This project is under construction
- Do not attempt to use in prod environment
- PM me for requests/suggestions
This repo contains a boilerplate project for a Phalcon API including an OAuth2 Server (https://github.com/thephpleague/oauth2-server) to manage authentication and authorization checks.
Currently support
- Client credentials grant
- Password grant
- Refresh grant
- Plain token and JWT bearer responses
- API requests validation
- Client scripts/sandbox for the supported grant
Before you install this project make sure your environment includes the following requirements:
- PHP 7.*
- Phalcon 3.*
- Module php_openssl activated
- Clone or download the repo
- Run
composer update
in the project folder - Create the
oauth2
database and import the content of theconfig/dump-[prefered-charset].sql
file - Coming soon: test token creation and API call using the client snippet
- Secure or remove the
public/docs
folder to prevent access to the sandbox
This repository include a Swagger documentation and a sandbox. You can launch it by double-clicking on the index.html
file in
the docs/swagger
folder.
The Swagger documentation use doctrine annotations.
The annotations should look like this:
/**
* @SWG\Get(
* path="/api/resource.json",
* @SWG\Response(response="200", description="An example resource")
* )
*/
You can find some annotation examples in the existing files :
app/common/controllers/DefaultController.php
(Global annotations)
app/oauth2/controllers/OAuth2AccessTokenController.php
(Call, request parameters and response annotations)
app/oauth2/entities/models/AccessTokenModel.php
(Entity annotations)
To generate the Swagger documentation for the application (app
folder) run the following command
php app/cli/cli.php swagger generate
This sandbox contains working examples of a client implementations.
See the following files for more details: