I am currently trying to install a Yii2 extension for implementing an OAuth2 server (https://github.com/Filsh/yii2-oauth2-server). However, I keep running on the error below:
Does anyone have an idea on how to install this extension. I followed the instructions given but there was no mention about that error.
Satya is right. You need to configure oauth2 module as described on repo's description:
'oauth2' => [
'class' => 'filsh\yii2\oauth2server\Module',
'options' => [
'token_param_name' => 'accessToken',
'access_lifetime' => 3600 * 24
],
'storageMap' => [
'user_credentials' => 'common\models\User'
],
'grantTypes' => [
'client_credentials' => [
'class' => 'OAuth2\GrantType\ClientCredentials',
'allow_public_clients' => false
],
'user_credentials' => [
'class' => 'OAuth2\GrantType\UserCredentials'
],
'refresh_token' => [
'class' => 'OAuth2\GrantType\RefreshToken',
'always_issue_new_refresh_token' => true
]
],
]
I've configured this extension successfully and created Yii2 Rest API template with OAuth2 server https://github.com/ikaras/yii2-oauth2-rest-template - feel free to use. Also this code has some demo data (examples of using) and support of scopes for controllers.
Add give 'oauth2' configuration in 'modules' section of config/main.php.
It may work
Use this configuration under your confin/main.php file under modules section.
'oauth2' => [
'class' => 'filsh\yii2\oauth2server\Module',
'tokenParamName' => 'token',
'tokenAccessLifetime' => '100800', // Expiry Time
'storageMap' => [
'user_credentials' => 'common\models\User', // This Should be your model name
],
'grantTypes' => [
'client_credentials' => [
'class' => 'OAuth2\GrantType\ClientCredentials',
'allow_public_clients' => false,
],
'user_credentials' => [
'class' => 'OAuth2\GrantType\UserCredentials',
],
'refresh_token' => [
'class' => 'OAuth2\GrantType\RefreshToken',
'always_issue_new_refresh_token' => true,
'refresh_token_lifetime' => '100800',
],
],
];
Found solution my-self on scope issue, maybe it will be useful for someone - marked with ** in config:
'modules' => [
'oauth2' => [
'class' => 'filsh\yii2\oauth2server\Module',
'tokenParamName' => 'accessToken',
'tokenAccessLifetime' => 3600 * 24,
'storageMap' => [
'client_credentials' => 'app\models\User',
'user_credentials' => 'app\models\User',
**'scope' => 'app\models\User',**
],
'grantTypes' => [
'client_credentials' => [
'class' => '\OAuth2\GrantType\ClientCredentials',
'allow_public_clients' => false,
'always_issue_new_refresh_token' => true
],
'user_credentials' => [
'class' => 'OAuth2\GrantType\UserCredentials',
],
'refresh_token' => [
'class' => 'OAuth2\GrantType\RefreshToken',
'always_issue_new_refresh_token' => true
]
]
]
],
Related
I need to override a view file like ‘pathMap’ => [ ‘#dektrium/user/views’ => ‘#app/views/site’] I followed manual (https://github.com/dektrium/yii2-user/blob/master/docs/overriding-views.md) but all I see is the old view whatever I do. Perhaps something wrong with baseUrl or basePath but I’m not sure what I should do.
frontend/config/main.php:
'components' => [
'request' => [
'csrfParam' => '_csrf-frontend',
'baseUrl' => '/',
],
// .................
'urlManager' => [
'enablePrettyUrl' => true,
'showScriptName' => false,
'rules' => [
'/' => 'site/index',
'<action:\w+>' => 'site/<action>',
],
],
'view' => [
'class' => 'yii\web\View',
'theme' => [
//'basePath' => '#app/themes/basic',
//'baseUrl' => '#app/views/site',
'pathMap' => [
'#dektrium/user/views' => '#app/views/site'
]
]
]
//.................
]
common/config/main.php:
'modules' => [
'user' => [
'class' => 'dektrium\user\Module',
'admins' => ['admin'],
'modelMap' => [
'User' => 'common\models\User',
],
]
I open page on the address like mydomain.test/user/register (in case it’s somehow matter)
I also tried to put ‘view’ part in components of common/config/main.php and of module. Tried to create themes folder and put new view therein, nothing seems work
ok, I finally fixed it
'view' => [
'class' => 'yii\web\View',
'theme' => [
'basePath' => '#frontend/views/site',
'baseUrl' => '#frontend/views/site',
'pathMap' => [
'#dektrium/user/views/registration' => '#frontend/views/site',
]
]
]
I’d like to use Yii2-queue extension. In my project I use Beanstalk and I have more than 100 different queue channels/tubes. What is the correct way to use more than one queue channel/tube for a single queue server?
It does not seem right to me to add 100+ queue components in common/config/main.php with the same configuration where only channel/tube name would differ.
main.php:
...
