我正在使用Slim Framework With Eloquent ORM.尝试实现https://github.com/thephpleague/oauth2-server但我完全很困惑如何做到这一点.使用composer添加后,我使用此包中提供的sql文件创建了数据库.
现在建议到implement Storage interfaces.我不想这样做,所以我只是复制了在Example Folder中找到的存储类.我猜他们应该工作,因为我正在使用相同的数据库吗?
还不清楚如何初始播种数据库.这是我的路由器,我正在尝试password方法.
$server = new \League\OAuth2\Server\AuthorizationServer;
$server->setSessionStorage(new SessionStorage);
$server->setAccessTokenStorage(new AccessTokenStorage);
$server->setClientStorage(new ClientStorage);
$server->setScopeStorage(new ScopeStorage);
$passwordGrant = new \League\OAuth2\Server\Grant\PasswordGrant();
$passwordGrant->setVerifyCredentialsCallback(function ($username, $password) {
// implement logic here to validate a username and password, return an ID if valid, otherwise return false
return 1;
});
$server->addGrantType($passwordGrant);
$app->post('/token',function() use ($server,$app){
try{
$response = $server->issueAccessToken();
$res = $app->response();
$res['Content-Type'] = 'application/json';
$res->body(json_encode($response));
} catch (\Exception $e) {
var_dump($e);
}
});
我很沮丧发生了什么事.
这引发了以下异常. [我已经在db中添加了范围]
object(League\OAuth2\Server\Exception\InvalidScopeException)[82]
public 'httpStatusCode' => int 400
public 'errorType' => string 'invalid_scope' (length=13)
public 'serverShouldRedirect' => boolean true
protected 'message' => string 'The requested scope is invalid, unknown, or malformed. Check the "ok" scope.' (length=76)
private 'string' (Exception) => string '' (length=0)
protected 'code' => int 0
protected 'file' => string 'C:\wamp\www\linkshare\vendor\league\oauth2-server\src\Grant\AbstractGrant.php' (length=77)
protected 'line' => int 163
private 'trace' (Exception) =>
array (size=11)
0 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\league\oauth2-server\src\Grant\PasswordGrant.php' (length=77)
'line' => int 130
'function' => string 'validateScopes' (length=14)
'class' => string 'League\OAuth2\Server\Grant\AbstractGrant' (length=40)
'type' => string '->' (length=2)
'args' =>
array (size=2)
...
1 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\league\oauth2-server\src\AuthorizationServer.php' (length=77)
'line' => int 330
'function' => string 'completeFlow' (length=12)
'class' => string 'League\OAuth2\Server\Grant\PasswordGrant' (length=40)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
2 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\index.php' (length=31)
'line' => int 67
'function' => string 'issueAccessToken' (length=16)
'class' => string 'League\OAuth2\Server\AuthorizationServer' (length=40)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
3 =>
array (size=2)
'function' => string '{closure}' (length=9)
'args' =>
array (size=0)
...
4 =>
array (size=4)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Route.php' (length=53)
'line' => int 462
'function' => string 'call_user_func_array' (length=20)
'args' =>
array (size=2)
...
5 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Slim.php' (length=52)
'line' => int 1326
'function' => string 'dispatch' (length=8)
'class' => string 'Slim\Route' (length=10)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
6 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Middleware\Flash.php' (length=64)
'line' => int 85
'function' => string 'call' (length=4)
'class' => string 'Slim\Slim' (length=9)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
7 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Middleware\MethodOverride.php' (length=73)
'line' => int 92
'function' => string 'call' (length=4)
'class' => string 'Slim\Middleware\Flash' (length=21)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
8 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Middleware\PrettyExceptions.php' (length=75)
'line' => int 67
'function' => string 'call' (length=4)
'class' => string 'Slim\Middleware\MethodOverride' (length=30)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
9 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\vendor\slim\slim\Slim\Slim.php' (length=52)
'line' => int 1271
'function' => string 'call' (length=4)
'class' => string 'Slim\Middleware\PrettyExceptions' (length=32)
'type' => string '->' (length=2)
'args' =>
array (size=0)
...
10 =>
array (size=6)
'file' => string 'C:\wamp\www\linkshare\index.php' (length=31)
'line' => int 131
'function' => string 'run' (length=3)
'class' => string 'Slim\Slim' (length=9)
'type' => string '->' (length=2)
'args' =>
array (size=0)
解决方法:
OAuth 2.0对于正确理解和使用非常具有挑战性.事实上,OAuth 2.0 famously walked away from the protocol after years of developing for it的领先地位.据Eran Hammer(上述首席开发人员)称:
When compared with OAuth 1.0, the 2.0 specification is more complex,
less interoperable, less useful, more incomplete, and most
importantly, less secure.To be clear, OAuth 2.0 at the hand of a developer with deep
understanding of web security will likely result is a secure
implementation. However, at the hands of most developers – as has been
the experience from the past two years – 2.0 is likely to produce
insecure implementations.
不用说,OAuth 2.0存在争议. PHP联盟的OAuth 2.0-Server框架的首席开发人员Alex Bilbie似乎是OAuth 2.0知识渊博的开发人员之一,尽管毫无疑问会有更多.尽管如此,请记住Hammer最大的抱怨之一 – 缺乏互操作性和完整性 – 您可能希望在OAuth 2.0实现中寻找以下内容:
>积极发展
>完全符合OAuth 2.0
我个人使用并推荐Alex Bilbie的OAuth 2.0服务器,它现在包含MAC承载令牌,旨在完全兼容.它也在积极发展.
那么,这对您的项目意味着什么?阅读规格.我们使用的软件包声称完全符合要求,这意味着您最好的资源是OAuth 2.0’s specification本身. PHP League website下还有一些不错的文档可以帮助您完成这个特定的实现.
话虽这么说,您可能会错过您的客户/用户组合的范围. OAuth2.0的结构方式,您的用户需要接受客户端请求的范围.这意味着您的“范围”需要在其他表中链接.如果“OK”未被用户批准(在DB中),则不会批准.
编辑
听起来像范围对你来说不是问题.这个场地不适合排除故障,因此我建议您确保拥有您选择使用的任何框架的最新版本,并向开发人员报告任何错误(使用PHPLeague,通过Github).