LfjOpauth
Created By Lorenzo Ferrara Junior, (*1)
Introduction
LfjOpauth is a Zend Framework 2 module that enables support for many authentication providers through the Opauth framework., (*2)
Installation
To use the module you need to:, (*3)
- Install the LfjOpauth module using using
composer
- Install at least one of the Opauth strategies
- Enable the LfjOpauth module
To install the LfjOpauth module, you need to add "lorenzoferrarajr/lfj-opauth": "dev-master" to the require list of your project's composer.json file., (*4)
To install the Opauth strategy, you need find the required
package on Packagist or on GitHub and add it to the require list of your project's composer.json file., (*5)
This is an example of a modified composer.json which includes the LfjOpauth module and the Facebook strategy:, (*6)
{
"name": "zendframework/skeleton-application",
"description": "Skeleton Application for ZF2",
"require": {
"php": ">=5.3.3",
"zendframework/zendframework": ">2.2.0rc1",
"lorenzoferrarajr/lfj-opauth": "dev-master",
"opauth/facebook": "0.2.1"
}
}
The example includes the installation of the Facebook Opauth strategy. More info on Opauth strategies can be found on GitHub:, (*7)
Installing LfjOpauth using composer, the Opauth dependecy is automatically resolved, but you still must provide at least one strategy., (*8)
Next, you need to add LfjOpauth to the modules list in the config/application.config.php file of your Zend Framework 2 project., (*9)
This is an example:, (*10)
<?php
return array(
'modules' => array(
'LfjOpauth',
'Application',
),
// more code
);
Configuration
Once LfjOpauth is installed you must create a file named lfjopauth.global.php in your config/autoload directory. This is the configuration file where you specify the LfjOpauth options., (*11)
An example of the lfjopauth.global.php file:, (*12)
$settings = array(
'security_salt' => 'Some random text',
'Strategy' => array(
'Facebook' => array(
'app_id' => 'facebook application id',
'app_secret' => 'facebook application secret',
'scope' => 'email,user_relationships',
),
'second_facebook_app' => array(
'app_id' => 'another facebook application id',
'app_secret' => 'another facebook application secret',
'scope' => 'email,user_relationships',
'strategy_class' => 'Facebook',
'strategy_url_name' => 'second_facebook_app'
)
),
'check_controller_enabled' => false
);
return array('lfjopauth' => $settings);
The configuration is pretty much the same as the Opauth configuration, without the path and callback_url options, which are handled by the module., (*13)
The check_controller_enabled flag enables or disables access to CheckController., (*14)
Alternatively, an option provider can be set using the Service Manager to replace the current configuration loader.
To do that, you just have to :, (*15)
- Register a service named
lfjopauth_module_options,
- Implement the interface
LfjOpauth\Provider\OptionsProviderInterface,
- And return a configuration
array as above.
This can be usefull if you want to load your configuration from database or generate configuration for complexe cases., (*16)
Login and callback urls
Given the above configuration (and the corresponding Facebook applications), you will be able to login using:, (*17)
- http://example.com/user/opauth/login/facebook
- http://example.com/user/opauth/login/second_facebook_app
and to logout using:, (*18)
- http://example.com/user/opauth/logout
For the two demo Facebook application described in the example configuration, you should use, (*19)
- http://example.com/user/login/facebook
- http://example.com/user/login/second_facebook_app
as value of the Website with Facebook Login, Site URL option., (*20)
Events
The LfjOpauth\Service\OpauthService triggers the LfjOpauth\LfjOpauthEvent::EVENT_LOGIN_CALLBACK event after the callback is processed. Be aware that the LfjOpauth\LfjOpauthEvent::EVENT_LOGIN_CALLBACK event is alwais triggered, even when the login process fails. Use the available event parameters to implement result checking., (*21)
The event contains three parameters:, (*22)
-
authenticationService: a Zend\Authentication\Result instance
-
authenticationResult: a Zend\Authentication\AuthenticationService instance
-
provider: is the provider used to try the login (example: facebook, google)
and its target is an instance of LfjOpauth\Service\OpauthService., (*23)
As en example on how to attach to the event, please refer to the following code., (*24)
namespace Application;
