November 6th, 2014 · php zend framework 2 apigility oauth2 jwt

Using OAuth2 JWT with Apigility

I'm currently working on a web application which exposes REST and RPC API using Apigility. The web frontend for this project is built using AngularJS and uses Satellizer to handle authentication.

Unfortunately Satellizer uses JWT cryptotokens, and Apigility doesn't ship with an easy way to configure the OAuth2 server to use these. The fix for this? Quite simple, really. Apigility defines service factories for all it's internal services, so we can simply define a service manager delegator factory which injects the necessary configuration.

namespace LdcOAuth2CryptoToken\Factory;

use Zend\ServiceManager\DelegatorFactoryInterface;
use Zend\ServiceManager\ServiceLocatorInterface;

class CryptoTokenServerFactory implements DelegatorFactoryInterface
    public function createDelegatorWithName(ServiceLocatorInterface $serviceLocator, $name, $requestedName, $callback)
        $server = call_user_func($callback);

        // do dirty, dirty things to $server here

        return $server;

ZF2 rulez!

I've rolled up a completed version this factory (+ a hack for this bug in zf-mvc-auth) into a ZF2 module for your consuming pleasure: