This project is under construction
- Do not attempt to use in prod environment
- PM me for requests/suggestions
This repo contains a boilerplate project for a Phalcon API including an OAuth2 Server (https://github.com/thephpleague/oauth2-server) to manage authentication and authorization checks.
Currently support
- Client credentials grant
- Password grant
- Refresh grant
- Plain token and JWT bearer responses
- API requests validation
- Client scripts/sandbox for the supported grant
Before you install this project make sure your environment includes the following requirements:
- PHP 7.*
- Phalcon 3.*
- Module php_openssl activated
- Clone or download the repo
- Run
composer updatein the project folder - Create the
oauth2database and import the content of theconfig/dump-[prefered-charset].sqlfile - Coming soon: test token creation and API call using the client snippet
- Secure or remove the
public/docsfolder to prevent access to the sandbox
This repository include a Swagger documentation and a sandbox. You can launch it by double-clicking on the index.html file in
the docs/swagger folder.
The Swagger documentation use doctrine annotations.
The annotations should look like this:
/**
* @SWG\Get(
* path="/api/resource.json",
* @SWG\Response(response="200", description="An example resource")
* )
*/You can find some annotation examples in the existing files :
app/common/controllers/DefaultController.php (Global annotations)
app/oauth2/controllers/OAuth2AccessTokenController.php (Call, request parameters and response annotations)
app/oauth2/entities/models/AccessTokenModel.php (Entity annotations)
To generate the Swagger documentation for the application (app folder) run the following command
php app/cli/cli.php swagger generateThis sandbox contains working examples of a client implementations.
See the following files for more details: