PHP authentication OAuth2

Question

PHP authentication OAuth2

Navigation

#1 by (2 votes)

2

I'm doing a Restful web service, is OAuth the best way to authenticate and work with token?

Is it possible to use OAuth2 to authenticate via username and password?

php restful

asked by anonymous 06.04.2015 / 03:03

1 answer

Android themes support on custom components using AppCompat-v7 Scroll scroll to button

score 2 · Answer 1

Authorization through the OAuth protocol is the primary form of authorization I use in my applications. It is possible for clients to gain access to the application's resources using access tokens, which can be obtained by providing a user name and password, or a token update.

It is therefore possible to obtain an access token using a username and password - see section 1.3.3 of RFC 6749, which specifically addresses this type of access:

link

What I do is the following:

If the user does not have an access token, it provides the user names and password for the application, which through an authorization server , obtains a pair of credentials that are a token ( access token ) and an update token (refresh token);
Next obtains a new access token pair + update token can be obtained by supplying the previous update token, and so on;
This way the user does not have to provide his user name and password every time his access token expires: simply change the update token to a new access token.