|
7 | 7 | | Database Connection to use |
8 | 8 | |-------------------------------------------------------------------------- |
9 | 9 | | |
10 | | - | Set the default database connection to use for the repositories, |
11 | | - | when set to default, it uses whatever connection you specified in your laravel db config. |
| 10 | + | Set the default database connection to use for the repositories, when |
| 11 | + | set to default, it uses whatever connection you specified in your |
| 12 | + | laravel database config. |
12 | 13 | | |
13 | 14 | */ |
| 15 | + |
14 | 16 | 'database' => 'default', |
15 | 17 |
|
16 | 18 | /* |
17 | 19 | |-------------------------------------------------------------------------- |
18 | 20 | | Supported Grant Types |
19 | 21 | |-------------------------------------------------------------------------- |
20 | 22 | | |
21 | | - | Your OAuth2 Server can issue an access token based on different grant types |
22 | | - | you can even provide your own grant type. |
23 | | - | To choose which grant type suits your scenario, see |
24 | | - | https://github.com/php-loep/oauth2-server/wiki/Which-OAuth-2.0-grant-should-I-use%3F |
25 | | - | |
26 | | - | Available grant types are: |
27 | | - | |
28 | | - | 'grant_types' => [ |
29 | | - | |
30 | | - | 'authorization_code' => [ |
31 | | - | 'class' => 'League\OAuth2\Server\Grant\AuthCodeGrant', |
32 | | - | 'access_token_ttl' => 3600, |
33 | | - | |
34 | | - | // the authorization code time to live |
35 | | - | 'auth_token_ttl' => 3600, |
36 | | - | ], |
37 | | - | |
38 | | - | 'password' => [ |
39 | | - | 'class' => 'League\OAuth2\Server\Grant\PasswordGrant', |
40 | | - | 'access_token_ttl' => 604800, |
41 | | - | |
42 | | - | // the code to run in order to verify the user's identity |
43 | | - | 'callback' => function($username, $password){ |
44 | | - | $credentials = [ |
45 | | - | 'email' => $username, |
46 | | - | 'password' => $password, |
47 | | - | ]; |
48 | | - | |
49 | | - | if (Auth::once($credentials)) { |
50 | | - | return Auth::user()->id; |
51 | | - | } else { |
52 | | - | return false; |
53 | | - | } |
54 | | - | } |
55 | | - | ], |
56 | | - | |
57 | | - | 'client_credentials' => [ |
58 | | - | 'class' => 'League\OAuth2\Server\Grant\ClientCredentialsGrant', |
59 | | - | 'access_token_ttl' => 3600, |
60 | | - | ], |
61 | | - | |
62 | | - | 'refresh_token' => [ |
63 | | - | 'class' => 'League\OAuth2\Server\Grant\RefreshTokenGrant', |
64 | | - | 'access_token_ttl' => 3600, |
65 | | - | |
66 | | - | // the refresh token time to live |
67 | | - | 'refresh_token_ttl' => 604800, |
| 23 | + | Your OAuth2 Server can issue an access token based on different grant |
| 24 | + | types you can even provide your own grant type. |
68 | 25 | | |
69 | | - | // whether or not to issue a new refresh token when a new access token is issued |
70 | | - | 'rotate_refresh_tokens' => false, |
71 | | - | ], |
| 26 | + | To choose which grant type suits your scenario, see |
| 27 | + | http://oauth2.thephpleague.com/authorization-server/which-grant |
72 | 28 | | |
73 | | - | ], |
| 29 | + | Please see this link to find available grant types |
| 30 | + | http://git.io/vJLAv |
74 | 31 | | |
75 | 32 | */ |
76 | 33 |
|
|
83 | 40 | | Output Token Type |
84 | 41 | |-------------------------------------------------------------------------- |
85 | 42 | | |
86 | | - | This will tell the authorization server the output format for the access token |
87 | | - | and will tell the resource server how to parse the access token used. |
| 43 | + | This will tell the authorization server the output format for the access |
| 44 | + | token and the resource server how to parse the access token used. |
88 | 45 | | |
89 | 46 | | Default value is League\OAuth2\Server\TokenType\Bearer |
90 | 47 | | |
91 | 48 | */ |
| 49 | + |
92 | 50 | 'token_type' => 'League\OAuth2\Server\TokenType\Bearer', |
93 | 51 |
|
94 | 52 | /* |
95 | 53 | |-------------------------------------------------------------------------- |
96 | 54 | | State Parameter |
97 | 55 | |-------------------------------------------------------------------------- |
98 | 56 | | |
99 | | - | Whether or not the state parameter is required in the query string |
| 57 | + | Whether or not the state parameter is required in the query string. |
100 | 58 | | |
101 | 59 | */ |
| 60 | + |
102 | 61 | 'state_param' => false, |
103 | 62 |
|
104 | 63 | /* |
105 | 64 | |-------------------------------------------------------------------------- |
106 | 65 | | Scope Parameter |
107 | 66 | |-------------------------------------------------------------------------- |
108 | 67 | | |
109 | | - | Whether or not the scope parameter is required in the query string |
| 68 | + | Whether or not the scope parameter is required in the query string. |
110 | 69 | | |
111 | 70 | */ |
| 71 | + |
112 | 72 | 'scope_param' => false, |
113 | 73 |
|
114 | 74 | /* |
115 | 75 | |-------------------------------------------------------------------------- |
116 | 76 | | Scope Delimiter |
117 | 77 | |-------------------------------------------------------------------------- |
118 | 78 | | |
119 | | - | Which character to use to split the scope parameter in the query string |
| 79 | + | Which character to use to split the scope parameter in the query string. |
120 | 80 | | |
121 | 81 | */ |
| 82 | + |
122 | 83 | 'scope_delimiter' => ',', |
123 | 84 |
|
124 | 85 | /* |
125 | 86 | |-------------------------------------------------------------------------- |
126 | 87 | | Default Scope |
127 | 88 | |-------------------------------------------------------------------------- |
128 | 89 | | |
129 | | - | The default scope to use if not present in the query string |
| 90 | + | The default scope to use if not present in the query string. |
130 | 91 | | |
131 | 92 | */ |
| 93 | + |
132 | 94 | 'default_scope' => null, |
133 | 95 |
|
134 | 96 | /* |
135 | 97 | |-------------------------------------------------------------------------- |
136 | 98 | | Access Token TTL |
137 | 99 | |-------------------------------------------------------------------------- |
138 | 100 | | |
139 | | - | For how long the issued access token is valid (in seconds) |
140 | | - | this can be also set on a per grant-type basis |
| 101 | + | For how long the issued access token is valid (in seconds) this can be |
| 102 | + | also set on a per grant-type basis. |
141 | 103 | | |
142 | 104 | */ |
| 105 | + |
143 | 106 | 'access_token_ttl' => 3600, |
144 | 107 |
|
145 | 108 | /* |
146 | 109 | |-------------------------------------------------------------------------- |
147 | 110 | | Limit clients to specific grants |
148 | 111 | |-------------------------------------------------------------------------- |
149 | 112 | | |
150 | | - | Whether or not to limit clients to specific grant types |
151 | | - | This is useful to allow only trusted clients to access your API differently |
| 113 | + | Whether or not to limit clients to specific grant types. This is useful |
| 114 | + | to allow only trusted clients to access your API differently. |
152 | 115 | | |
153 | 116 | */ |
| 117 | + |
154 | 118 | 'limit_clients_to_grants' => false, |
155 | 119 |
|
156 | 120 | /* |
157 | 121 | |-------------------------------------------------------------------------- |
158 | 122 | | Limit clients to specific scopes |
159 | 123 | |-------------------------------------------------------------------------- |
160 | 124 | | |
161 | | - | Whether or not to limit clients to specific scopes |
162 | | - | This is useful to only allow specific clients to use some scopes |
| 125 | + | Whether or not to limit clients to specific scopes. This is useful to |
| 126 | + | only allow specific clients to use some scopes. |
163 | 127 | | |
164 | 128 | */ |
| 129 | + |
165 | 130 | 'limit_clients_to_scopes' => false, |
166 | 131 |
|
167 | 132 | /* |
168 | 133 | |-------------------------------------------------------------------------- |
169 | 134 | | Limit scopes to specific grants |
170 | 135 | |-------------------------------------------------------------------------- |
171 | 136 | | |
172 | | - | Whether or not to limit scopes to specific grants |
173 | | - | This is useful to allow certain scopes to be used only with certain grant types |
| 137 | + | Whether or not to limit scopes to specific grants. This is useful to |
| 138 | + | allow certain scopes to be used only with certain grant types. |
174 | 139 | | |
175 | 140 | */ |
| 141 | + |
176 | 142 | 'limit_scopes_to_grants' => false, |
177 | 143 |
|
178 | 144 | /* |
|
181 | 147 | |-------------------------------------------------------------------------- |
182 | 148 | | |
183 | 149 | | This will tell the resource server where to check for the access_token. |
184 | | - | By default it checks both the query string and the http headers |
| 150 | + | By default it checks both the query string and the http headers. |
185 | 151 | | |
186 | 152 | */ |
| 153 | + |
187 | 154 | 'http_headers_only' => false, |
| 155 | + |
188 | 156 | ]; |
0 commit comments