Laravel 5.1 and Oauth

Posted: 2015-08-14 02:58:28

Laravel 5.1 and Oauth2 Server

Video coming soon...

Example repo is here https://github.com/alnutile/oauth_how_to

The library we will use is

https://github.com/lucadegasperi/oauth2-server-laravel

This will setup a server both client_type and password_type for Grant Types.

Coming to Terms with Oauth

Coming to terms with this stuff is long and tedious. The docs are here https://github.com/lucadegasperi/oauth2-server-laravel/ wiki will help and then these lead to the League docs as well http://oauth2.thephpleague.com/

There is also a podcast interview with the Alex Bilbie who made the League Oauth Library http://fullstackradio.com/episodes/4/

What I will cover is mainly the instalation going beyond the docs above into the details of getting this thing going. I will also provide a "play" repo for you to review.

Base Laravel Install

If you want to use this demo to play around just run composer install and see the migration info below.

Install laravel as normal, install the library as normal. You will see some extra stuff I have in the repo for helping out as well (this will be seen in the video too)

app/OauthTools

Some commands to use artisan to make users, tokens etc.

So in the end my app/Console/Kernel.php looked like https://github.com/alnutile/oauth_how_to/blob/master/app/Console/Kernel.php

So I could easily do

php artisan oauth-tools:adduser admin@foo.com

or

php artisan oauth-tools:generate-token 33591b34-03c2-4ece-a763-d531aee0298a admin@foo.com client

Also note composer.json I use a uuid library to help with these commands etc.

Finally to have all of this work out of the box with the Postman file I shared run it this way for now

cd public
php -S localhost:8181

The database for this example is sqlite so

touch storage/database.sqlite
php artisan migrate:refresh --seed

And you should now have a db and migrations

Since it is sqlite just rm the file and touch it again to re-migrate and save your self the headache of DBAL driver etc since this just just a quick working demo.

Setup your oauth config

config/oauth2.php file as seen here BUT only if you want these. And my access_token_ttl is way too big so see the defaults in the docs. Also note it points to OauthPasswordVerifier which the docs talk about as well.

Route

As noted you add the code to your route

Route::post('oauth/access_token', function() {
    return Response::json(Authorizer::issueAccessToken());
});


Route::get('test', ['middleware' => 'oauth', function() {
    return Response::json("Welcome");
}]);

Later on you will see this instead

Route::post('oauth/access_token', function() {
    return Response::json(Authorizer::issueAccessToken());
});


Route::get('test', ['middleware' => 'oauthOrAuth', function() {
    return Response::json("Welcome");
}]);

With the oauthOrAuth I will explain that in the video as well. But basically and api endpoint can be used by a local session based user and a remote application using oauth. It is just how our APIs go.

So this lets that work just fine.

Postman

Just to show it all working you will see in the video me using postman. You will see that in the repo here

Now What

Between the links above and Postman you have a working


Tags:

oauth laravel