Reputation: 91
Apgigility OAuth2, link between User and Client/AuthorizationCode
I'm struggling with OAuth2 authorization, authentication and user linking. What I've done so far:
I've created a client and it's secret. All redirects and so on are working. Grant type password works for own native app (e.g. Android and iOS)
But for access token, user_id is NULL if grant type is Authorization code.
How can I assign a user to access token or authorization code?
Is there a module for Apigility to provide login screen? I only get asked for "allow" or "disallow" application but I'm never asked for a username and password.
Update:
Question is related to provide OAuth2 access third party pages, e.g. IFTTT. They open /oauth/authorize page and somewhere I have guide user to a login?! to determine related user? Is there an existing module for this?
Third party sites, e.g. IFTTT do not use password grant type for security reasons. And compared to other pages the workflow is: Is user authenticated? Yes: Show Accept/Decline button. No: User has to login and will be redirected afterwards to /oauth/authorize page. So is there a common way in apigility to check if user is logged in and if not, redirect to a login mask?
Upvotes: 2
Views: 319
Answers (1)
Reputation: 2041
To authenticate with username and password using OAuth2 you should use the grant_type=password.
I'm not sure if there is a login screen in Apigility. But I don't think it should have it, because Apigility already allow this by one or more endpoints through OAuth2, more specifically by OAuth2 Server Library for PHP.
How to do
- Add the grant type to client:
- On your client table (
oauth_clients.grant_typescolumn) set"password".
- On your client table (
- Create a new authentication adapter type=oauth2.
Create a post to the authetication url like below.
url=localhost:8080/oauth, wherelocalhost:8080is where the apigility is running and/oauthis the configured auth adapter url.payload:
{ "username": "USERNAME", "password": "PASSWORD", "grant_type": "password", "client_id": "CLIENT_ID" }
- When login successfully it will return the access token.
Upvotes: 1
Related Questions
- Apigility and oAuth for users
- Get current user information in Apigility Resource
- Using OAuth2 and ZF3-MVC to protect REST API
- Implementing Two-Legged Oauth2 in ZendFramework 2 with Apigility
- How to check for oAuth2 scopes in Apigility?
- Apigility as OAuth2 Resource Server with remote Authorization Server
- Zend Framework 2 and OAuth how to create provider?
- how to use Zend 2 Oauth package
- OAuth in Zend Framework 2
- Zend Framework Oauth Provider