-
-
Save lixuefeng613/573c43f89d471888a9c2d1d65c6c0626 to your computer and use it in GitHub Desktop.
oauth的实现逻辑
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Created by PhpStorm. | |
* User: lxf | |
* Date: 2017/6/28 | |
* Time: 16:54 | |
*/ | |
namespace Common\Tools; | |
use OAuth2\GrantType\RefreshToken; | |
use OAuth2\GrantType\UserCredentials; | |
use OAuth2\Request; | |
use OAuth2\Response; | |
use OAuth2\Scope; | |
use OAuth2\Server; | |
use OAuth2\Storage\Memory; | |
class TokenUtil { | |
public $codeMsg=[]; | |
/** | |
* 获取token | |
* @return array | |
*/ | |
public function getToken() | |
{ | |
$server = $this->getServer(); | |
/** @var Response $response */ | |
$response = $server->handleTokenRequest(Request::createFromGlobals()); | |
$result = $response->getParameters(); | |
$result['statusCode'] =$response->getStatusCode(); | |
return $result; | |
} | |
/** | |
* 刷新token | |
* @return array | |
*/ | |
public function refresh() | |
{ | |
$server = $this->getServer(); | |
$response = $server->handleTokenRequest(Request::createFromGlobals()); | |
/** @var Response $response */ | |
$result = $response->getParameters(); | |
$result['statusCode'] =$response->getStatusCode(); | |
return $result; | |
} | |
/** | |
* 判断是否可以获取资源 | |
* @return array 成功返回token里面的用户id,失败返回失败信息 | |
*/ | |
public function resource() | |
{ | |
$server = $this->getServer(); | |
$_POST['client_id']=$server->getStorage('user_credentials')->clientId; | |
$_POST['client_secret']=$server->getStorage('user_credentials')->clientSecret; | |
// Handle a request to a resource and authenticate the access token | |
$flag=$server->verifyResourceRequest(Request::createFromGlobals()); | |
$response = $server->getResponse(); | |
if ( !$flag ) { | |
$result = $response->getParameters(); | |
$result['statusCode'] =$response->getStatusCode(); | |
}else{ | |
$token = $server->getAccessTokenData(Request::createFromGlobals()); | |
$result['statusCode'] =$response->getStatusCode(); | |
$result['member_id'] =$token['user_id']; | |
} | |
return $result; | |
} | |
/** | |
* 获取一个Oauth对象,里面设置范围;两种授权方式password,refresh_token | |
* @return Server | |
*/ | |
private function getServer() | |
{ | |
$redis = new Predis(6); | |
$storage = new MyRedis($redis->getClient()); | |
//$storage->setClientDetails('testclient','testpass'); | |
// Pass a storage object or array of storage objects to the OAuth2 server class | |
//设置刷新token,同时设置时间过期为28天 | |
$server = new Server($storage, array( | |
'refresh_token_lifetime' => 2419200, | |
'access_lifetime' => 60,//调试开启60秒 | |
)); | |
//范围 | |
$defaultScope = 'basic'; | |
$memory = new Memory(array('default_scope' => $defaultScope)); | |
$scopeUtil = new Scope($memory); | |
$server->setScopeUtil($scopeUtil); | |
$grantType = new UserCredentials($storage); | |
$grantType1 = new RefreshToken($storage, array( | |
'always_issue_new_refresh_token' => false | |
)); | |
// add the grant type to your OAuth server | |
$server->addGrantType($grantType); | |
$server->addGrantType($grantType1); | |
return $server; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment