Skip to content

Files

Latest commit

 

History

History

examples

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 

Example implementations

Installation

  1. Run composer install in this directory to install dependencies
  2. Create a private key openssl genrsa -out private.key 2048
  3. Create a public key openssl rsa -in private.key -pubout > public.key
  4. cd into the public directory
  5. Start a PHP server php -S localhost:4444

Testing the client credentials grant example

Send the following cURL request:

curl -X "POST" "http://localhost:4444/client_credentials.php/access_token" \
	-H "Content-Type: application/x-www-form-urlencoded" \
	-H "Accept: 1.0" \
	--data-urlencode "grant_type=client_credentials" \
	--data-urlencode "client_id=myawesomeapp" \
	--data-urlencode "client_secret=abc123" \
	--data-urlencode "scope=basic email"

Testing the password grant example

Send the following cURL request:

curl -X "POST" "http://localhost:4444/password.php/access_token" \
	-H "Content-Type: application/x-www-form-urlencoded" \
	-H "Accept: 1.0" \
	--data-urlencode "grant_type=password" \
	--data-urlencode "client_id=myawesomeapp" \
	--data-urlencode "client_secret=abc123" \
	--data-urlencode "username=alex" \
	--data-urlencode "password=whisky" \
	--data-urlencode "scope=basic email"

Testing the refresh token grant example

Send the following cURL request. Replace {{REFRESH_TOKEN}} with a refresh token from another grant above:

curl -X "POST" "http://localhost:4444/refresh_token.php/access_token" \
	-H "Content-Type: application/x-www-form-urlencoded" \
	-H "Accept: 1.0" \
	--data-urlencode "grant_type=refresh_token" \
	--data-urlencode "client_id=myawesomeapp" \
	--data-urlencode "client_secret=abc123" \
	--data-urlencode "refresh_token={{REFRESH_TOKEN}}"

Testing the device authorization grant example

Send the following cURL request. This will return a device code which can be exchanged for an access token.

curl -X "POST" "http://localhost:4444/device_code.php/device_authorization" \
	-H "Content-Type: application/x-www-form-urlencoded" \
	-H "Accept: 1.0" \
	--data-urlencode "client_id=myawesomeapp" \
	--data-urlencode "client_secret=abc123" \
	--data-urlencode "scope=basic email"

We have set up the example so that a user ID is already associated with the device code. In a production application you would implement an authorization view to allow a user to authorize the device.

Issue the following cURL request to exchange your device code for an access token. Replace {{DEVICE_CODE}} with the device code returned from your first cURL post:

curl -X "POST" "http://localhost:4444/device_code.php/access_token" \
	-H "Content-Type: application/x-www-form-urlencoded" \
	-H "Accept: 1.0" \
	--data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:device_code" \
	--data-urlencode "device_code={{DEVICE_CODE}}" \
	--data-urlencode "client_id=myawesomeapp" \
	--data-urlencode "client_secret=abc123"