-
Notifications
You must be signed in to change notification settings - Fork 19
OAuth2
Thomas Hufschmidt edited this page Oct 24, 2017
·
8 revisions
The built-in OAuth2 component of the plugin plays an important role for authorization and authentication. Besides the possibility of using client certificates, the OAuth2 mechanism enables the development of client applications that use the API provided by the REST endpoints in a similar fashion as can be found at major platforms like google or facebook.
- A good overview about OAuth2 can be found here.
- A list of different grant types can be found here.
- Specifications: rfc6749 and rfc6750.
An OAuth2 demo showcasing all available methods for gaining a bearer token can be found under ${REST_PLUGIN_DIR}/apps/oauth2demo/start.php .
Retrieve an OAuth 2.0 Access Token
curl -X POST http://localhost/restplugin.php/v2/oauth2/token -d "grant_type=password&api_key=apollon&username=root&password=homer"
> {
> "access_token":"<TOKEN>",
> "expires_in":1800,
> "token_type":"bearer",
> "scope":null
> }
Use your OAuth 2.0 Access Token
curl -H "Authorization: Bearer <TOKEN>" http://localhost/restplugin.php/v1/docs/route
> {
> "status":"success",
> "msg":"Hello @ 1234567890",
> "referer":null,
> "host":"localhost"
> }