguration extends sfProjectConfiguration
    {
      public function setup()
      {
        $this->enablePlugins(array(
          'sfDoctrinePlugin', 
          'sfDoctrineGuardPlugin',
          'sfOauthServerPlugin'
        ));
      }
    }
    
  • Rebuild your model

  • Enable modules There are five modules in this plugin : sfOauthAuth, sfOauthApplication,sfOauthDeveloper sfOauthAdmin, sfOauthTest

sfOauthAuth : to exchange token and code for the authentication.

sfOauthApplication : has just one action for the moment : authorize It is in this action that an user accept or not an application to access to data.

sfOauthDeveloper : It is for developers. You can define developers for an application. For the moment they can change some parameters and see how many people use their application.

sfOauthAdmin : for the backend to manage consumers.

sfOauthTest: examples.

You have to enabled these modules in yours applications. ( In my case, i have three applications : api where "sfOauthAuth" is enabled, the frontend ("sfOauthApplication" and "sfOauthDeveloper enabled) and the backend with "sfOauthAdmin". )

  • For example :

     Enable the modules sfOauthAuth in "settings.yml" file of api application
      all:
       .settings:
         enabled_modules: [...,sfOauthAuth]
    

Usage

Now to secure a module/action, just create a config file "oauth.yml" in the config repertory of the module. It works exactly like the security.yml

  • This is an example of configuration :

    oauth.yml
    all:
      is_secure : false
    info:
      is_secure : true
    permissions : [ read , write ]
    

For more information about how write permissions please see here : http://www.symfony-project.org/jobeet/1_4/Doctrine/en/13#chapter_13_sub_authorization

To fix permissions (or scope) of a consumer, just write them in the field scope of sfOauthServerConsumer with a space between eatch right. for example :

$consumer->setScope('read write');

How it works

This plugin uses two vendor libraries :

When requests from application are not good they throw exceptions. By default symfony catch them and show an 500 internal error for the production and an error page with many information about exceptions for developmennt. sfOauthServerPlugin listens exceptions (event : 'application.throw_exception') and if the type (class name) is OAuthException it treats it to show it in the good way and readable for application. Two formats are avaibles for the display of exceptions ( json and xml) but you can easily add an other by adding a file in /sfOauthServerPlugin/config/error/error.myformat.php

You can find more informations about OAuth authentication steps in the repertory "doc"

License and credits

This plugin has been developed by Jean-Baptiste Cayrou and is licensed under the MIT license.

Something went wrong with that request. Please try again.