PHP Server::addGrantType方法代碼示例

 /**
  * @param ServiceLocatorInterface $services
  * @return OAuth2\Server
  * @throws Exception\RuntimeException
  */
 public function createService(ServiceLocatorInterface $services)
 {
     $config = $services->get('Config');
     if (!isset($config['zf-oauth2']['storage']) || empty($config['zf-oauth2']['storage'])) {
         throw new Exception\RuntimeException('The storage configuration [\'zf-oauth2\'][\'storage\'] for OAuth2 is missing');
     }
     $storage = $services->get($config['zf-oauth2']['storage']);
     $enforceState = isset($config['zf-oauth2']['enforce_state']) ? $config['zf-oauth2']['enforce_state'] : true;
     $allowImplicit = isset($config['zf-oauth2']['allow_implicit']) ? $config['zf-oauth2']['allow_implicit'] : false;
     $accessLifetime = isset($config['zf-oauth2']['access_lifetime']) ? $config['zf-oauth2']['access_lifetime'] : 3600;
     $options = isset($config['zf-oauth2']['options']) ? $config['zf-oauth2']['options'] : array();
     $options = array_merge($options, array('enforce_state' => $enforceState, 'allow_implicit' => $allowImplicit, 'access_lifetime' => $accessLifetime));
     // Pass a storage object or array of storage objects to the OAuth2 server class
     $server = new OAuth2Server($storage, $options);
     $clientOptions = array();
     if (isset($options['allow_credentials_in_request_body'])) {
         $clientOptions['allow_credentials_in_request_body'] = $options['allow_credentials_in_request_body'];
     }
     // Add the "Client Credentials" grant type (it is the simplest of the grant types)
     $server->addGrantType(new ClientCredentials($storage, $clientOptions));
     // Add the "Authorization Code" grant type (this is where the oauth magic happens)
     $server->addGrantType(new AuthorizationCode($storage));
     // Add the "User Credentials" grant type
     $server->addGrantType(new UserCredentials($storage));
     $refreshOptions = array();
     if (isset($options['always_issue_new_refresh_token'])) {
         $refreshOptions['always_issue_new_refresh_token'] = $options['always_issue_new_refresh_token'];
     }
     if (isset($options['refresh_token_lifetime'])) {
         $refreshOptions['refresh_token_lifetime'] = $options['refresh_token_lifetime'];
     }
     // Add the "Refresh Token" grant type
     $server->addGrantType(new RefreshToken($storage, $refreshOptions));
     return $server;
 }

 /**
  * Create an OAuth2\Server instance.
  *
  * @return OAuth2Server
  * @throws Exception\RuntimeException
  */
 public function __invoke()
 {
     if ($this->server) {
         return $this->server;
     }
     $config = $this->config;
     if (!isset($config['storage']) || empty($config['storage'])) {
         throw new Exception\RuntimeException('The storage configuration for OAuth2 is missing');
     }
     $storagesServices = array();
     if (is_string($config['storage'])) {
         $storagesServices[] = $config['storage'];
     } elseif (is_array($config['storage'])) {
         $storagesServices = $config['storage'];
     } else {
         throw new Exception\RuntimeException('The storage configuration for OAuth2 should be string or array');
     }
     $storage = array();
     foreach ($storagesServices as $storageKey => $storagesService) {
         $storage[$storageKey] = $this->services->get($storagesService);
     }
     $enforceState = isset($config['enforce_state']) ? $config['enforce_state'] : true;
     $allowImplicit = isset($config['allow_implicit']) ? $config['allow_implicit'] : false;
     $accessLifetime = isset($config['access_lifetime']) ? $config['access_lifetime'] : 3600;
     $audience = isset($config['audience']) ? $config['audience'] : '';
     $options = isset($config['options']) ? $config['options'] : array();
     $options = array_merge(array('enforce_state' => $enforceState, 'allow_implicit' => $allowImplicit, 'access_lifetime' => $accessLifetime), $options);
     // Pass a storage object or array of storage objects to the OAuth2 server class
     $server = new OAuth2Server($storage, $options);
     $availableGrantTypes = $config['grant_types'];
     if (isset($availableGrantTypes['client_credentials']) && $availableGrantTypes['client_credentials'] === true) {
         $clientOptions = array();
         if (isset($options['allow_credentials_in_request_body'])) {
             $clientOptions['allow_credentials_in_request_body'] = $options['allow_credentials_in_request_body'];
         }
         // Add the "Client Credentials" grant type (it is the simplest of the grant types)
         $server->addGrantType(new ClientCredentials($server->getStorage('client_credentials'), $clientOptions));
     }
     if (isset($availableGrantTypes['authorization_code']) && $availableGrantTypes['authorization_code'] === true) {
         // Add the "Authorization Code" grant type (this is where the oauth magic happens)
         $server->addGrantType(new AuthorizationCode($server->getStorage('authorization_code')));
     }
     if (isset($availableGrantTypes['password']) && $availableGrantTypes['password'] === true) {
         // Add the "User Credentials" grant type
         $server->addGrantType(new UserCredentials($server->getStorage('user_credentials')));
     }
     if (isset($availableGrantTypes['jwt']) && $availableGrantTypes['jwt'] === true) {
         // Add the "JWT Bearer" grant type
         $server->addGrantType(new JwtBearer($server->getStorage('jwt_bearer'), $audience));
     }
     if (isset($availableGrantTypes['refresh_token']) && $availableGrantTypes['refresh_token'] === true) {
         $refreshOptions = array();
         if (isset($options['always_issue_new_refresh_token'])) {
             $refreshOptions['always_issue_new_refresh_token'] = $options['always_issue_new_refresh_token'];
         }
         // Add the "Refresh Token" grant type
         $server->addGrantType(new RefreshToken($server->getStorage('refresh_token'), $refreshOptions));
     }
     return $this->server = $server;
 }

 public function init($type)
 {
     ini_set('display_errors', 1);
     error_reporting(E_ALL);
     vendor("OAuth2.Autoloader");
     $loader = new Autoloader();
     $loader::register();
     //數據庫存儲
     $storage = $this->getMysqlStorage();
     // Pass a storage object or array of storage objects to the OAuth2 server class
     if ($type == self::IMPLICIT) {
         $server = new Server($storage, array('allow_implicit' => true));
     } else {
         $server = new Server($storage, array('allow_implicit' => false));
     }
     if ($type == self::CLIENT_CREDENTIALS) {
         // 客戶端授權類型
         $server->addGrantType(new ClientCredentials($storage, array('allow_credentials_in_request_body => true')));
     } elseif ($type == self::AUTHORIZATION_CODE) {
         // 增加授權碼模式授權類型
         $server->addGrantType(new AuthorizationCode($storage));
     } elseif ($type == self::PASSWORD) {
         // 增加password模式授權類型
         $server->addGrantType(new UserCredentials($storage));
     } else {
         // 增加password模式授權類型
         $server->addGrantType(new UserCredentials($storage));
         // 增加授權碼模式授權類型
         $server->addGrantType(new AuthorizationCode($storage));
         // 客戶端授權類型
         $server->addGrantType(new ClientCredentials($storage));
     }
     return $server;
 }

 private function __construct()
 {
     // Database
     $db = (object) Config::get('database.connections.mysql');
     $dsn = 'mysql:dbname=' . $db->database . ';host=' . $db->host;
     $pdoconfig = array('client_table' => 'oauth_clients', 'access_token_table' => 'oauth_access_tokens');
     $storage = new Pdo(array('dsn' => $dsn, 'username' => $db->username, 'password' => $db->password), $pdoconfig);
     $this->server = new Server($storage, array('allow_implicit' => true, 'enforce_redirect' => true, 'access_lifetime' => 3600 * 24 * 365 * 2));
     $this->server->addGrantType(new AuthorizationCode($storage));
     $this->server->addGrantType(new RefreshToken($storage, array('always_issue_new_refresh_token' => true, 'refresh_token_lifetime' => 3600 * 24 * 31 * 2)));
 }

 /**
  *
  * @param Storage|\PDO $storage
  *
  * @param array        $config default array(
  * 'access_lifetime'          => 3600,
  * 'www_realm'                => 'Service',
  * 'token_param_name'         => 'access_token',
  * 'token_bearer_header_name' => 'Bearer',
  * 'enforce_state'            => true,
  * 'require_exact_redirect_uri' => true,
  * 'allow_implicit'           => false,
  * 'allow_credentials_in_request_body' => true,
  * ).
  */
 public function __construct($storage, $config = array())
 {
     $this->storage = $storage;
     $config = array_merge(array('enforce_state' => false), $config);
     // Pass a storage object or array of storage objects to the OAuth2 server class
     $server = new Server($storage, $config);
     // Add the "Client Credentials" grant type (it is the simplest of the grant types)
     $server->addGrantType(new ClientCredentials($storage));
     // Add the "Authorization Code" grant type (this is where the oauth magic happens)
     $server->addGrantType(new AuthorizationCode($storage));
     $server->addGrantType(new RefreshToken($storage));
     $this->server = $server;
 }

 /**
  * @return \OAuth2\Server
  */
 public function __invoke()
 {
     if (null !== $this->_server) {
         return $this->_server;
     }
     $this->_server = $this->_factory->__invoke();
     // register custom grant types
     $this->_server->addGrantType(new EmailCredentials($this->getServiceLocator()->get('CredentialsAdapter\\Email')));
     $this->_server->addGrantType(new CodeCredentials($this->getServiceLocator()->get('CredentialsAdapter\\Code')));
     $this->_server->addGrantType(new FacebookCredentials($this->getServiceLocator()->get('CredentialsAdapter\\Facebook')));
     $this->_server->addGrantType(new GoogleCredentials($this->getServiceLocator()->get('CredentialsAdapter\\Google')));
     return $this->_server;
 }

 /**
  * @return OAuth2Server
  */
 protected function bootstrap()
 {
     $db = $this->db;
     $config = ['user_table' => 'users'];
     $storage = new StoragePdo($db->getInternalHandler(), $config);
     // Pass a storage object or array of storage objects to the OAuth2 server class
     $server = new OAuth2Server($storage);
     // Add the "Client Credentials" grant type (it is the simplest of the grant types)
     $server->addGrantType(new ClientCredentials($storage));
     // Add the "Authorization Code" grant type (this is where the oauth magic happens)
     $server->addGrantType(new AuthorizationCode($storage));
     // add the grant type to your OAuth server
     $server->addGrantType(new UserCredentials($storage));
     return $server;
 }

 public function get()
 {
     $conn = ['db' => 'projekta'];
     $mongo = new \MongoClient('mongodb://localhost', $conn);
     $db = $mongo->selectDB("projekta");
     $storage = new Mongo($db);
     $server = new OauthServer($storage);
     //Password Grant
     $passwordGrant = new UserCredentials($storage);
     $server->addGrantType($passwordGrant);
     //RefreshToken Grant
     $refreshTokenGrant = new RefreshToken($storage);
     $server->addGrantType($refreshTokenGrant);
     return $server;
 }

 private function getTestServer()
 {
     $storage = Bootstrap::getInstance()->getMemoryStorage();
     $server = new Server($storage, array('use_openid_connect' => true));
     $server->addGrantType(new AuthorizationCode($storage));
     return $server;
 }

 public function middleware($req, $res)
 {
     $this->app['oauth_server'] = function ($c) {
         $storage = new IdealistStorage();
         $storage->injectApp($c);
         $server = new Server($storage);
         // password grant type
         $grantType = new UserCredentials($storage);
         $server->addGrantType($grantType);
         // JWT access token response type
         $config = $c['config']->get('oauth2');
         $jwtResponseType = new JwtAccessToken($storage, $storage, null, $config);
         $server->addResponseType($jwtResponseType);
         return $server;
     };
     $this->app['oauth_resource'] = function ($c) {
         $server = new Server();
         // no private key is necessary for the resource server
         $keyStorage = new Memory(['keys' => ['public_key' => file_get_contents(INFUSE_BASE_DIR . '/jwt_pubkey.pem')]]);
         $storage = new JwtAccessTokenStorage($keyStorage);
         $server->addStorage($storage, 'access_token');
         return $server;
     };
     // attempt to authenticate the user when an API request is made
     if ($req->isApi()) {
         $this->authenticateApiRequest();
     }
 }

 private function getTestServer()
 {
     $storage = Bootstrap::getInstance()->getMemoryStorage();
     $server = new Server($storage);
     $server->addGrantType(new UserCredentials($storage));
     return $server;
 }

 private function getTestServer($config = array())
 {
     $storage = Bootstrap::getInstance()->getMemoryStorage();
     $server = new Server($storage, $config);
     // Add the two types supported for authorization grant
     $server->addGrantType(new AuthorizationCode($storage));
     return $server;
 }

 private function getTestServer($config = array())
 {
     $config += array('use_openid_connect' => true, 'issuer' => 'test', 'id_lifetime' => 3600, 'allow_implicit' => true);
     $memoryStorage = Bootstrap::getInstance()->getMemoryStorage();
     $responseTypes = array('code' => $code = new AuthorizationCode($memoryStorage), 'id_token' => $idToken = new IdToken($memoryStorage, $memoryStorage, $config), 'code id_token' => new CodeIdToken($code, $idToken));
     $server = new Server($memoryStorage, $config, array(), $responseTypes);
     $server->addGrantType(new ClientCredentials($memoryStorage));
     return $server;
 }

 private function getTestServer($config = array())
 {
     $config += array('use_openid_connect' => true, 'issuer' => 'test', 'id_lifetime' => 3600);
     $memoryStorage = Bootstrap::getInstance()->getMemoryStorage();
     $responseTypes = array('token' => $token = new AccessToken($memoryStorage, $memoryStorage), 'id_token' => $idToken = new IdToken($memoryStorage, $memoryStorage, $config), 'id_token token' => new IdTokenToken($token, $idToken));
     $server = new Server($memoryStorage, $config, array(), $responseTypes);
     $server->addGrantType(new ClientCredentials($memoryStorage));
     return $server;
 }

 /**
  * Create an OAuth2 server by introspecting the config service
  *
  * @param  ServiceLocatorInterface $services
  * @throws \Zend\ServiceManager\Exception\ServiceNotCreatedException
  * @return false|OAuth2Server
  */
 protected function createOAuth2Server(ServiceLocatorInterface $services)
 {
     if (!$services->has('config')) {
         return false;
     }
     $config = $services->get('config');
     if (!isset($config['zf-oauth2']['storage']) || !is_string($config['zf-oauth2']['storage']) || !$services->has($config['zf-oauth2']['storage'])) {
         return false;
     }
     $storage = $services->get($config['zf-oauth2']['storage']);
     // Pass a storage object or array of storage objects to the OAuth2 server class
     $oauth2Server = new OAuth2Server($storage);
     // Add the "Client Credentials" grant type (it is the simplest of the grant types)
     $oauth2Server->addGrantType(new ClientCredentials($storage));
     // Add the "Authorization Code" grant type
     $oauth2Server->addGrantType(new AuthorizationCode($storage));
     return $oauth2Server;
 }