Skip to content

Latest commit

 

History

History
155 lines (120 loc) · 5.52 KB

README.md

File metadata and controls

155 lines (120 loc) · 5.52 KB

Guzzle Bundle OAuth2 Plugin

Build Status Coverage Status SensioLabsInsight

This plugin integrates OAuth2 functionality into Guzzle Bundle, a bundle for building RESTful web service clients.


Prerequisites

Installation

To install this bundle, run the command below on the command line and you will get the latest stable version from Packagist.

composer require gregurco/guzzle-bundle-oauth2-plugin

Usage

Enable bundle

Find next lines in src/Kernel.php:

foreach ($contents as $class => $envs) {
    if (isset($envs['all']) || isset($envs[$this->environment])) {
        yield new $class();
    }
}

and replace them by:

foreach ($contents as $class => $envs) {
    if (isset($envs['all']) || isset($envs[$this->environment])) {
        if ($class === \EightPoints\Bundle\GuzzleBundle\EightPointsGuzzleBundle::class) {
            yield new $class([
                new \Gregurco\Bundle\GuzzleBundleOAuth2Plugin\GuzzleBundleOAuth2Plugin(),
            ]);
        } else {
            yield new $class();
        }
    }
}

Basic configuration

With default grant type (client)

# app/config/config.yml

eight_points_guzzle:
    clients:
        api_payment:
            base_url: "http://api.domain.tld"
            
            options:
                auth: oauth2

            # plugin settings
            plugin:
                oauth2:
                    base_uri:       "https://example.com"
                    token_url:      "/oauth/token"
                    client_id:      "test-client-id"
                    client_secret:  "test-client-secret" # optional
                    scope:          "administration"

With password grant type

# app/config/config.yml

eight_points_guzzle:
    clients:
        api_payment:
            base_url: "http://api.domain.tld"
            
            options:
                auth: oauth2

            # plugin settings
            plugin:
                oauth2:
                    base_uri:       "https://example.com"
                    token_url:      "/oauth/token"
                    client_id:      "test-client-id"
                    username:       "johndoe"
                    password:       "A3ddj3w"
                    scope:          "administration"
                    grant_type:     "Sainsburys\\Guzzle\\Oauth2\\GrantType\\PasswordCredentials"

With client credentials in body

# app/config/config.yml

eight_points_guzzle:
    clients:
        api_payment:
            base_url: "http://api.domain.tld"
            
            options:
                auth: oauth2

            # plugin settings
            plugin:
                oauth2:
                    base_uri:       "https://example.com"
                    token_url:      "/oauth/token"
                    client_id:      "test-client-id"
                    scope:          "administration"
                    auth_location:  "body"

Options

Key Description Required Example
base_uri URL of oAuth2 server. yes https://example.com
token_url The path that will be concatenated with base_uri.
Default: /oauth2/token
no /oauth/token
client_id The client identifier issued to the client during the registration process yes s6BhdRkqt3
client_secret The client secret no 7Fjfp0ZBr1KtDRbnfVdmIw
username The resource owner username for PasswordCredentials grant type johndoe
password The resource owner password for PasswordCredentials grant type A3ddj3w
auth_location The place where to put client_id and client_secret in auth request.
Default: headers. Allowed values: body, headers.
no body
resource The App ID URI of the web API (secured resource) no https://service.contoso.com/
private_key Path to private key for JwtBearer grant type "%kernel.root_dir%/path/to/private.key"
scope One or more scope values indicating which parts of the user's account you wish to access no administration
audience no
grant_type Grant type class path. Class should implement GrantTypeInterface.
Default: Sainsburys\\Guzzle\\Oauth2\\GrantType\\ClientCredentials
no Sainsburys\\Guzzle\\Oauth2\\GrantType\\PasswordCredentials
Sainsburys\\Guzzle\\Oauth2\\GrantType\\AuthorizationCode
Sainsburys\\Guzzle\\Oauth2\\GrantType\\JwtBearer
persistent Token will be stored in session unless grant_type is client credentials; in which case it will be stored in the app cache.
Default: false
no
retry_limit How many times request will be repeated on failure.
Default: 5
no

See more information about middleware here.

License

This middleware is licensed under the MIT License - see the LICENSE file for details