Symfony中如何管理第三方API的OAuth認證

在Symfony中管理第三方API的OAuth認證，可以使用一些流行的庫，例如HttPlug和OAuth2-Server。下面是一個簡單的示例，展示如何在Symfony中使用HttPlug和OAuth2-Server庫來管理第三方API的OAuth認證。

1. 安裝依賴

首先，你需要安裝HttPlug和OAuth2-Server庫。你可以使用Composer來安裝這些依賴：

composer require guzzlehttp/guzzle httplug/httplug
composer require league/oauth2-server

2. 配置OAuth2-Server

接下來，你需要配置OAuth2-Server庫來處理OAuth認證。創建一個新的Symfony服務來處理OAuth2認證：

// src/Service/OAuth2ServerService.php

namespace App\Service;

use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\ResourceServer;
use League\OAuth2\Server\Exception\OAuthServerException;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;

class OAuth2ServerService
{
    private $authorizationServer;
    private $resourceServer;

    public function __construct()
    {
        $this->authorizationServer = new AuthorizationServer();
        $this->resourceServer = new ResourceServer();
    }

    public function handleTokenRequest(Request $request, Response $response): Response
    {
        try {
            $this->authorizationServer->validateAuthorizationRequest($request, $response);
            $token = $this->authorizationServer->grantAccessToken($request, $response);
            return $token->withHeader('Content-Type', 'application/json');
        } catch (OAuthServerException $e) {
            return $response->withStatus(400);
        }
    }

    public function handleAccessTokenValidation(Request $request, Response $response): Response
    {
        try {
            $this->resourceServer->validateAccessToken($request);
            return $response;
        } catch (OAuthServerException $e) {
            return $response->withStatus(401);
        }
    }
}

3. 配置路由

接下來，你需要配置路由來處理Token請求和訪問令牌驗證請求。在你的routes/api.yaml文件中添加以下路由：

api:
    token:
        path: /oauth/token
        methods: [POST]
        defaults: { _controller: App\Controller\TokenController:token }
    validate_token:
        path: /api/validate_token
        methods: [GET]
        defaults: { _controller: App\Controller\TokenController:validateToken }

4. 創建控制器

創建一個控制器來處理Token請求和訪問令牌驗證請求：

// src/Controller/TokenController.php

namespace App\Controller;

use App\Service\OAuth2ServerService;
use League\OAuth2\Server\Exception\OAuthServerException;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;

class TokenController
{
    private $oauth2ServerService;

    public function __construct(OAuth2ServerService $oauth2ServerService)
    {
        $this->oauth2ServerService = $oauth2ServerService;
    }

    public function token(Request $request, Response $response): Response
    {
        return $this->oauth2ServerService->handleTokenRequest($request, $response);
    }

    public function validateToken(Request $request, Response $response): Response
    {
        return $this->oauth2ServerService->handleAccessTokenValidation($request, $response);
    }
}

5. 配置HttPlug

最后，你可以使用HttPlug來發送HTTP請求到第三方API。例如，你可以在你的服務中使用HttPlug來獲取訪問令牌后的數據：

// src/Service/ThirdPartyApiClient.php

namespace App\Service;

use HttPlug\Client\Client;
use HttPlug\Plugin\JsonPlugin;

class ThirdPartyApiClient
{
    private $client;

    public function __construct()
    {
        $client = new Client();
        $client->addPlugin(new JsonPlugin());
        $this->client = $client;
    }

    public function getUserData(string $accessToken): array
    {
        $response = $this->client->request('GET', 'https://api.example.com/user', [
            'headers' => [
                'Authorization' => 'Bearer ' . $accessToken,
            ],
        ]);

        return json_decode((string) $response->getBody(), true);
    }
}

總結

通過以上步驟，你可以在Symfony中管理第三方API的OAuth認證。你可以使用OAuth2-Server庫來處理OAuth認證流程，并使用HttPlug庫來發送HTTP請求到第三方API。希望這個示例對你有所幫助！