Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

Last active September 21, 2016 17:59
Show Gist options
  • Star 6 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save adamlundrigan/336e28e14cee2eb16dfb to your computer and use it in GitHub Desktop.
Save adamlundrigan/336e28e14cee2eb16dfb to your computer and use it in GitHub Desktop.
Satellizer + Apigility (only direct login, no social integration)
  1. Install Apigility

  2. Create a ZF2 module, add the factory class from above, and enable it in your Apigility app

  3. Copy the config.php file to config/autoload/local.php and modify to suit

  4. Import the zf-oauth2 database schema (vendor/zfcampus/zf-oauth2/data/db_oauth2.sql) into the database you configured in 3

  5. Create a public client with a password grant type:

    INSERT INTO `oauth_clients` (`client_id`, `client_secret`, `redirect_uri`, `grant_types`, `scope`, `user_id`) VALUES ('satellizer', '', '/', 'password', NULL, NULL);
  6. Create a test user account:

    INSERT INTO `oauth_users` (`username`, `password`, `first_name`, `last_name`) VALUES ('', '<bcrypt hash>', 'Testy', 'McTesterson');

    You can generate a bcrypt hash using the command provided by zf-oauth2:

    php vendor/zfcampus/zf-oauth2/bin/bcrypt.php <password>
  7. In your Satellizer app, change the contents of your login controller to something like this:

    $scope.login = function() {
      var payload = {
          username: $, 
          password: $scope.password,
          'grant_type': 'password',
          'client_id': 'satellizer'
      $auth.login(payload).then(function() {
      }).catch(function() {
        alert('Login Failed!');

    And change the Satellizer config directive loginUrl to point to http://your-apigility-host.tld/oauth

  8. Profit!!!

// config/autoload/local.php
return array(
// Configure the DB adapter as you normally would for zf-oauth2
// (I used root credentials because I am shouldn't)
'zf-oauth2' => array(
'storage' => 'ZF\\OAuth2\\Adapter\\PdoAdapter',
'db' => array(
'dsn_type' => 'PDO',
'dsn' => 'mysql:dbname=example',
'username' => 'root',
'password' => 'rootroot',
'satellizer-server' => array(
// Also use pre-configured zf-oauth2 storage?
// (will store access tokens in database)
'inject_existing_storage' => false,
'keys' => array(
'public_key' => 'data/keys/pubkey.pem',
'private_key' => 'data/keys/privkey.pem',
'service_manager' => array(
'invokables' => array(
'satellizer-server-crypto-token-server' => 'SatellizerServer\Factory\CryptoTokenServerFactory',
'delegators' => array(
'ZF\OAuth2\Service\OAuth2Server' => array(
namespace SatellizerServer\Factory;
use Zend\ServiceManager\DelegatorFactoryInterface;
use Zend\ServiceManager\ServiceLocatorInterface;
class CryptoTokenServerFactory implements DelegatorFactoryInterface
public function createDelegatorWithName(ServiceLocatorInterface $serviceLocator, $name, $requestedName, $callback)
$server = call_user_func($callback);
$config = $serviceLocator->get('Config');
// Retrieve the pre-configured storage instance
$coreStorage = $config['satellizer-server']['inject_existing_storage'] === true
? $serviceLocator->get($config['zf-oauth2']['storage'])
// Load the public and private key files
$publicKey = file_get_contents($config['satellizer-server']['keys']['public_key']);
$privateKey = file_get_contents($config['satellizer-server']['keys']['private_key']);
// Instantiate in-memory storage for our keys
$storage = new \OAuth2\Storage\Memory(array(
'keys' => array(
'public_key' => $publicKey,
'private_key' => $privateKey,
// Make the "access_token" storage use Crypto Tokens instead of a database
$cryptoStorage = new \OAuth2\Storage\CryptoToken($storage, $coreStorage);
$server->addStorage($cryptoStorage, "access_token");
// make the "token" response type a CryptoToken
$cryptoResponseType = new \OAuth2\ResponseType\CryptoToken($storage, $coreStorage);
return $server;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment