Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve OpenID Documentation #74

Open
biwerr opened this issue Dec 15, 2015 · 3 comments
Open

Improve OpenID Documentation #74

biwerr opened this issue Dec 15, 2015 · 3 comments
Assignees

Comments

@biwerr
Copy link

biwerr commented Dec 15, 2015

Please add to the openID documentation, that you musst add a new grant type

$config['use_openid_connect'] = true;
$config['issuer'] = 'brentertainment.com';
$server = new OAuth2\Server($config);
$server->addGrantType(new OAuth2\OpenID\GrantType\AuthorizationCode($storage));

@bshaffer
Copy link
Owner

This line of code should not be necessary. As long as use_openid_connect is true, the grant type above will automatically be added to the server object.

It's possible somewhere else in your code explicitly sets the grant types, and so getDefaultGrantTypes is never called, or something along these lines. Could you paste a full repro case here?

@biwerr
Copy link
Author

biwerr commented Nov 15, 2017

Yes I set the GranTypes as mentioned in your Documentation

    $storage = new OAuth2\Storage\Pdo(DB::connection()->getPdo());

    $server = new OAuth2\Server($storage,Config::get("oauth2.config"));

    $publicKey  = file_get_contents(Config::get('oauth2.openID.public_key_test'));
    $privateKey = file_get_contents(Config::get('oauth2.openID.private_key'));

    $keyStorage = new OAuth2\Storage\Memory(array('keys' => array(
        'public_key'  => $publicKey,
        'private_key' => $privateKey,
    )));

    $server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
    $server->addGrantType(new OAuth2\GrantType\UserCredentials($storage));
    $server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
    $server->addGrantType(new OAuth2\GrantType\RefreshToken($storage,Config::get("oauth2.config")));
    $server->addGrantType(new OAuth2\OpenID\GrantType\AuthorizationCode($storage));
    $server->addStorage($keyStorage, 'public_key');

    return $server;

@ghost
Copy link

ghost commented Feb 16, 2018

I'm currently following the this documentation to implement the OpenID connect, but I'm running into a few issues:

  1. It is not mentioned that a UserClaimsInterface implementation also needs to be provided.
  2. The documentation seems to mix a response_type=code request with an response_type=id_token response.
  3. I'm unsure why a public / private keys are needed with the id_token flow. A signed id_token is stored in the authorisation code table, but is not sent over the internet.
  4. Although fairly simple to work out, the UserInfoController is not documented.
  5. As mentioned earlier, using just using OAuth2\GrantType\AuthorizationCode instead of adding OAuth2\OpenID\GrantType\AuthorizationCode.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants