Ory Hydra Sample Implementation
Overview
This repo contains two Laravel projects:
server-app
: This project contains the logic for Login, Consent, and Logout UIs for use with the Ory Hydra server.client-app
: This project contains a sample OAuth2 client application to test the authentication.
Besides these, you also need the ory hydra
from Ory Hydra's Github
See Ory Hydra 5-min tutorial for reference.
In order to test this, you must:
- Start the
server-app
to listen on port8000
- Edit the
ory hydra
quickstart samplequickstart.yml
file and change the port forself.consent
,self.login
, andself.logout
from original3000
to8000
to match theserver-app
. - Start the
ory hydra
docker containers by runningdocker-compose up --build -d
from theory hydra
folder. - Register a new client with
ory hydra
by runningThis is tellingdocker-compose -f quickstart.yml exec hydra hydra clients create --endpoint http://127.0.0.1:4445/ --id 8dJoZn1rY3oIH5R1Aau5aYl7TpuPTAVT --secret 49qkTWr7FmjQwAeaRkCuVz8aNXx4iRd1 -g client_credentials,authorization_code -c http://127.0.0.1:8001/login -a openid,offline
ory hydra
to register a client with the following specifications:client id: 8dJoZn1rY3oIH5R1Aau5aYl7TpuPTAVT client secret: 49qkTWr7FmjQwAeaRkCuVz8aNXx4iRd1 redirect url: http://127.0.0.1:8001/login requested scopes: openid, offline
http://127.0.0.1:4445/
is theory hydra
admin API endpoint. Now edit theclient-app
.env file and add the following environtment variable values:
OAUTH2_CLIENT_ID=<client id>
OAUTH2_CLIENT_SECRET=<client secret>
OAUTH2_ISSUER_URL=http://127.0.0.1:4444
#ory hydra public api endpointOAUTH2_AUTHORIZE_URL=http://127.0.0.1:4444/oauth2/auth
OAUTH2_ACCESS_TOKEN_URL=http://127.0.0.1:4444/oauth2/token
OAUTH2_RESOURCE_URL=http://127.0.0.1:8000/resource
#doesn't exist yet. placeholder for future
OAUTH2_LOGOUT_URL=http://127.0.0.1:4444/oauth2/sessions/logout
- Start the
client-app
to listen on port8001
- Start the browser and go to http://127.0.0.1:8001/login Enter same value in username and password fields to simulate a successful login attempt.