README

Laravel5 Simple OAuth2 Server Package

A very simple OAuth2 package to use in your Laravel5 app. The package is a wrapper around the oauth2-php library and is inspired by FOSOAuthServerBundle.

Current features:

• Client credentials grant type
• Resource Owner Password Credentials grant type
• Refresh token
• Grant extensions
• Middleware for checking valid token & user

TODO:

• Scopes
• Authorization Code grant type
• Implicit grant type
• Test
• Integration with Travis CI

Install

Require this package with composer (Packagist) using the following command:

$ composer require media24si/simple-oauth2

Register the SimpleOAuth2ServiceProvider to the providers array in config/app.php

Media24si\SimpleOAuth2\SimpleOAuth2ServiceProvider::class,

Publish vendor files:

$ php artisan vendor:publish

Migrate your database

$ php artisan migrate

Create a route for generating tokens:

$ Route::any('/token', '\Media24si\SimpleOAuth2\Http\Controllers\TokenController@token');

If you want to use Authorization code or Implicit grant type add authore controller to rote:

Route::any('/authorize', ['middleware' => 'auth','uses' => '\Media24si\SimpleOAuth2\Http\Controllers\AuthorizeController@authorize']);

USAGE

Config

When you publish vendor files, the simpleoauth2.php config file will be copied to the config folder. Currently the only configuration options are:

• a username field
• a password field
• additional conditions

SimpleOAuth2 uses Auth::attempt to authenticate users.

Middleware

The package comes with one middleware. To use it, you need to register app\Http\Kernel.php under $routeMiddleware

'oauth' => '\Media24si\SimpleOAuth2\Http\Middleware\SimpleOAuth2'

Then in your routes you can request a valid oauth2 token:

Route::get('/protected', ['middleware' => ['oauth'], function() { return 'Protected resource'; }]);

Because SimpleOAuth2 is using Laravel authentication package you can request an authenticated user with oauth:

Route::get('/protected', ['middleware' => ['oauth', 'auth'], function() { return 'Protected resource with valid user'; }]);

Artisan commands

oauth2:create-client

$ php artisan oauth2:create-client {client_name}

Create a new oauth2 client. For all options see help

$ php artisan help oauth2:create-client {client_name}

oauth2:list-clients

$ php artisan oauth2:list-clients

List all oauth2 clients.

Grant types

Authorization Code and Implicit

To use authorization code or implicit grant types you have to provide auth middleware so user can login. You can customize authorize by implementing your own action and view.

License

The MIT License (MIT). Please see License File for more information.