filsh / yii2-oauth2-server Goto Github PK
View Code? Open in Web Editor NEWA wrapper for implementing an OAuth2 Server(https://github.com/bshaffer/oauth2-server-php)
License: MIT License
A wrapper for implementing an OAuth2 Server(https://github.com/bshaffer/oauth2-server-php)
License: MIT License
I'm not really sure what happened, but where did the handleAuthorizeRequest method in Module.php go in the 2.0.1 branch? It seems to be removed in the JWT commits a few day ago. Why?
So far i have to create a custom controller to handle OPTIONS requests on oauth endpoint:
'rules' => [
'POST oauth2/<action:\w+>/' => 'oauth2/default/<action>',
'OPTIONS oauth2/<action:\w+>/' => 'site/oauthOptions',
I had to override the DefaultController to add CORS behavior:
<?php
namespace app\controllers;
use app\extensions\Cors;
use filsh\yii2\oauth2server\controllers\DefaultController;
use yii;
class OauthController extends DefaultController
{
public function init(){
parent::init();
$this->module = Yii::$app->getModule('oauth2');
}
/**
* @inheritdoc
*/
public function behaviors()
{
return yii\helpers\ArrayHelper::merge(parent::behaviors(), [
'corsFilter' => [
'class' => Cors::className() // some custom config inside the class
],
]);
}
public function actionOptions()
{
Yii::$app->getResponse()->getHeaders()->set('Allow', implode(', ', ['OPTIONS', 'POST']));
}
}
Without that each oauth request will fail because of no CORS headers
Thanks for your great work. It is perfect if there's more illustration of Installation and usage in README.
The syntax of the migration script does not support Postgresql databases.
...
'PRIMARY KEY (client_id
)'
...
'expires' => Schema::TYPE_TIMESTAMP . ' NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP',
...
Im trying to make a simple POST to a controller. I already have the token, but it only works via GET, when I switch to POST it throws an "Unauthorized: You are requesting with an invalid credential".
Please refer to stackoverflow full question: http://stackoverflow.com/questions/35853755/yii2-and-oauth2-unauthorized-when-sending-post-data
Thanks in advance.
Implicit Type discribed here:
https://bshaffer.github.io/oauth2-server-php-docs/grant-types/implicit/
there are no support for /authorize
endpoint for now
we may discuss how to implement it, using Yii2 features and make it easy to use
This extensions is supported?
Hi. This is more of a question... How do I exclude an API endpoint from requiring a token?
Upgrade required OAuth server to 1.7 https://github.com/bshaffer/oauth2-server-php/releases/tag/v1.7.0
Filsh,
When using tablePrefix, migrations creates all tables correctly, but the Pdo.php is not overwriting the $config variable from OAuth2\Storage\Pdo.php.
SQLSTATE[42S02]: Base table or view not found: 1146 Table 'database.oauth_access_tokens' doesn't exist
Thanks for your work.
Can you give us a tutorial about how to use it, thanks!
After studiying the @mtangoo library based in this module and the specification in the documentation of this module, I have a question about the use of CompositeAuth::className() as an authenticator.
It's supposed to be able to stop a query without token, but it only checks that in the beforeAction step. Also it doesn't throw an error or anything. It only checks if token is valid and if it is or isn't, continues the check calling in the example two authmethods that check the access token in the declared component user model that maybe or maybe not have a valid loginByAccessToken call with the oauth token. (code comes a little confusing here, sorry). Shouldn't be better to implement a more direct approach compatible with oauth authentication based ONLY in token checking and, if we want to add something more (which in theory would be breaking the oauth2 standard) have an option for that?
Hello,
I have a question about the following function:
public static function findIdentityByAccessToken($token, $type = null)
{
/** @var \filsh\yii2\oauth2server\Module $module */
$module = Yii::$app->getModule('oauth2');
$token = $module->getServer()->getResourceController()->getToken();
return !empty($token['user_id'])
? static::findIdentity($token['user_id'])
: null;
}
What´s the point of sending $token by parameter if it´s overwritten on that line, before using it?
$token = $module->getServer()->getResourceController()->getToken();
version 2.0.1 installs - bshaffer/oauth2-server-php (v1.7.1)
and in yii2 advanced template I get a 404 error when trying to generate an access token
2015-09-07 13:10:59 [127.0.0.1][-][-][error][yii\web\HttpException:404] exception 'yii\base\InvalidRouteException' with message 'Unable to resolve the request "oauth2/default/token".' in /home/user/project/devel.local/vendor/yiisoft/yii2/base/Module.php:461
Stack trace:
#0 /home/user/project/devel.local/vendor/yiisoft/yii2/web/Application.php(84): yii\base\Module->runAction('oauth2/default/...', Array)
#1 /home/user/project/devel.local/vendor/yiisoft/yii2/base/Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))
#2 /home/user/project/devel.local/api/www/index.php(17): yii\base\Application->run()
#3 {main}
Next exception 'yii\web\NotFoundHttpException' with message 'Page not found.' in /home/user/project/devel.local/vendor/yiisoft/yii2/web/Application.php:96
Stack trace:
#0 /home/user/project/devel.local/vendor/yiisoft/yii2/base/Application.php(375): yii\
my bad composer.json composer config:
"minimum-stability": "stable",
"require": {
"php": ">=5.4.0",
"yiisoft/yii2": ">=2.0.6",
"yiisoft/yii2-bootstrap": "*",
"yiisoft/yii2-swiftmailer": "*",
"dektrium/yii2-user": "0.9.*@dev",
"dektrium/yii2-rbac": "dev-master",
"filsh/yii2-oauth2-server": "~2.0.1"
},
everything works fine with composer.json:
"minimum-stability": "stable",
"require": {
"php": ">=5.4.0",
"yiisoft/yii2": ">=2.0.6",
"yiisoft/yii2-bootstrap": "*",
"yiisoft/yii2-swiftmailer": "*",
"dektrium/yii2-user": "0.9.*@dev",
"dektrium/yii2-rbac": "dev-master",
"filsh/yii2-oauth2-server": "dev-master"
},
When a new stable version is released?
The table oauth_public_keys is missing from the migration down.
Hello fellow developers...
Is it possible to authorize via GET request (p.s. oauth2/token?grant_type=password&username=test&password=test&client_id=testclient&client_secret=testpass) ?
When I try to auth via GET it returns me:
{"name":"Method Not Allowed","message":"The request method must be POST when requesting an access token","code":0,"status":405,"type":"filsh\yii2\oauth2server\exceptions\HttpException"}
I am facing problems with implementing client-side... It seems most of the ready libraries for android supports authorization via GET request...
Thanks in advance :)
Hello, now i want to customize oauth2/token method, so can i do. I want to show more information with response message. thanks
I'm trying to use this extension but I'm getting the error below:
Call to a member function getServer() on a non-object
Any help?
After updating yo yii2.0.6 - when I run my application - I get the following error:
Setting unknown property: filsh\yii2\oauth2server\Module::options
The issue is due the
'options' =>[
'token_param_name' => 'access_token',
'access_lifetime' => 3600 * 24
]
setting in the application/config/common.php under the oauth2 module which was done according to README.md
Hello!
In file Module.php
on line 39-42:
$server->addGrantType(new \OAuth2\GrantType\UserCredentials($storages['user_credentials']));
$server->addGrantType(new \OAuth2\GrantType\RefreshToken($storages['refresh_token'], [
'always_issue_new_refresh_token' => true
]));
Only these 2 grant types are added to server. Without overriding this class, I cannot add other grant types that are already supported by bshaffer/oauth2-server-php
.
bshaffer/oauth2-server-php
, and these could be restricted in table oauth_clients
.oauth_clients
table, having grant type client_credentials
set, but because of the aboves, it does not work...curl -v -X POST -u testclient:testpass "http://api.test.domain/oauth2/token" -d 'grant_type=client_credentials'
{"name":"Bad Request","message":"Grant type \"client_credentials\" not supported","code":0,"status":400,"type":"yii\\web\\HttpException"}
oauth_public_keys
missing from your migration?CREATE TABLE oauth_public_keys (
client_id VARCHAR(80),
public_key VARCHAR(2000),
private_key VARCHAR(2000),
encryption_algorithm VARCHAR(100) DEFAULT "RS256"
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Thank you!
Здравствуйте. Подскажите, пожалуйста, как правильно установить модуль? Этот модуль только для "yii2-app-advanced" приложений?
filsh\yii2\oauth2server\Module
public function getServer($force = false, $config=array())
{
if($this->_server === null || $force === true) {
$storages = [];
foreach($this->storageMap as $name => $value) {
$storages[$name] = \Yii::$container->get($name, array(),$config);
}
$server = new \OAuth2\Server($storages, $this->options);
foreach($this->grantTypes as $name => $options) {
if(!isset($storages[$name]) || empty($options['class'])) {
throw new \yii\base\InvalidConfigException('Invalid grant types configuration.');
}
$class = $options['class'];
unset($options['class']);
$reflection = new \ReflectionClass($class);
$config = array_merge([0 => $storages[$name]], [$options]);
$instance = $reflection->newInstanceArgs($config);
$server->addGrantType($instance);
}
$this->_server = $server;
}
return $this->_server;
}
this config can merge OAuth2\Storage\Pdo class config property
$this->config = array_merge(array(
'client_table' => 'oauth_clients',
'access_token_table' => 'oauth_access_tokens',
'refresh_token_table' => 'oauth_refresh_tokens',
'code_table' => 'oauth_authorization_codes',
'user_table' => 'oauth_users',
'jwt_table' => 'auth_jwt',
'scope_table' => 'oauth_scopes',
'public_key_table' => 'oauth_public_keys',
), $config);
because my database table has prefix cp_
When applying of migration there is an error
PHP Strict Warning 'yii\base\ErrorException' with message 'Declaration of m140501_075311_add_oauth2_server::primaryKey() should be compatible with yii\db\Migration::primaryKey($length = NULL)'
Need set Null on default in primaryKey function public function primaryKey($columns = null)
or rename function
There is no documentation and no one seems to care. so here is an issue where anyone can share a bit he knows and code snippets. Then I will Put them together into Nice documentation. Here are loose leading point (they aren't rules so feel free to break them)
I hope you guys will help making this extension better
Please, can you provide a tag for composer? Thank you
If I do a request with an access_token
as GET-param it gives me the error: Malformed auth header
. This may because I have to send the client-credentials via Basic Auth
which does set the Authorization
header, which is checked if there is a Bearer
token, which isn't. It also doesn't work with a Bearer
token and Basic Auth
because of that.
My only possible solution was to send the client-credentials via GET/POST parameters and a Bearer
token. It also doesn't work with a access_token
param instead of the Bearer
token.
Hi,
Simply putting v2 in composer broke our app with this:
Setting unknown property: filsh\yii2\oauth2server\Module::options
Any clue?
Hi,
Thanks for great extension. have couple of doubts, Hope you help me clear those :
Thanks
I have read every post... but couldn't find step-by-step tutorial or examples how to use this extension :( Dear fellow developers, is there anyone who have figured out?
Any help appreciated :)
p.s. the problem is "You are requesting with an invalid credential."
(the request url is "https://localhost/accounts/index?grant_type=password&username=test&password=test&client_id=testclient&client_secret=testpass")
I tried https://localhost/oauth2/token?grant_type=password&username=test&password=test&client_id=testclient&client_secret=testpass and it gave me 404 Error...
Yes I have included "'POST oauth2/action:w+' => 'oauth2/default/'," in my urlmanager...
Filter CompositeAuth
currently has no ability to check scope. It whoud be great to add such ability.
Future usage example:
public function behaviors()
{
return [
'authenticator' => [
'class' => 'filsh\yii2\oauth2server\filters\auth\CompositeAuth',
'scopeRequired' => 'foobar',
],
];
}
can you add accessToken and refreshToken revokes?
Actually it is quite cool to use this as an auth service that handles different apps or resource servers. I want to use it as an central auth instance. So the only point that is missing actually for it is that I can login/register alternatively with Facebook or Google or something like this at the Auth Service.
So actually I need a new grant_type or? that takes up the signed_request
that is returned e.g. by FaceBook and validated so that I can somehow create the new token for our system.
