一,引入OAuth-server包
composer require bshaffer/oauth2-server-php
二,创建数据表-- ------------------------------ Table structure for `oauth_access_tokens`-- ----------------------------DROP TABLE IF EXISTS `oauth_access_tokens`;CREATE TABLE `oauth_access_tokens` (
`access_token` varchar(40) NOT NULL,
`client_id` varchar(80) NOT NULL,
`user_id` varchar(80) DEFAULT NULL,
`expires` timestamp NOT NULL,
`scope` varchar(4000) DEFAULT NULL,
PRIMARY KEY (`access_token`),
UNIQUE KEY `IDX_ACCESS_TOKEN` (`access_token`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;-- ------------------------------ Table structure for `oauth_authorization_codes`-- ----------------------------DROP TABLE IF EXISTS `oauth_authorization_codes`;CREATE TABLE `oauth_authorization_codes` (
`authorization_code` varchar(40) NOT NULL,
`client_id` varchar(80) NOT NULL,
`user_id` varchar(80) DEFAULT NULL,
`redirect_uri` varchar(2000) DEFAULT NULL,
`expires` timestamp NOT NULL,
`scope` varchar(4000) DEFAULT NULL,
`id_token` varchar(1000) DEFAULT NULL,
PRIMARY KEY (`authorization_code`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;-- ------------------------------ Table structure for `oauth_clients`-- ----------------------------DROP TABLE IF EXISTS `oauth_clients`;CREATE TABLE `oauth_clients` (
`client_id` varchar(80) NOT NULL,
`client_secret` varchar(80) DEFAULT NULL,
`redirect_uri` varchar(2000) DEFAULT NULL,
`grant_types` varchar(80) DEFAULT NULL,
`scope` varchar(4000) DEFAULT NULL,
`user_id` varchar(80) DEFAULT NULL,
PRIMARY KEY (`client_id`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;-- ------------------------------ Records of oauth_clients-- ----------------------------INSERT INTO `oauth_clients` VALUES ('testclient', 'testpass', 'http://test.com/', null, null, '1');-- ------------------------------ Table structure for `oauth_jwt`-- ----------------------------DROP TABLE IF EXISTS `oauth_jwt`;CREATE TABLE `oauth_jwt` (
`client_id` varchar(80) NOT NULL,
`subject` varchar(80) DEFAULT NULL,
`public_key` varchar(2000) NOT NULL) ENGINE=MyISAM DEFAULT CHARSET=utf8;-- ------------------------------ Records of oauth_jwt-- ------------------------------ ------------------------------ Table structure for `oauth_refresh_tokens`-- ----------------------------DROP TABLE IF EXISTS `oauth_refresh_tokens`;CREATE TABLE `oauth_refresh_tokens` (
`refresh_token` varchar(40) NOT NULL,
`client_id` varchar(80) NOT NULL,
`user_id` varchar(80) DEFAULT NULL,
`expires` timestamp NOT NULL,
`scope` varchar(4000) DEFAULT NULL,
PRIMARY KEY (`refresh_token`),
UNIQUE KEY `IDX_REFRESH_TOKEN` (`refresh_token`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;-- ------------------------------ Table structure for `oauth_scopes`-- ----------------------------DROP TABLE IF EXISTS `oauth_scopes`;CREATE TABLE `oauth_scopes` (
`scope` varchar(80) NOT NULL,
`is_default` tinyint(1) DEFAULT NULL,
PRIMARY KEY (`scope`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;-- ------------------------------ Records of oauth_scopes-- ------------------------------ ------------------------------ Table structure for `oauth_users`-- ----------------------------DROP TABLE IF EXISTS `oauth_users`;CREATE TABLE `oauth_users` (
`username` varchar(80) DEFAULT NULL,
`password` varchar(80) DEFAULT NULL,
`first_name` varchar(80) DEFAULT NULL,
`last_name` varchar(80) DEFAULT NULL,
`email` varchar(80) DEFAULT NULL,
`email_verified` tinyint(1) DEFAULT NULL,
`scope` varchar(4000) DEFAULT NULL) ENGINE=MyISAM DEFAULT CHARSET=utf8;-- ------------------------------ Records of oauth_users-- ----------------------------INSERT INTO `oauth_users` VALUES ('zq', '7c4a8d09ca3762af61e59520943dc26494f8941b', null, null, null, null, null);
三,密码获取TOKEN方式class OAuth extends BaseController{
protected $server;
public function __construct(App $app)
{
parent::__construct($app);
$dsn = 'mysql:dbname=tp6;host=127.0.0.1';
$username = 'root';
$password = 'root';
\OAuth2\Autoloader::register();
//创建存储的方式
$storage = new \OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
//创建server
$server = new \OAuth2\Server($storage);
// 添加password授予类型
$server->addGrantType(new \OAuth2\GrantType\UserCredentials($storage));
//添加refresh_token授予类型
$server->addGrantType(new \OAuth2\GrantType\RefreshToken($storage, array(
'always_issue_new_refresh_token' => true
)));
$this->server = $server;
}
public function authorize()
{
$request = \OAuth2\Request::createFromGlobals();
//如果grant_type=password,生成并获取token
//如果grant_type=refresh_token,更新并获取token
$res = $this->server->handleTokenRequest($request)->send();
}
public function check(){
if (!$this->server->verifyResourceRequest(\OAuth2\Request::createFromGlobals())) {
$this->server->getResponse()->send();
die;
}
//获取用户信息
$token = $this->server->getAccessTokenData(\OAuth2\Request::createFromGlobals());
echo "User ID associated with this token is {$token['user_id']}";
}}
四,测试
获取access_token
刷新token
获取用户信息