1. Based onhttps://github.com/Filsh/yii2-oauth2-server实现；

Run: php composer.phar require –prefer-dist filsh/yii2-oauth2-server “*”

Install yii2-oauth2-server

2. Configure in the application:

E:\wwwroot\api.hmwis.com\passport\config\main.php

Modules=>[
oauth2=> [
class=>FILSH\Yii2\OAuth2Server\Module,
tokenparamname=>accessToken,
TokenAccessLifeTime=> 3600 * 24,
StorageMap=> [
user_credentials=>common\models\user,
]#ATFP_CLOSE_Translate_span#,
GrantTypes=>[
user_credentials=> [
class=>oauth2\grantType\usercredentials,
]#ATFP_CLOSE_Translate_span#,
refresh_token=>[
class=>oauth2\grantType\refreshtoken,
Always_issue_new_refresh_token=> true
]#ATFP_CLOSE_Translate_span#
]
],
v1=>[
class=>passport\modules\v1\module,
]#ATFP_CLOSE_Translate_span#,
],

Configure OAuth2 in the application

3. Edit the user model class User.php:

E:\wwwroot\api.hmwis.com\common\models\user.php

Implement the interface\OAuth2\Storage\UserCredentialsInterface
Class User extends ActiveRecord IdentityInterface, \oauth2\Storage\UserCredentialsInterface

Implement the interface\OAuth2\Storage\UserCredentialsInterface

3.1. Find the corresponding users based on the mailbox and mobile phone:

Find corresponding users based on mailbox and mobile phone

3. Implement two methods in the interface class:

Implementing two methods in the interface class

4. Run data migration:

Run: yii migrate –migrationpath=@vendor/filsh/yii2-oauth2-server/migrations

php strict warningYii\Base\ErrorExceptionwith messageDeclaration of M14050
1_075311_add_oauth2_server::primaryKey() should be compared with yii\db\migrat
ION::PrimaryKey($length = null)

5. Edit M140501_075311_add_oauth2_server.php:

public function primaryKey($columns = null) {
returnprimary key (. $this->db->getQueryBuilder()->buildColumns($columns) .);
}

Edit m140501_075311_add_oauth2_server.php

6. Run again: yii migrate –migrationpath=@vendor/filsh/yii2-oauth2-server/migrations

Run again: yii migrate –migrationpath=@vendor/filsh/yii2-oauth2-server/migrations

6.1. Check that the corresponding data table already exists in the database:

View the corresponding data table already in the database

7. Add the url rule to the urlmanager:

E:\wwwroot\api.hmwis.com\passport\config\main-local.php

post oauth2/<action:\w+>=>oauth2/rest/<action>,

Add url rules to urlmanager

8. To use the extension, just add the behavior to your base controller:

To use the extension just add behavior to your base controller

9,http://passport.api.hmwis.com/oauth2/token

“sqlstate[42S02]: base table or view not found: 1146 tableapi_hmwis_com.oauth_clientsdoesn’tt exist”

$this->config = array_merge(array(
client_table=> \yii::$app->db->tablePrefix .oauth_clients,
access_token_table=> \yii::$app->db->tablePrefix .oauth_access_tokens,
REFRESH_TOKEN_TABLE=> \yii::$app->db->tablePrefix .oauth_refresh_tokens,
code_table=> \yii::$app->db->tablePrefix .oauth_authorization_codes,
USER_TABLE=> \yii::$app->db->tablePrefix .oauth_users,
jwt_table  => \yii::$app->db->tablePrefix .oauth_jwt,
JTI_table  => \yii::$app->db->tablePrefix .oauth_jti,
SCOPE_TABLE  => \yii::$app->db->tablePrefix .oauth_scopes,
public_key_table  => \yii::$app->db->tablePrefix .oauth_public_keys,
), $config);

Set the data table prefix

11,http://passport.api.hmwis.com/oauth2/token

Request success:

{
“access_token”: “17b22dc4746f37ebd2019a256147944c84dec090”,
“expires_in”: 86400,
“token_type”: “bearer”,
“scope”: null,
“refresh_token”: “6a26bd0e049041bfd217ff7849d865c486449617”
}

Request access token successfully

12, e:\wwwroot\api.hmwis.com\passport\controllers\usercontroller.php

public function checkAccess($action, $model = null, $params =[])
{
$oauthuser = yii::$app->user->identity;

$uid = yii::$app->request->get(ID);

if ($oauthuser[‘id’]!= yii::$app->request->get(ID)) {
Throw new unauthorizedHttpException(yii::t(app/error,30054), $code = 30054);
}
}

Check the access method to determine whether the owner of the access token is the requesting user ID

12.1. If the owner of the access token is not the same person as the current user, an error is prompted:

If the access token owner is not the same person as the current user, an error is prompted

13. Edit the oauth_clients table:

Edit the oauth_clients table and set client authorization

14. Set the validity period of the access token and the refresh token to 7 days and 30 days respectively

E:\wwwroot\api.hmwis.com\vendor\filsh\yii2-oauth2-server\module.php

Set the validity period of the access token and the refresh token to 7 days and 30 days respectively

Set the validity period of the access token and the refresh token to 7 days and 30 days respectively

15. Obtain access tokens through password credentials

http://passport.api.hmwis.com/oauth2/token

if GRANT_TYPE = AUTHORIZATION_CODE
Request failed:

{
“name”: “bad request”,
“message”: “grant type \”authorization_code\” not supported”,
“code”: 0,
“status”: 400,
“type”: “filsh\yii2\oauth2server\exceptions\HttpException”
}

if GRANT_TYPE = AUTHORIZATION_CODE
request failed

15.1. Obtain the access token successfully and confirm in the database:

Get access token successfully

Confirm access token success

Confirm that the refresh token is successful

16. Get access token by refreshing the token

http://passport.api.hmwis.com/oauth2/token

Get access token by refreshing token

17. Modify user personal information

http://passport.api.hmwis.com/v1/users/4

Test access token:

test access token, wrong

test access token, correct