Home

Awesome

Guzzle Bundle OAuth2 Plugin

Build Status Coverage Status SensioLabsInsight

This plugin integrates OAuth2 functionality into Guzzle Bundle, a bundle for building RESTful web service clients.


Prerequisites

Installation

To install this bundle, run the command below on the command line and you will get the latest stable version from Packagist.

composer require gregurco/guzzle-bundle-oauth2-plugin

Usage

Enable bundle

Find next lines in src/Kernel.php:

foreach ($contents as $class => $envs) {
    if (isset($envs['all']) || isset($envs[$this->environment])) {
        yield new $class();
    }
}

and replace them by:

foreach ($contents as $class => $envs) {
    if (isset($envs['all']) || isset($envs[$this->environment])) {
        if ($class === \EightPoints\Bundle\GuzzleBundle\EightPointsGuzzleBundle::class) {
            yield new $class([
                new \Gregurco\Bundle\GuzzleBundleOAuth2Plugin\GuzzleBundleOAuth2Plugin(),
            ]);
        } else {
            yield new $class();
        }
    }
}

Basic configuration

With default grant type (client)

# app/config/config.yml

eight_points_guzzle:
    clients:
        api_payment:
            base_url: "http://api.domain.tld"
            
            options:
                auth: oauth2

            # plugin settings
            plugin:
                oauth2:
                    base_uri:       "https://example.com"
                    token_url:      "/oauth/token"
                    client_id:      "test-client-id"
                    client_secret:  "test-client-secret" # optional
                    scope:          "administration"

With password grant type

# app/config/config.yml

eight_points_guzzle:
    clients:
        api_payment:
            base_url: "http://api.domain.tld"
            
            options:
                auth: oauth2

            # plugin settings
            plugin:
                oauth2:
                    base_uri:       "https://example.com"
                    token_url:      "/oauth/token"
                    client_id:      "test-client-id"
                    username:       "johndoe"
                    password:       "A3ddj3w"
                    scope:          "administration"
                    grant_type:     "Sainsburys\\Guzzle\\Oauth2\\GrantType\\PasswordCredentials"

With client credentials in body

# app/config/config.yml

eight_points_guzzle:
    clients:
        api_payment:
            base_url: "http://api.domain.tld"
            
            options:
                auth: oauth2

            # plugin settings
            plugin:
                oauth2:
                    base_uri:       "https://example.com"
                    token_url:      "/oauth/token"
                    client_id:      "test-client-id"
                    scope:          "administration"
                    auth_location:  "body"

Options

KeyDescriptionRequiredExample
base_uriURL of oAuth2 server.yeshttps://example.com
token_urlThe path that will be concatenated with base_uri. <br/>Default: /oauth2/tokenno/oauth/token
client_idThe client identifier issued to the client during the registration processyess6BhdRkqt3
client_secretThe client secretno7Fjfp0ZBr1KtDRbnfVdmIw
usernameThe resource owner usernamefor PasswordCredentials grant typejohndoe
passwordThe resource owner passwordfor PasswordCredentials grant typeA3ddj3w
auth_locationThe place where to put client_id and client_secret in auth request. <br/>Default: headers. Allowed values: body, headers.nobody
resourceThe App ID URI of the web API (secured resource)nohttps://service.contoso.com/
private_keyPath to private keyfor JwtBearer grant type"%kernel.root_dir%/path/to/private.key"
scopeOne or more scope values indicating which parts of the user's account you wish to accessnoadministration
audienceno
grant_typeGrant type class path. Class should implement GrantTypeInterface. <br/> Default: Sainsburys\\Guzzle\\Oauth2\\GrantType\\ClientCredentialsnoSainsburys\\Guzzle\\Oauth2\\GrantType\\PasswordCredentials<br/>Sainsburys\\Guzzle\\Oauth2\\GrantType\\AuthorizationCode<br/>Sainsburys\\Guzzle\\Oauth2\\GrantType\\JwtBearer
persistentToken will be stored in session unless grant_type is client credentials; in which case it will be stored in the app cache. <br/> Default: falseno
retry_limitHow many times request will be repeated on failure. <br/> Default: 5no

See more information about middleware here.

License

This middleware is licensed under the MIT License - see the LICENSE file for details