developer-hola/oauth2-loginradius 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

developer-hola/oauth2-loginradius

Composer 安装命令:

composer require developer-hola/oauth2-loginradius

包简介

LoginRadius OAuth 2.0 Client Provider for The knpuniversity/oauth2-client-bundle

README 文档

README

Latest Version Software License Build Status Coverage Status Quality Score Total Downloads

This package provides LoginRadius OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

Installation

To install, use composer:

composer require developer-hola/oauth2-loginradius

Usage

Activate the bundle in the bundles.php file

Hola\OAuth2\HolaOAuth2LoginRadiusBundle::class => ['all' => true]

Create a knpu_oauth2_client.yaml file inside config/packages directory like this:

# config/packages/knpu_oauth2_client.yaml
knpu_oauth2_client:
    clients:
        # will create service: "knpu.oauth2.client.foo_bar_oauth"
        # an instance of: KnpU\OAuth2ClientBundle\Client\OAuth2Client
        loginradius_oauth:
            type: generic
            provider_class: Hola\OAuth2\Client\Provider\LoginRadiusProvider

            # optional: a class that extends OAuth2Client
            #client_class: Hola\OAuth2\Client\LoginRadiusClient

            # optional: if your provider has custom constructor options
            # provider_options: {}

            # now, all the normal options!
            client_id: '%env(LOGINRADIUS_API_KEY)%'
            client_secret: '%env(LOGINRADIUS_API_SECRET)%'
            redirect_route: connect_loginradius_check
            redirect_params: {}

Define your firewall in the config/packages/security.yaml file:

security:
    ...
    firewalls:
        main:
            provider: users  #your custom provider
            anonymous: ~
            logout:
                path:   /logout
                target: /

                handlers: [hola.oauth2.loginradius.logout.handler]  
            guard:
                authenticators:
                    - hola.oauth2.loginradius.authenticator
                entry_point: hola.oauth2.loginradius.authenticator

         

Add this interfaces to your User entity:

class User implements UserInterface, \Serializable , OauthUserInterface

Your user provider must implement the interface UseLoaderInterface, like this:

class UserRepository extends ServiceEntityRepository implements UserLoaderInterface
{
    public function loadUserByUsername($username)
    {
        return $this->findOneBy(['email' => $username]);

    }
}

The OauthUserInterface allows the system to save the AccessToken of the user to check the this token is valid in each request.

Create a controller with to routes: connect_loginradius_start and connect_loginradius_check :

class LoginRadiusController extends Controller
{
    /**
     * Link to this controller to start the "connect" process
     *
     * @Route("/connect/loginradius", name="connect_loginradius_start")
     */
    public function connectAction(ClientRegistry $clientRegistry, Request $request)
    {
        return $clientRegistry
            ->getClient('loginradius_oauth') // key used in config/packages/knpu_oauth2_client.yaml
            ->redirect([
	    	'profile','&action=login&regSource=cabecera&new=1' // the scopes you want to access
            ])
        ;
	}


    /**
     * @Route("/connect/loginradius/check", name="connect_loginradius_check")
     */
    public function connectCheckAction(Request $request, ClientRegistry $clientRegistry)
    {

        $client = $clientRegistry->getClient('loginradius_oauth');
        try {
            $user = $client->fetchUser();


            $accessToken = $client->getAccessToken();
            //Login the user saving the accesstoken and redirect to the original url

            //$this->userService->userLogin($user,$accessToken, $request);

            return new RedirectResponse(
                '/myoriginalurl',
                // might be the site, where users choose their oauth provider
                Response::HTTP_TEMPORARY_REDIRECT
            );

            // ...
        } catch (IdentityProviderException $e) {
            // something went wrong!
            // probably you should return the reason to the user
            var_dump($e->getMessage()); die;
        }



    }
}

LoginRadius AccessToken check

If you use Oauth2 in various systems, you don't want if you logout of one system your session in the others continues.

To solve this problem we implement an AuthenticationVoter that takes your session accessToken and validates. If the token is invalid you need to login again.

To activate this voter put in the config/packages/security.yaml

security:
    access_denied_url: connect_loginradius_start
    access_decision_manager:
         strategy: unanimous
         allow_if_all_abstain: false

LoginRadius Session Logout

When you logout on your system we need to invalidate the LoginRadius accesstoken, for this reason you'll need to define our LogoutHandler under your firewall in the security.yaml file. If you don't define it, you will not logout from LoginRadius.

security:
    firewalls:
        main:
            provider: users
            logout:
                path:   /logout
                target: /

                handlers: [hola.oauth2.loginradius.logout.handler]
            guard:
                authenticators:
                    - hola.oauth2.loginradius.authenticator
                entry_point: hola.oauth2.loginradius.authenticator

Testing

$ ./vendor/bin/phpunit

Contributing

Please see CONTRIBUTING for details.

License

The MIT License (MIT). Please see License File for more information.

developer-hola/oauth2-loginradius 适用场景与选型建议

developer-hola/oauth2-loginradius 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 10.9k 次下载、GitHub Stars 达 0, 最近一次更新时间为 2019 年 11 月 27 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「authorization」 「client」 「oauth」 「oauth2」 「loginradius」 「authorisation」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 developer-hola/oauth2-loginradius 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 developer-hola/oauth2-loginradius 我们能提供哪些服务?
定制开发 / 二次开发

基于 developer-hola/oauth2-loginradius 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 10.9k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 6
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 4
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2019-11-27