/OAuth2

CakePHP 3 authentication using the league/oauth2-client.

Primary LanguagePHPMIT LicenseMIT

OAuth2

Build Status Coverage Total Downloads License

CakePHP 3 authentication using the league/oauth2-client.

Install

Using Composer:

composer require muffin/oauth2

You then need to load the plugin.

bin/cake plugin load Muffin/OAuth2

Wait, you're not done yet. This plugin will NOT require any of the clients. You will have to do it yourself. For e.g. if you want to use Github client do:

composer require "league/oauth2-github"

Usage

First, start by defining the providers:

// either in `config/bootstrap.php`
Configure::write('Muffin/OAuth2', [
    'providers' => [
        'github' => [
            'className' => 'League\OAuth2\Client\Provider\Github',
            // all options defined here are passed to the provider's constructor
            'options' => [
                'clientId' => 'foo',
                'clientSecret' => 'bar',
            ],
            'mapFields' => [
                'username' => 'login', // maps the app's username to github's login
            ],
            // ... add here the usual AuthComponent configuration if needed like fields, etc.
        ],
    ],
]);

// or in `src/Controller/AppController.php`
$this->loadComponent('Auth', [
    'authenticate' => [
        // ...
        'Muffin/OAuth2.OAuth' => [
            'providers' => [
                // the array from example above
            ],
        ],
    ],
]);

Upon successful authorization, and if the user has no local instance, an event (Muffin/OAuth2.newUser) is triggered. Use it to create a user like so:

// bootstrap.php
use Cake\Event\Event;
use Cake\ORM\TableRegistry;
EventManager::instance()->on(
    'Muffin/OAuth2.newUser',
    [TableRegistry::get('Users'), 'createNewUser']
);

// UsersTable.php
use Cake\Event\Event;
use League\OAuth2\Client\Provider\AbstractProvider;
public function createNewUser(Event $event, AbstractProvider $provider, array $data)
{
    $entity = $this->newEntity($data);
    $this->save($entity);

    return $entity->toArray(); // user data to be used in session
}

Finally, once token is received, the Muffin/OAuth2.afterIdentify event is triggered. Use this to update your local tokens for example:

// bootstrap.php
use Cake\Event\Event;
use Cake\ORM\TableRegistry;
EventManager::instance()->on(
    'Muffin/OAuth2.afterIdentify',
    [TableRegistry::get('Tokens'), 'createOrUpdate']
);

// TokensTable.php
use Cake\Event\Event;
use League\OAuth2\Client\Provider\AbstractProvider;

public function createOrUpdate(Event $event, AbstractProvider $provider, array $data)
{
    // ...
    return; // void
}

Next up, you need to create a route that will be used by all providers:

// config/routes.php

Router::connect(
    '/oauth/:provider',
    ['controller' => 'users', 'action' => 'login'],
    ['provider' => implode('|', array_keys(Configure::read('Muffin/OAuth2.providers')))]
);

Now, if you have already read the book's AuthComponent documentation, you should be familiar with how to add the new authentication object to it:

// src/Controller/AppController.php
$this->loadComponent('Auth', [
    'authenticate' => [
        'Form',
        'Muffin/OAuth2.OAuth',
    ]
]);

Patches & Features

  • Fork
  • Mod, fix
  • Test - this is important, so it's not unintentionally broken
  • Commit - do not mess with license, todo, version, etc. (if you do change any, bump them into commits of their own that I can ignore when I pull)
  • Pull request - bonus point for topic branches

To ensure your PRs are considered for upstream, you MUST follow the CakePHP coding standards.

Bugs & Feedback

http://github.com/usemuffin/oauth2/issues

License

Copyright (c) 2018, Use Muffin and licensed under The MIT License.