'mainQueue' => [
'class' => 'yii\queue\beanstalk\Queue',
'tube' => 'mainQueue',
],
'secondQueue' => [
'class' => 'yii\queue\beanstalk\Queue',
'tube' => 'secondQueue',
],
'thirdQueue' => [
'class' => 'yii\queue\beanstalk\Queue',
'tube' => 'thirdQueue',
],
'fourthQueue' => [
'class' => 'yii\queue\beanstalk\Queue',
'tube' => 'fourthQueue',
],
'webhookQueue' => [
'class' => 'yii\queue\beanstalk\Queue',
'tube' => 'webhookQueue',
],
'workerDataQueue' => [
'class' => 'yii\queue\beanstalk\Queue',
'tube' => 'workerDataQueue',
],
'userEventsQueue' => [
'class' => 'yii\queue\beanstalk\Queue',
'tube' => 'userEventsQueue',
],
...
I am trying to implement the suggest function of elasticsearch-php client in my API to suggest people some already existing problems.
I have made index for my problems
'index' => 'newproblemindex',
'body' => [
'settings' => [
'number_of_shards' => 3,
'number_of_replicas' => 2
],
'mappings' => [
'newproblems' => [ // type of index
'_source' => [
'enabled' => true
],
'properties' => [
'title' => [
'type' => 'text',
'analyzer' => 'standard'
],
'description' => [
'type' => 'text',
'analyzer' => 'standard'
], 'suggest' => [
'type' => 'completion'
]
]
]
]
]
But I am unable to find which param fields to use to implement suggest function
'index' => 'newproblemindex',
'body' => [
'try' => [
'text' => $request->search_key,
'completion' => [ 'text' => 'suggest' ]
]
],
I am using laravel and taking search_key as request param but I am getting "invalid_type_name_exception" and when I tried to give the type name, it is again giving me some error.
"suggest" => [
"song-suggest" => [
"prefix" => $request->search_key,
"completion" => ["field" => "suggest"]
]
]
I am getting error "suggest is not a valid param ". Please help
and Thanks in advance.
I want to protect my REST API by using an oauth2 authentication. I'm using bshaffer/oauth2-server-php in combination with zend 3.
I've the following config:
// autoload/oauth2.global.php
return [
'zf-oauth2' => [
'db' => [
'dsn' => sprintf(
'mysql:dbname=%s;host=%s',
false !== getenv('DB_NAME') ? getenv('DB_NAME') : '',
false !== getenv('DB_HOST') ? getenv('DB_HOST') : ''
),
'username' => false !== getenv('DB_USER') ? getenv('DB_USER') : '',
'password' => false !== getenv('DB_PASS') ? getenv('DB_PASS') : '',
],
'storage' => MyApp\OAuth2Module\Adapter\PdoAdapter::class,
'enforce_state' => true,
'allow_implicit' => true,
'access_lifetime' => 3600,
'api_problem_error_response' => false,
'options' => [
'use_jwt_access_tokens' => false,
'store_encrypted_token_string' => true,
'use_openid_connect' => false,
'id_lifetime' => 3600,
'www_realm' => 'Service',
'token_param_name' => 'access_token',
'token_bearer_header_name' => 'Bearer',
'require_exact_redirect_uri' => true,
'allow_public_clients' => true,
'allow_credentials_in_request_body' => true,
'always_issue_new_refresh_token' => false,
'refresh_token_lifetime' => 1209600,
],
],
];
And my auth route looks like this:
// autoload/router.global.php
return [
'router' => [
'routes' => [
'api' => [
'type' => Literal::class,
'options' => [
'route' => '/api',
],
'may_terminate' => false,
'child_routes' => [
'rest' => [
'type' => Literal::class,
'options' => [
'route' => '/rest',
],
'may_terminate' => false,
'child_routes' => [
'oauth' => [
'type' => Literal::class,
'options' => [
'route' => '/oauth',
'defaults' => [
'controller' => 'ZF\OAuth2\Controller\Auth',
'action' => 'token',
],
],
],
],
],
],
],
],
],
];
Everything works fine so far. I can post my client credentials to the oauth endpoint and get an access token.
But how can I protect the other endpoints? F.e. I make a GET request to /api/rest/myapp/GetList. The list of my entities should only be retrieved if the user also sends the authorization bearer with the request but I can't find a solution for this. Is it possible to set a parameter (something like "require_token") in the route config to "activate" this behavior? Or what is the correct way to protect my REST API?
There's no build-in system to make this. You will create a listener which's listens MvcEvent::Event_ROUTE and place it after router then check if there's a routematch. If there's one, check if it's protected route. If it's apply authentication logic.
i install this plugin for change theme in frontend https://github.com/Singrana/thememanager
install like manual.
in my frontend/config/main.php
'components' => [
'view'=>
[
'theme' =>
[
'class' => 'singrana\thememanager\components\ThemeManager',
'current' => 'siteeee',
'themes' =>
[
'site' =>
[
'pathMap' =>
[
'#app/views' => '#frontend/themes/site',
'#app/views/layouts' => '#frontend/themes/site/layouts',
],
//'defaultLayout' => '//inner',
],
'siteeee' =>
[
'pathMap' =>
[
'#app/views' => '#frontend/themes/siteeee',
'#app/views/layouts' => '#frontend/themes/siteeee/layouts',
],
//'defaultLayout' => '//inner',
],
],
],
],
],
but i need to call \Yii::$app->view->theme->changeTheme('themeName');, like in manual, to change theme , how can i do this in backend side ?