use Zend\EventManager\EventInterface;
use Zend\Mvc\ModuleRouteListener;
use Zend\Mvc\MvcEvent;
class Module
{
public function onBootstrap(MvcEvent $e)
{
$eventManager = $e->getApplication()->getEventManager();
$moduleRouteListener = new ModuleRouteListener();
$moduleRouteListener->attach($eventManager);
$sharedEventManager = $eventManager->getSharedManager();
$sharedEventManager->attach('LfjOpauth\Service\OpauthService', \LfjOpauth\LfjOpauthEvent::EVENT_LOGIN_CALLBACK, function(EventInterface $e) {
/** @var \Zend\Authentication\Result $result */
$authenticationResult = $e->getParam('authenticationResult');
/** @var \Zend\Authentication\AuthenticationService $authenticationService */
$authenticationService = $e->getParam('authenticationService');
/** @var \LfjOpauth\Service\OpauthService $target */
$target = $e->getTarget();
$provider = $e->getParam('provider');
/*
var_dump(get_class($e->getTarget()));
var_dump($e->getParam('provider'));
var_dump('$authenticationResult->isValid()', $authenticationResult->isValid());
var_dump('$authenticationService->hasIdentity()', $authenticationService->hasIdentity());
var_dump('$authenticationService->getIdentity()', $authenticationService->getIdentity());
var_dump('$authenticationResult->getCode()', $authenticationResult->getCode());
var_dump('$authenticationResult->getIdentity()', $authenticationResult->getIdentity());
var_dump('$authenticationResult->getMessages()', $authenticationResult->getMessages());
*/
}, 100);
}
Custom callback urls
If you need custom login and/or callback urls (for example containing more parameters), you can code custom routes and controller., (*25)
This is the code that defines the custom_lfjopauth_login and custom_lfjopauth_callback routes (custom-auth is the controller alias):, (*26)
return array(
'router' => array(
'routes' => array(
'custom_lfjopauth_login' => array(
'type' => 'Segment',
'options' => array(
'route' => '/custom/login/[:provider[/:oauth_callback]]',
'constraints' => array(
'provider' => '[a-zA-Z][a-zA-Z0-9_-]*',
'oauth_callback' => '[a-zA-Z][a-zA-Z0-9_-]*'
),
'defaults' => array(
'controller' => 'custom-auth',
'action' => 'redirectAndReturn'
)
)
),
'custom_lfjopauth_callback' => array(
'type' => 'Segment',
'options' => array(
'route' => '/custom/callback/[:provider]',
'constraints' => array(
'provider' => '[a-zA-Z][a-zA-Z0-9_-]*'
),
'defaults' => array(
'controller' => 'custom-auth',
'action' => 'callback'
)
)
),
// more code
)
)
);
This is the code of the hypothetical controller that manages login and callback actions:, (*27)
// [...]
class AuthController extends AbstractActionController
{
public function redirectAndReturnAction()
{
// if user is not logged in
if (!$this->auth()->hasIdentity())
{
$provider = $this->params()->fromRoute('provider');
$oauth_callback = $this->params()->fromRoute('oauth_callback');
$opauth_service = $this->getServiceLocator()->get('opauth_service');
// set custom login and callback routes
$opauth_service->setLoginUrlName('custom_lfjopauth_login');
$opauth_service->setCallbackUrlName('custom_lfjopauth_callback');
return $opauth_service->redirect($provider, $oauth_callback);
}
return $this->redirect()->toRoute('somewhere_over_the_rainbow');
}
public function callbackAction()
{
// if user is not logged in
if (!$this->auth()->hasIdentity())
{
$provider = $this->params()->fromRoute('provider');
$opauth_service = $this->getServiceLocator()->get('opauth_service');
// set custom login and callback routes
$opauth_service->setLoginUrlName('custom_lfjopauth_login');
$opauth_service->setCallbackUrlName('custom_lfjopauth_callback');
$opauth_service->callback($provider);
}
return $this->redirect()->toRoute('somewhere_else_over_the_rainbow');
}
}
Checking login status
If the check_controller_enabled flag is enabled, you will be able to print current session info at this url:, (*28)
- http://example.com/user/opauth/check
The default value of check_controller_enabled is false., (*29)
Other info
LfjOpauth uses Zend\Authentication\AuthenticationService (alias lfjopauth_auth_service) to manage authentication., (*30)
The LfjOpauth\Service\OpauthService (alias: opauth_service) class exposes the redirect and callback methods which can be used in any controller. An example can be found in the LfjOpauth\Controller\LoginController class., (*31)
LICENSE
The files in this archive are released under the MIT license. You can find a copy of this license in LICENSE.txt., (*32)
Wallogit.com
