逻辑
1、授权页,登录将code与user_id绑定,并返回code
2、通过code获取access_token及user_id
1、下载sdk:https://github.com/bshaffer/oauth2-server-php
2、创建数据表
CREATE TABLE oauth_clients (client_id VARCHAR(80) NOT NULL, client_secret VARCHAR(80) NOT NULL, redirect_uri VARCHAR(2000) NOT NULL, grant_types VARCHAR(80), scope VARCHAR(100), user_id VARCHAR(80), CONSTRAINT clients_client_id_pk PRIMARY KEY (client_id));
CREATE TABLE oauth_access_tokens (access_token VARCHAR(40) NOT NULL, client_id VARCHAR(80) NOT NULL, user_id VARCHAR(255), expires TIMESTAMP NOT NULL, scope VARCHAR(2000), CONSTRAINT access_token_pk PRIMARY KEY (access_token));
CREATE TABLE oauth_authorization_codes (authorization_code VARCHAR(40) NOT NULL, client_id VARCHAR(80) NOT NULL, user_id VARCHAR(255), redirect_uri VARCHAR(2000), expires TIMESTAMP NOT NULL, scope VARCHAR(2000), CONSTRAINT auth_code_pk PRIMARY KEY (authorization_code));
CREATE TABLE oauth_refresh_tokens (refresh_token VARCHAR(40) NOT NULL, client_id VARCHAR(80) NOT NULL, user_id VARCHAR(255), expires TIMESTAMP NOT NULL, scope VARCHAR(2000), CONSTRAINT refresh_token_pk PRIMARY KEY (refresh_token));
CREATE TABLE oauth_users (username VARCHAR(255) NOT NULL, password VARCHAR(2000), first_name VARCHAR(255), last_name VARCHAR(255), CONSTRAINT username_pk PRIMARY KEY (username));
CREATE TABLE oauth_scopes (scope TEXT, is_default BOOLEAN);
CREATE TABLE oauth_jwt (client_id VARCHAR(80) NOT NULL, subject VARCHAR(80), public_key VARCHAR(2000), CONSTRAINT jwt_client_id_pk PRIMARY KEY (client_id));
3、获取code、access_token、user_id
<?php
/**
* auth2.0登录
*/
namespace wscommon\modules;
use OAuth2\Autoloader;
use OAuth2\GrantType\AuthorizationCode;
use OAuth2\GrantType\ClientCredentials;
use OAuth2\Request;
use OAuth2\Response;
use OAuth2\Server;
use OAuth2\Storage\Pdo;
use Yii;
use yii\base\Exception;
class Oauth
{
/**
* 构造函数
*/
public function __construct()
{
}
// 配置server
public function server()
{
global $_SC;
$dsn = 'mysql:dbname=my_oauth2_db;host=localhost';
$username = 'root';
$password = '123456';
// error reporting (this is a demo, after all!)
// ini_set('display_errors',1);error_reporting(E_ALL);
// Autoloading (composer is preferred, but for this example let's just do this)
Autoloader::register();
// $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"
$storage = new Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
// Pass a storage object or array of storage objects to the OAuth2 server class
$server = new Server($storage);
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
$server->addGrantType(new ClientCredentials($storage));
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
$server->addGrantType(new AuthorizationCode($storage));
return $server;
}
// 获取code
public function authorize($uid)
{
$request = Request::createFromGlobals();
$response = new Response();
$server = $this->server();
// validate the authorize request
if (!$server->validateAuthorizeRequest($request, $response)) {
return $response->send();
}
// print the authorization code if the user has authorized your client
$is_authorized = true;
$server->handleAuthorizeRequest($request, $response, $is_authorized, $uid);
// this is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client
$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
$return = ['code' => $code];
return arr2param($return);
}
// 获取access_token和user_id
public function token()
{
$server = $this->server();
$request = Request::createFromGlobals();
$token = $server->handleTokenRequest($request)->send();
$tokenArr = param2arr($token);
if ($tokenArr['error']) {
return $token;
}
$request->request['access_token'] = $tokenArr['access_token'];
if (!$server->verifyResourceRequest($request)) {
return $server->getResponse()->send();
}
$token = $server->getAccessTokenData($request);
$token = arr2param($token);
return $token;
}
}
参考:https://blog.csdn.net/u013339223/article/details/46004487