So add new granttype to config and storage map e.g.:
'storageMap' => [
'user_credentials' => 'api\models\User',
'federation_credentials' => 'api\models\Auth'
],
'grantTypes' => [
'client_credentials' => [
'class' => 'OAuth2\GrantType\ClientCredentials',
'allow_public_clients' => false
],
'user_credentials' => [
'class' => 'OAuth2\GrantType\UserCredentials'
],
'refresh_token' => [
'class' => 'OAuth2\GrantType\RefreshToken',
'always_issue_new_refresh_token' => true
],
'federation_credentials' => [
'class' => 'api\components\auth\ExternalCredentials'
]
],
ExternalCredentials may look like this? (could not test it):
namespace api\components\auth;
use OAuth2\GrantType\GrantTypeInterface;
use OAuth2\RequestInterface;
use OAuth2\ResponseInterface;
use OAuth2\ResponseType\AccessTokenInterface;
class ExternalCredentials implements GrantTypeInterface
{
private $userInfo;
protected $storage;
public function __construct(ExternalCredentialsInterface $storage)
{
$this->storage = $storage;
}
public function getQuerystringIdentifier()
{
return 'signed_request';
}
public function validateRequest(RequestInterface $request, ResponseInterface $response)
{
if (!$request->request("signed_request")) {
$response->setError(400, 'invalid_request', 'Missing parameters: "username" and "password" required');
return null;
}
if (!$this->storage->checkUserCredentials($request->request("signed_request"))) {
$response->setError(401, 'invalid_grant', 'Invalid signed request');
return null;
}
$userInfo = $this->storage->getUserDetails($request->request("signed_request"));
if (empty($userInfo)) {
$response->setError(400, 'invalid_grant', 'Unable to retrieve user information');
return null;
}
if (!isset($userInfo['user_id'])) {
throw new \LogicException("you must set the user_id on the array returned by getUserDetails");
}
$this->userInfo = $userInfo;
return true;
}
public function getClientId()
{
return null;
}
public function getUserId()
{
return $this->userInfo['user_id'];
}
public function getScope()
{
return isset($this->userInfo['scope']) ? $this->userInfo['scope'] : null;
}
public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
{
return $accessToken->createAccessToken($client_id, $user_id, $scope);
}
}
And I have to manually add to filsh's and bshaffer's repo the new grant type? This seems not like the perfect way. How can I add my own grant_type?
is this possible?
The models do not use Yii:t()
which would be useful, for using the models in another language.
This would for example in OauthAccessTokens
change:
public function attributeLabels()
{
return [
'access_token' => 'Access Token',
'client_id' => 'Client ID',
'user_id' => 'User ID',
'expires' => 'Expires',
'scope' => 'Scope',
];
}
to
public function attributeLabels()
{
return [
'access_token' => Yii::t('oauth2-server', 'Access Token'),
'client_id' => Yii::t('oauth2-server', 'Client ID'),
'user_id' => Yii::t('oauth2-server', 'User ID'),
'expires' => Yii::t('oauth2-server', 'Expires'),
'scope' => Yii::t('oauth2-server', 'Scope'),
];
}
Installing server yii2-oauth2-server version dev-master (1.0), Token can be fetched from
/oauth2/default/token
Installing version 2.0.1, no url works anymore. I see the new controller is RestController.php, but anyway all url fails:
/oauth2/default/token
/oauth2/rest/token
/rest/token
/default/token
Hi there,
if i add the behaviour in a controller to activate the OAuth validation, the getBodyParams() function no longer works and returns an empty body... so i cannot use any methods other than GET and POST...
Why is that? is there a workarround?
$ ./yii migrate --migrationPath=@vendor/filsh/yii2-oauth2-server/migrations/m140501_075311_add_oauth2_server.php
PHP Warning 'yii\base\ErrorException' with message 'mkdir(): File exists'
Should be
$ ./yii migrate --migrationPath=@vendor/filsh/yii2-oauth2-server/migrations
without php file, Yii will ask
Total 1 new migration to be applied:
m140501_075311_add_oauth2_server
Apply the above migration? (yes|no) [no]:yes
Hi,
i'm getting this error, the stack shows that it blows up on Module.php file line 34:
$server = new \OAuth2\Server($storages, $this->options);
$storages is filled with objects created using Yii:createObject() i don't know if this is the reason why bshaffer module is complaining...
any hints? maybe i should try to use an older version of bshaffer module?
My fresh installation of yii2-advanced does not accept the current stability level of this package:
composer require --prefer-dist filsh/yii2-oauth2-server "*"
does not work. Instead I used:
composer require --prefer-dist filsh/yii2-oauth2-server "@dev"
After this commit 6d4b6be the Module is not working anymore for me.
It is throwing exception on line:
foreach(array_keys($this->storageMap) as $name) {
$storages[$name] = \Yii::$container->get($name);
}
Trying to get $name = 'user_credentials' from the container.
The method public function createStorages()
was removed from the Module class.
Stack:
{
"name": "Exception",
"message": "Class user_credentials does not exist",
"code": -1,
"type": "ReflectionException",
"file": "/Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/di/Container.php",
"line": 415,
"stack-trace": [
"#0 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/di/Container.php(415): ReflectionClass->__construct('user_credential...')",
"#1 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/di/Container.php(358): yii\di\Container->getDependencies('user_credential...')",
"#2 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/di/Container.php(151): yii\di\Container->build('user_credential...', Array, Array)",
"#3 /Users/admin/Sites/elo-jur-dico-web/vendor/filsh/yii2-oauth2-server/Module.php(100): yii\di\Container->get('user_credential...')",
"#4 /Users/admin/Sites/elo-jur-dico-web/vendor/filsh/yii2-oauth2-server/filters/auth/CompositeAuth.php(14): filsh\yii2\oauth2server\Module->getServer()",
"#5 /Users/admin/Sites/elo-jur-dico-web/common/classes/CompositeAuth.php(15): filsh\yii2\oauth2server\filters\auth\CompositeAuth->beforeAction(Object(yii\base\InlineAction))",
"#6 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/base/ActionFilter.php(70): common\classes\CompositeAuth->beforeAction(Object(yii\base\InlineAction))",
"#7 [internal function]: yii\base\ActionFilter->beforeFilter(Object(yii\base\ActionEvent))",
"#8 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/base/Component.php(541): call_user_func(Array, Object(yii\base\ActionEvent))",
"#9 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/base/Controller.php(269): yii\base\Component->trigger('beforeAction', Object(yii\base\ActionEvent))",
"#10 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/web/Controller.php(121): yii\base\Controller->beforeAction(Object(yii\base\InlineAction))",
"#11 /Users/admin/Sites/elo-jur-dico-web/frontend/controllers/api/v1/EloRestController.php(44): yii\web\Controller->beforeAction(Object(yii\base\InlineAction))",
"#12 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/base/Controller.php(152): frontend\controllers\api\v1\EloRestController->beforeAction(Object(yii\base\InlineAction))",
"#13 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/base/Module.php(454): yii\base\Controller->runAction('escritorio', Array)",
"#14 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/web/Application.php(84): yii\base\Module->runAction('api/v1/escritor...', Array)",
"#15 /Users/admin/Sites/elo-jur-dico-web/vendor/yiisoft/yii2/base/Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))",
"#16 /Users/admin/Sites/elo-jur-dico-web/frontend/web/index.php(18): yii\base\Application->run()",
"#17 {main}"
]
}
Config:
'modules' => [
'oauth2' => [
'class' => 'filsh\yii2\oauth2server\Module',
'tokenParamName' => 'accessToken',
'tokenAccessLifetime' => 3600 * 24,
'storageMap' => [
'user_credentials' => 'common\models\UserOAuth'
],
'grantTypes' => [
'client_credentials' => [
'class' => 'OAuth2\GrantType\ClientCredentials',
'allow_public_clients' => false
],
'user_credentials' => [
'class' => 'OAuth2\GrantType\UserCredentials'
],
'refresh_token' => [
'class' => 'OAuth2\GrantType\RefreshToken',
'always_issue_new_refresh_token' => true
]
]
]
],
1. Is v2.0.1 release supposed to be used? I failed to make it working :( While master branch version works just fine.
2. I don't get the idea of removing $options from Module and substition it with tokenParamName and others and then converting it back with:
[
'token_param_name' => $this->tokenParamName,
'access_lifetime' => $this->tokenAccessLifetime,
'refresh_token_lifetime' => $this->tokenRefreshLifetime,
/** add more ... */
],
I've counted - there are 34 config options in bshaffer/oauth2-server-php
Are you going to add them all?And keep in sync with bshaffer all the time?
Isn't your package supposed to be a thin wrapper?
For example I use 'enforce_state' option, I could add it to Module.php. But then it needs Pull Request
and all the procedure to get working. While $options just works, and anybody can add
any of currently available 34 options and any added in future.
3. Storage map initialization doesn't work.
Now it is:
foreach(array_keys($this->storageMap) as $name) {
$storages[$name] = \Yii::$container->get($name);
}
while the storageMap config is like this:
'storageMap' => [
'user_credentials' => 'common\models\User',
],
So it tries:
Yii::$container->get('user_credentials')
which ends with error:
Class user_credentials does not exist
Shouldn't initialization be like it was previously:
foreach($this->storageMap as $name => $class) {
$storages[$name] = \Yii::$container->get($class);
}
It does make sense and seems working.
