API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 8th, 2016
61
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.10 KB | None | 0 0
raw download clone embed print report
  1. SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
  2.  
  3. https://github.com/yiisoft/yii2/issues/6631
  4.  
  5. function send(){
  6. var url = "http://www.server.org/app/api/oauth2/rest/token";
  7. var data = {
  8. 'grant_type':'password',
  9. 'username':'user',
  10. 'password':'pass',
  11. 'client_id':'clientid',
  12. 'client_secret':'clientsecret',
  13. };
  14.  
  15. $.ajax({
  16. type: "POST",
  17. url: url,
  18. data: data,
  19. success:function(data){
  20. console.log(data);
  21. token = data.access_token;
  22. },
  23. })
  24. };
  25.  
  26. function createuser(){
  27. var url = "http://www.server.org/app/api/v1/users/create";
  28. var data = {
  29. 'callback':'asdf',
  30. 'username': 'user',
  31. 'password':'pass',
  32. 'first_name':'name',
  33. 'last_name':'lastname'
  34. };
  35.  
  36. $.ajax({
  37. type: "POST",
  38. url: url,
  39. data: data,
  40. beforeSend: function (xhr) {
  41. xhr.setRequestHeader('Authorization', 'Bearer ' + token);
  42. },
  43. success:function(r){
  44. console.log(r);
  45. },
  46. });
  47. }
  48.  
  49. <?php
  50.  
  51. namespace appapimodulesv1controllers;
  52.  
  53. use Yii;
  54. use appmodelsOauthUsers;
  55. use yiirestActiveController;
  56. use yiiwebResponse;
  57. use yiihelpersArrayHelper;
  58.  
  59. use yiifiltersauthHttpBearerAuth;
  60. use yiifiltersauthQueryParamAuth;
  61. use filshyii2oauth2serverfiltersErrorToExceptionFilter;
  62. use filshyii2oauth2serverfiltersauthCompositeAuth;
  63.  
  64. class UsersController extends yiiwebController
  65. {
  66. public function behaviors()
  67. {
  68. return ArrayHelper::merge(parent::behaviors(), [
  69. 'authenticator' => [
  70. 'class' => CompositeAuth::className(),
  71. 'authMethods' => [
  72. ['class' => HttpBearerAuth::className()],
  73. ['class' => QueryParamAuth::className(), 'tokenParam' => 'accessToken'],
  74. ]
  75. ],
  76. 'exceptionFilter' => [
  77. 'class' => ErrorToExceptionFilter::className()
  78. ],
  79. 'class' => yiifiltersContentNegotiator::className(),
  80.  
  81. ]);
  82. }
  83.  
  84. /**
  85. * Creates a new model.
  86. * If creation is successful, the browser will be redirected to the 'view' page.
  87. * @return mixed
  88. */
  89. public function actionCreate()
  90. {
  91. $model = new OauthUsers;
  92.  
  93. try {
  94. if ($model->load($_POST) && $model->save()) {
  95. return $this->redirect(Url::previous());
  96. } elseif (!Yii::$app->request->isPost) {
  97. $model->load($_GET);
  98. }
  99. } catch (Exception $e) {
  100. $msg = (isset($e->errorInfo[2]))?$e->errorInfo[2]:$e->getMessage();
  101. $model->addError('_exception', $msg);
  102. }
  103. return "true";
  104. }
  105.  
  106. }
  107.  
  108. 'oauth2' => [
  109. 'class' => 'filshyii2oauth2serverModule',
  110. 'tokenParamName' => 'accessToken',
  111. 'tokenAccessLifetime' => 3600 * 24,
  112. 'storageMap' => [
  113. 'user_credentials' => 'appmodelsOauthUsers',
  114. ],
  115. 'grantTypes' => [
  116. 'user_credentials' => [
  117. 'class' => 'OAuth2GrantTypeUserCredentials',
  118. ],
  119. 'refresh_token' => [
  120. 'class' => 'OAuth2GrantTypeRefreshToken',
  121. 'always_issue_new_refresh_token' => true
  122. ]
  123. ]
  124. ]
  125.  
