Abstract Class yii\authclient\OAuth2
OAuth2 serves as a client for the OAuth 2 flow.
In oder to acquire access token perform following sequence:
use yii\authclient\OAuth2;
// assuming class MyAuthClient extends OAuth2
$oauthClient = new MyAuthClient();
$url = $oauthClient->buildAuthUrl(); // Build authorization URL
Yii::$app->getResponse()->redirect($url); // Redirect to authorization URL.
// After user returns at our site:
$code = Yii::$app->getRequest()->get('code');
$accessToken = $oauthClient->fetchAccessToken($code); // Get access token
See also:
Public Properties
Property | Type | Description | Defined By |
---|---|---|---|
$accessToken | yii\authclient\OAuthToken | Auth token instance. Note that the type of this property differs in getter and setter. See getAccessToken() and setAccessToken() for details. | yii\authclient\BaseOAuth |
$apiBaseUrl | string | API base URL. | yii\authclient\BaseOAuth |
$authUrl | string | Authorize URL. | yii\authclient\BaseOAuth |
$autoRefreshAccessToken | boolean | Whether to automatically perform 'refresh access token' request on expired access token. | yii\authclient\BaseOAuth |
$behaviors | yii\base\Behavior[] | List of behaviors attached to this component. | yii\base\Component |
$clientId | string | OAuth client ID. | yii\authclient\OAuth2 |
$clientSecret | string | OAuth client secret. | yii\authclient\OAuth2 |
$enablePkce | boolean | Whether to enable proof key for code exchange (PKCE) support and add
a code_challenge and code_verifier to the auth request. |
yii\authclient\OAuth2 |
$httpClient | yii\httpclient\Client | Internal HTTP client. Note that the type of this property differs in getter and setter. See getHttpClient() and setHttpClient() for details. | yii\authclient\BaseClient |
$id | string | Service id. | yii\authclient\BaseClient |
$name | string | Service name. | yii\authclient\BaseClient |
$normalizeUserAttributeMap | array | Normalize user attribute map. | yii\authclient\BaseClient |
$parametersToKeepInReturnUrl | array | List of the parameters to keep in default return url. | yii\authclient\BaseOAuth |
$requestOptions | array | HTTP request options. | yii\authclient\BaseClient |
$returnUrl | string | Return URL. | yii\authclient\BaseOAuth |
$scope | string | Auth request scope. | yii\authclient\BaseOAuth |
$signatureMethod | yii\authclient\signature\BaseMethod | Signature method instance. Note that the type of this property differs in getter and setter. See getSignatureMethod() and setSignatureMethod() for details. | yii\authclient\BaseOAuth |
$stateStorage | yii\authclient\StateStorageInterface | Stage storage. Note that the type of this property differs in getter and setter. See getStateStorage() and setStateStorage() for details. | yii\authclient\BaseClient |
$title | string | Service title. | yii\authclient\BaseClient |
$tokenUrl | string | Token request URL endpoint. | yii\authclient\OAuth2 |
$userAttributes | array | List of user attributes. | yii\authclient\BaseClient |
$validateAuthState | boolean | Whether to use and validate auth 'state' parameter in authentication flow. | yii\authclient\OAuth2 |
$version | string | Protocol version. | yii\authclient\OAuth2 |
$viewOptions | array | View options in format: optionName => optionValue. | yii\authclient\BaseClient |
Public Methods
Protected Methods
Property Details
OAuth client ID.
OAuth client secret.
Whether to enable proof key for code exchange (PKCE) support and add
a code_challenge
and code_verifier
to the auth request.
See also https://oauth.net/2/pkce/.
Token request URL endpoint.
Whether to use and validate auth 'state' parameter in authentication flow. If enabled - the opaque value will be generated and applied to auth URL to maintain state between the request and callback. The authorization server includes this value, when redirecting the user-agent back to the client. The option is used for preventing cross-site request forgery.
Protocol version.
Method Details
Applies access token to the HTTP request instance.
public void applyAccessTokenToRequest ( $request, $accessToken ) | ||
$request | yii\httpclient\Request | HTTP request instance. |
$accessToken | yii\authclient\OAuthToken | Access token instance. |
Applies client credentials (e.g. $clientId and $clientSecret) to the HTTP request instance.
This method should be invoked before sending any HTTP request, which requires client credentials.
protected void applyClientCredentialsToRequest ( $request ) | ||
$request | yii\httpclient\Request | HTTP request instance. |
Authenticate OAuth client directly at the provider without third party (user) involved, using 'client_credentials' grant type.
public yii\authclient\OAuthToken authenticateClient ( $params = [] ) | ||
$params | array | Additional request params. |
return | yii\authclient\OAuthToken | Access token. |
---|
Authenticates user directly by 'username/password' pair, using 'password' grant type.
public yii\authclient\OAuthToken authenticateUser ( $username, $password, $params = [] ) | ||
$username | string | User name. |
$password | string | User password. |
$params | array | Additional request params. |
return | yii\authclient\OAuthToken | Access token. |
---|
Authenticates user directly using JSON Web Token (JWT).
See also https://tools.ietf.org/html/rfc7515.
public yii\authclient\OAuthToken authenticateUserJwt ( $username, $signature = null, $options = [], $params = [] ) | ||
$username | string | |
$signature | yii\authclient\signature\BaseMethod|array | Signature method or its array configuration. If empty - $signatureMethod will be used. |
$options | array | Additional options. Valid options are:
|
$params | array | Additional request params. |
return | yii\authclient\OAuthToken | Access token. |
---|
Composes user authorization URL.
public string buildAuthUrl ( array $params = [] ) | ||
$params | array | Additional auth GET params. |
return | string | Authorization URL. |
---|
Creates token from its configuration.
protected yii\authclient\OAuthToken createToken ( array $tokenConfig = [] ) | ||
$tokenConfig | array | Token configuration. |
return | yii\authclient\OAuthToken | Token instance. |
---|
Fetches access token from authorization code.
public yii\authclient\OAuthToken fetchAccessToken ( $authCode, array $params = [] ) | ||
$authCode | string | Authorization code, usually comes at GET parameter 'code'. |
$params | array | Additional request params. |
return | yii\authclient\OAuthToken | Access token. |
---|---|---|
throws | yii\web\HttpException | on invalid auth state in case enableStateValidation is enabled. |
Generates the auth state value.
protected string generateAuthState ( ) | ||
return | string | Auth state value. |
---|
Gets new auth token to replace expired one.
public yii\authclient\OAuthToken refreshAccessToken ( yii\authclient\OAuthToken $token ) | ||
$token | yii\authclient\OAuthToken | Expired auth token. |
return | yii\authclient\OAuthToken | New auth token. |
---|