Thank in advance for any help :)
...
Hello, thanks for the good work on this module it looks cool and professional :)
Can you please update the Usage example as it is not very clear.
I added the behaviors on my SiteController and seems to work,
but can not manage to send a proper requests I always get this error:
"You are requesting with an invalid credential."
Is there anything special about the controller or the params to make it work ?
Could you add support for the refresh_token_lifetime option for the Refresh Token grant type?
I thought something like:
class Module extends \yii\base\Module
{
// ...
public $refreshTokenLifetime = 2419200;
// ...
public function getServer($force = false)
{
// ...
$server->addGrantType(new \OAuth2\GrantType\RefreshToken($storages['refresh_token'], [
'always_issue_new_refresh_token' => true,
'refresh_token_lifetime' => $this->refreshTokenLifetime,
]));
// ...
And could be configured in the config file:
'oauth2' => [
'class' => 'filsh\yii2\oauth2server\Module',
'options' => [
'token_param_name' => 'access_token',
'access_lifetime' => 3600 * 24,
'allow_implicit' => true,
'enforce_state' => false,
'enforce_redirect' => true,
],
'storageMap' => [
'user_credentials' => 'api\modules\v1\models\User'
],
'refreshTokenLifetime' => 2419200,
],
We use the yii2-oauth2-server with mongoDB. Originally we used it when it has not any version number. We had to apply some modifications and overrides to make it work. Until now it works well, but today updated the version to 2.0 and I see that I'm forced to use all these storageMaps:
access_token,authorization_code,client_credentials,client,refresh_token,user_credentials,public_key,jwt_bearer,scope
and all these modelMaps:
OauthClients,OauthAccessTokens,OauthAuthorizationCodes,OauthRefreshTokens,OauthScopes
because these are loaded into protected arrays ($_modelMap,$_storageMap) in Bootstrap.php and I can just override them with my MongoDB Storage class. That's why I can not skip which are not used, for example in my actual project we just need:
access_token
client
refresh_token
user_credentials
OauthAccessTokens
OauthRefreshTokens
All the others are useless and I don't wanna create fake classes just to handle these problem.
Migrations seems to be not working with SQL Server as type of Timestamp should be automatic not explicitly put [1]. It would be great to change field to something else like datetime or remove explicit insertion at
Yii Migration Tool (based on Yii v2.0.6)
Total 1 new migration to be applied:
m140501_075311_add_oauth2_server
Apply the above migration? (yes|no) [no]:y
*** applying m140501_075311_add_oauth2_server
> create table {{%oauth_clients}} ... done (time: 0.032s)
> create table {{%oauth_access_tokens}} ...Exception: SQLSTATE[42000]: [Microsoft][ODBC Driver 11 for SQL Server][SQL Server]Defaults cannot be created on columns of data type timestamp. Table 'oauth_access_tokens', column 'expires'.
The SQL being executed was: CREATE TABLE [oauth_access_tokens] (
[access_token] varchar(40) NOT NULL,
[client_id] varchar(32) NOT NULL,
[user_id] int DEFAULT NULL,
[expires] timestamp NOT NULL DEFAULT 'now' ,
[scope] varchar(2000) DEFAULT NULL,
PRIMARY KEY ([access_token]),
FOREIGN KEY ([client_id]) REFERENCES [oauth_clients] ([client_id]) ON DELETE CASCADE ON UPDATE CASCADE
)\n*** failed to apply m140501_075311_add_oauth2_server (time: 0.276s)
Migration failed. The rest of the migrations are canceled.
I have done some modifications here (Hope to do PR when I have time and meanwhile I share them here)
public function up()
{
$tableOptions = null;
$now = null;
$on_update_now = null;
$timestamp = null;
if ($this->db->driverName === 'mysql') {
$tableOptions = 'CHARACTER SET utf8 COLLATE utf8_general_ci ENGINE=InnoDB';
$now = $this->mysql('CURRENT_TIMESTAMP',"'now'");
$on_update_now = $this->mysql("ON UPDATE $now");
$timestamp = Schema::TYPE_TIMESTAMP . " NOT NULL DEFAULT $now $on_update_now";
}
else if($this->db->driverName === 'sqlsrv'){
//set values for SQL Server
$timestamp = Schema::TYPE_TIMESTAMP;
}
$transaction = $this->db->beginTransaction();
try {
$this->createTable('{{%oauth_clients}}', [
'client_id' => Schema::TYPE_STRING . '(32) NOT NULL',
'client_secret' => Schema::TYPE_STRING . '(32) DEFAULT NULL',
'redirect_uri' => Schema::TYPE_STRING . '(1000) NOT NULL',
'grant_types' => Schema::TYPE_STRING . '(100) NOT NULL',
'scope' => Schema::TYPE_STRING . '(2000) DEFAULT NULL',
'user_id' => Schema::TYPE_INTEGER . ' DEFAULT NULL',
$this->primaryKey('client_id'),
], $tableOptions);
$this->createTable('{{%oauth_access_tokens}}', [
'access_token' => Schema::TYPE_STRING . '(40) NOT NULL',
'client_id' => Schema::TYPE_STRING . '(32) NOT NULL',
'user_id' => Schema::TYPE_INTEGER . ' DEFAULT NULL',
'expires' => $timestamp,
'scope' => Schema::TYPE_STRING . '(2000) DEFAULT NULL',
$this->primaryKey('access_token'),
$this->foreignKey('client_id','{{%oauth_clients}}','client_id','CASCADE','CASCADE'),
], $tableOptions);
$this->createTable('{{%oauth_refresh_tokens}}', [
'refresh_token' => Schema::TYPE_STRING . '(40) NOT NULL',
'client_id' => Schema::TYPE_STRING . '(32) NOT NULL',
'user_id' => Schema::TYPE_INTEGER . ' DEFAULT NULL',
'expires' => $timestamp,
'scope' => Schema::TYPE_STRING . '(2000) DEFAULT NULL',
$this->primaryKey('refresh_token'),
$this->foreignKey('client_id','{{%oauth_clients}}','client_id','CASCADE','CASCADE'),
], $tableOptions);
$this->createTable('{{%oauth_authorization_codes}}', [
'authorization_code' => Schema::TYPE_STRING . '(40) NOT NULL',
'client_id' => Schema::TYPE_STRING . '(32) NOT NULL',
'user_id' => Schema::TYPE_INTEGER . ' DEFAULT NULL',
'redirect_uri' => Schema::TYPE_STRING . '(1000) NOT NULL',
'expires' => $timestamp,
'scope' => Schema::TYPE_STRING . '(2000) DEFAULT NULL',
$this->primaryKey('authorization_code'),
$this->foreignKey('client_id','{{%oauth_clients}}','client_id','CASCADE','CASCADE'),
], $tableOptions);
$this->createTable('{{%oauth_scopes}}', [
'scope' => Schema::TYPE_STRING . '(2000) NOT NULL',
'is_default' => Schema::TYPE_BOOLEAN . ' NOT NULL',
], $tableOptions);
$this->createTable('{{%oauth_jwt}}', [
'client_id' => Schema::TYPE_STRING . '(32) NOT NULL',
'subject' => Schema::TYPE_STRING . '(80) DEFAULT NULL',
'public_key' => Schema::TYPE_STRING . '(2000) DEFAULT NULL',
$this->primaryKey('client_id'),
], $tableOptions);
$this->createTable('{{%oauth_users}}', [
'username' => Schema::TYPE_STRING . '(255) NOT NULL',
'password' => Schema::TYPE_STRING . '(2000) DEFAULT NULL',
'first_name' => Schema::TYPE_STRING . '(255) DEFAULT NULL',
'last_name' => Schema::TYPE_STRING . '(255) DEFAULT NULL',
$this->primaryKey('username'),
], $tableOptions);
$this->createTable('{{%oauth_public_keys}}', [
'client_id' => Schema::TYPE_STRING . '(255) NOT NULL',
'public_key' => Schema::TYPE_STRING . '(2000) DEFAULT NULL',
'private_key' => Schema::TYPE_STRING . '(2000) DEFAULT NULL',
'encryption_algorithm' => Schema::TYPE_STRING . '(100) DEFAULT \'RS256\'',
], $tableOptions);
// .......................
}
After I installed the module and applied all the things what was writen in the in the documentation, I recevive "The grant type was not specified in the request" error when I pass the username/password to "/oauth2/token"
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.