  126. <?php
  127.  
  128. namespace appmodels;
  129.  
  130. use Yii;
  131. use appmodelsbaseOauthUsers as BaseOauthUsers;
  132.  
  133. /**
  134. * This is the model class for table "oauth_users".
  135. */
  136. class OauthUsers extends BaseOauthUsers
  137. implements yiiwebIdentityInterface,OAuth2StorageUserCredentialsInterface
  138.  
  139. {
  140. /**
  141. * @inheritdoc
  142. */
  143. public static function findIdentity($id) {
  144. $dbUser = OauthUsers::find()
  145. ->where([
  146. "id" => $id
  147. ])
  148. ->one();
  149. if (!count($dbUser)) {
  150. return null;
  151. }
  152. return new static($dbUser);
  153. }
  154.  
  155. /**
  156. * @inheritdoc
  157. */
  158. public static function findIdentityByAccessToken($token, $userType = null) {
  159.  
  160. $at = OauthAccessTokens::find()
  161. ->where(["access_token" => $token])
  162. ->one();
  163.  
  164. $dbUser = OauthUsers::find()
  165. ->where(["id" => $at->user_id])
  166. ->one();
  167. if (!count($dbUser)) {
  168. return null;
  169. }
  170. return new static($dbUser);
  171. }
  172.  
  173. /**
  174. * Implemented for Oauth2 Interface
  175. */
  176. public function checkUserCredentials($username, $password)
  177. {
  178. $user = static::findByUsername($username);
  179. if (empty($user)) {
  180. return false;
  181. }
  182. return $user->validatePassword($password);
  183. }
  184.  
  185. /**
  186. * Implemented for Oauth2 Interface
  187. */
  188. public function getUserDetails($username)
  189. {
  190. $user = static::findByUsername($username);
  191. return ['user_id' => $user->getId()];
  192. }
  193.  
  194. /**
  195. * Finds user by username
  196. *
  197. * @param string $username
  198. * @return static|null
  199. */
  200. public static function findByUsername($username) {
  201. $dbUser = OauthUsers::find()
  202. ->where([
  203. "username" => $username
  204. ])
  205. ->one();
  206. if (!count($dbUser)) {
  207. return null;
  208. }
  209. return new static($dbUser);
  210. }
  211.  
  212. /**
  213. * @inheritdoc
  214. */
  215. public function getId()
  216. {
  217. return $this->id;
  218. }
  219.  
  220. /**
  221. * @inheritdoc
  222. */
  223. public function getAuthKey()
  224. {
  225. return $this->authKey;
  226. }
  227.  
  228. /**
  229. * @inheritdoc
  230. */
  231. public function validateAuthKey($authKey)
  232. {
  233. return $this->authKey === $authKey;
  234. }
  235.  
  236. /**
  237. * Validates password
  238. *
  239. * @param string $password password to validate
  240. * @return boolean if password provided is valid for current user
  241. */
  242. public function validatePassword($password)
  243. {
  244. return $this->password === $password;
  245. }
  246. }
  247.  
  248. function createuser(){
  249. var url = "http://www.server.org/app/api/v1/users/create";
  250. var data = {
  251. 'callback':'cb',
  252. 'username': 'user',
  253. 'password':'pass',
  254. 'first_name':'name',
  255. 'last_name':'lastname'
  256. };
  257.  
  258. $.ajax({
  259. type: "POST",
  260. url: url,
  261. data: data,
  262. beforeSend: function (xhr) {
  263. xhr.setRequestHeader('Authorization', 'Bearer ' + token);
  264. },
  265. success:function(r){
  266. console.log(r);
  267. },
  268. });
  269. }
  270.  
  271. public static function findIdentityByAccessToken($token, $type = null)
  272. {
  273. return static::findOne(['auth_key' => $token]);
  274. }
  275.  
  276. SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
  277.  
  278. https://github.com/yiisoft/yii2/issues/6631
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!