Skip to content
/ resource-authorization Public

Allows an OAuth2 resource server to be loosely coupled to an authentication server

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jeffsrepoaccount/resource-authorization

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
src
src
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

OAuth2 Resource Authorization

This package helps to provide a method of integrating a resource server to an authentication server to validate access attempts, and is meant as a resource-side complement to lucadegasperi/oauth2-server-laravel.

The benefit of this package is that it can be used to (almost) completely decouple the resource server from the authentication server. The resource server will still require an App\User model and will need to be aware of how to connect to the authentication server's database.

This package is released under the MIT License

Installation

Add to `config/app.php':

'providers' => [
    // ...
    LucaDegasperi\OAuth2Server\Storage\FluentStorageServiceProvider::class,
    Jeffsrepoaccount\ResourceAuthorization\ServiceProvider::class,
]

Add to app/Http/Kernal.php:

'oauth_access' => \Jeffsrepoaccount\ResourceAuthorization\Middleware::class,

Usage

// app/Http/routes.php

Route::group(['middleware   ' => 'oauth_access'], function() {
   Route::get('/api/v1/resources', 'MyApiController@indexRoute'); 
});
use Illuminate\Http\Request;

class MyApiController
{
    public function indexRoute(Request $request)
    {
        $user = $request->user();

        $this->respondWithUserResource($user->resource);
    }
}

If you want to keep everything about your user accounts in a different database so that the only tables your resource database contains are resources, change the $connection property on the App\User model and add the connection details to `config/database.php':

<?php namespace App;

class User extends Model implements AuthenticatableContract, CanResetPasswordContract
{
    protected $connection = 'accounts';    
}
// config/database.php
return [
    'connections' => [
        'accounts' => [
            'driver'    => 'mysql',
            'host'      => env('ACCOUNTS_DB_HOST',      ''),
            'database'  => env('ACCOUNTS_DB_DATABASE',  ''),
            'username'  => env('ACCOUNTS_DB_USERNAME',  ''),
            'password'  => env('ACCOUNTS_DB_PASSWORD',  ''),
            'charset'   => 'utf8',
            'collation' => 'utf8_unicode_ci',
            'prefix'    => '',
            'strict'    => false,
        ],
    ],
];

Lastly, create a config/oauth2.php file (because you don't want to publish this package on your resource server since it will also publish all of the migrations) and add the following contents:

<?php

return [
    'database' => 'accounts',
];

About

Allows an OAuth2 resource server to be loosely coupled to an authentication server

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages