ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

documentation for PR #502

Browse Source
This commit is contained in:
Julián Gutiérrez
2016-03-29 10:05:49 +02:00
parent 3aeefe7d22
commit 0e96a35f43
6 changed files with 75 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
auth-server-implicit.md
View File

@@ -6,14 +6,14 @@ permalink: /authorization-server/implicit-grant/
# Implicit grant
The implicit grant is similar to the authorization code grant with two distinct differences.
The implicit grant is similar to the authorization code grant with two distinct differences.
It is intended to be used for user-agent-based clients (e.g. single page web apps) that can't keep a client secret because all of the application code and storage is easily accessible.
Secondly instead of the authorization server returning an authorization code which is exchanged for an access token, the authorization server returns an access token.
## Flow
The client will redirect the user to the authorization server with the following parameters in the query string:
* `response_type` with the value `token`
@@ -46,16 +46,18 @@ $accessTokenRepository = new AccessTokenRepository();
$userRepository = new UserRepository();
// Path to public and private keys
$privateKeyPath = 'file://path/to/private.key';
$publicKeyPath = 'file://path/to/public.key';
$privateKey = 'file://path/to/private.key';
// Private key with passphrase if needed
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
$publicKey = 'file://path/to/public.key';
// Setup the authorization server
$server = new \League\OAuth2\Server\Server(
$clientRepository,
$accessTokenRepository,
$scopeRepository,
$privateKeyPath,
$publicKeyPath
$privateKey,
$publicKey
);
// Enable the implicit grant on the server with a token TTL of 1 hour
@@ -75,13 +77,13 @@ $app->post('/oauth2', function (ServerRequestInterface $request, ResponseInterfa
/* @var \League\OAuth2\Server\Server $server */
$server = $app->getContainer()->get(Server::class);
// Try to respond to the request
// Try to respond to the request
try {
return $server->respondToRequest($request, $response);
} catch (\League\OAuth2\Server\Exception\OAuthServerException $exception) {
return $exception->generateHttpResponse($response);
} catch (\Exception $exception) {
$body = new Stream('php://temp', 'r+');
$body->write($exception->getMessage());
@@ -151,4 +153,4 @@ $renderer = new \League\OAuth2\Server\TemplateRenderer\MustacheRenderer(
'authorize_template_name'
);
$implicitGrant->setTemplateRenderer($renderer);
{% endhighlight %}
{% endhighlight %}