I'm currently working on a CakePHP 3 application, trying to connect to Microsoft Azure using OAuth2. To this end, I'm trying to integrate the UseMuffin OAuth2 plugin. However, I'm struggling with the documentation. It seems to describe how to configure the plugin, but not how to actually use it. What methods do I call and how when I want to initiate an OAuth2 authentication? I'm somewhat familiar with OAuth2 itself, already wrote a little stand-alone PHP script that successfully authenticates using Curl. I'm just not sure how the UseMuffin plugin can help.
To be clear, the CakePHP 3 application I'm working on already has its own authentication scheme. I just want some users (not all) that are already authenticated with my application, to connect with Azure, so we can exchange information. I'm not sure the UseMuffin plugin can work alongside an existing means of authentication?
Related
I am having a PHP based application, that uses MySQL as the DB. I am currently trying to build a real-time messaging system for the users in the application. I have found Firebase to be a very good solution for building this. However, I am not sure if the architecture I am planning is compatible with the architecture am planning. Digging through the documentation didn't really get me the answers.
My Doubts are:
I don't want users to again login to use chat, so I want to
authenticated via the server (i.e from php).
I want, the further chat/messaging to happen from client to Firebase directly as I don't want to have unwanted overhead on my server, especially when a direct connection is not only supported but also efficient.
Can I authenticate via php and get some secret key or something and then use that to connect securely via Js?
I found this link which talks about custom authentication system. But am not sure, if this is what I have to use. And if the solution am planning is scalable and ok.
Firebase Auth persists the session on the client via localStorage/indexedDB and is a headless API that doesn't require a hosted server. So you are not required to authenticate the user via your server.
You can definitely build the messaging app entirely on the client with real-time database without routing traffic to your server. Here is an example of a chat app built with Firebase: https://github.com/firebase/friendlychat
If you already have an existing authentication system, you can use custom auth which requires that you mint a custom token after you authenticate a user with your system, you then send that custom token to the client and then signInWithCustomToken. Here is some code to create a custom token with PHP: https://firebase.google.com/docs/auth/admin/create-custom-tokens#create_custom_tokens_using_the_firebase_admin_sdk
If you don't have an existing auth system, you can entirely run the authentication on the client side. Another good library for authentication that is built on top of Firebase is FirebaseUI: https://github.com/firebase/firebaseui-web
I'm trying to implement Oauth2 server library into my fuelphp api. I've been following this tutorial and this one.
I understood and was able to complete the 2nd tutorial, but that doesn't deal with integrating OAuth into Fuelphp.
What I'm wondering, is how to integrate OAuth2 into my api, I just want to replicated a login? Has anyone any other tutorials on how to do this?
Where in my fuelphp directories do I put the Server/ token/ authorization code?
Thanks very much
FuelPHP uses OPauth under the hood and it's use is documented in the official Fuel docs
The server tokens, authorization codes, etc are stored in the opauth.php config file.
we have already developed a web app using codeigniter and now planning a mobile client(for android phones).The scenario is like this
1)mobile client will have a local db same as server db
2)After installing the app an authentication process is there
3)After authentication we need to download the data from server db to mobile client DB.
I have created one web service using REST api for authentication process and its working but for step 3 i need help.
Can i use REST api for that also or is there exist any other secure mechanism to sync server and mobile client DB ?
Can anyone suggest please!
Best regards,
First, you need create a very strong structure compatible with Oauth2, I recommended this library: Codeigniter RESTserver
After, you must know how works the Oauth2 protocol and implements it.
Read this tutorial, is old but good for your work: http://code.tutsplus.com/tutorials/working-with-restful-services-in-codeigniter--net-8814
I'm currently building an application on Android that allows user to register a location-based service. I'm pretty new in both server-side programming and Android. Therefore I need some suggestions to point me to the right direction.
Concretely, my Android application will allow users to register, login, and update their profile and settings on the server side, and I'm using Apache as my server.
My idea now is using CakePHP on the server-side, and use JSON/XML format to communicate with the Android App via HTTP POST and response. I don't want to rebuild everything like authentication from scratch, however I can't find any CakePHP plugin that work for me. I've tried CakeDC and Authake. CakeDC seems incompatible with current CakePHP version. For Authake, I've followed the steps on the Authake Tutorial, however, the register and login page do not work. (I can't use admin to login as well.)
Summary
1. Is this server-client architecture feasible?
2. Can anyone point me to an CakePHP authentication/registration plugin which is compatible with current CakePHP?
Seems feasible to me. Though you might have to build a REST or
similar interface if you are letting users log in remotely through
the web interface.
I used the User Management plugin for my auth-based CakePHP programs and really like it.
I am developing an API using Codeigniter and Phils RESTserver.
I need to have authentication working with oAuth but I cannot find a library
that works with both Codeigniter and MongoDB.
Is it simple to create the oAuth process myself? I know it is hard to answer
not knowing my level of expertise.
This is my understanding of the oAuth process.
User clicks on link and are redirected to the servers login form.
User will be asked to authorize the developers app.
If he does authorize it he is redirected back to the developers website.
On this website the code that he got from step 3 will be exchanged for an access token.
Developers app will now be able to access the users account on the server.
I know there are parameters to be sent along with the requests like client_id and client_secret and redirect URL. But my question is. Is it this easy to implement an oAuth server? Just create the classes and functions? What else are the requirements to
be able to call the process a true oAuth authentication?
Thankful for all input!
Have you had a play with this?
https://github.com/alexbilbie/CodeIgniter-OAuth-2.0-Server
Alex has also written a Mongo library, so if his server doesn't support Mongo out of the box then just have a play with that. Just because your API is in Mongo though doesn't mean the api keys, tokens, etc HAVE to be in Mongo too, but they easily can be.