tourze / qq-connect-oauth2-bundle
A Symfony bundle for integrating QQ Connect OAuth2 authentication into your application
Installs: 0
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
pkg:composer/tourze/qq-connect-oauth2-bundle
Requires
- doctrine/dbal: ^4.0
- doctrine/doctrine-bundle: ^2.13
- doctrine/orm: ^3.0
- doctrine/persistence: ^4.1
- easycorp/easyadmin-bundle: ^4
- knplabs/knp-menu: ^3.7
- psr/log: ^3|^2|^1
- symfony/cache-contracts: ^3
- symfony/config: ^7.3
- symfony/console: ^7.3
- symfony/dependency-injection: ^7.3
- symfony/doctrine-bridge: ^7.3
- symfony/framework-bundle: ^7.3
- symfony/http-client: ^7.3
- symfony/http-client-contracts: ^3.6
- symfony/http-foundation: ^7.3
- symfony/http-kernel: ^7.3
- symfony/property-access: ^7.3
- symfony/routing: ^7.3
- symfony/security-bundle: ^7.3
- symfony/security-core: ^7.3
- symfony/yaml: ^7.3
- tourze/bundle-dependency: 1.*
- tourze/doctrine-indexed-bundle: 1.0.*
- tourze/doctrine-timestamp-bundle: 1.1.*
- tourze/easy-admin-menu-bundle: 1.0.*
- tourze/symfony-dependency-service-loader: 1.0.*
- tourze/symfony-routing-auto-loader-bundle: 1.0.*
Requires (Dev)
This package is auto-updated.
Last update: 2025-11-18 14:25:26 UTC
README
A Symfony bundle for integrating QQ Connect OAuth2 authentication into your application.
Table of Contents
- Features
- Installation
- Quick Start
- Configuration
- Usage
- CLI Commands
- Entities
- Advanced Usage
- Security
- Testing
- Contributing
- License
Features
- Complete QQ OAuth2 flow implementation
- Entity-based configuration management with automatic timestamp tracking
- Automatic route registration via RoutingAutoLoaderBundle
- Automatic redirect URI generation from routing
- Token refresh support via CLI commands
- User information retrieval
- CLI commands for configuration and maintenance
- Multiple QQ app support (each user/state linked to specific config)
Installation
composer require tourze/qq-connect-oauth2-bundle
Requirements
- PHP >= 8.1
- Symfony >= 7.3
- Doctrine ORM
- Symfony HttpClient
Quick Start
- Install the bundle:
composer require tourze/qq-connect-oauth2-bundle
- Update your database schema:
php bin/console doctrine:schema:update --force
- Create QQ OAuth2 configuration:
php bin/console qq-oauth2:config create \
--app-id="YOUR_APP_ID" \
--app-secret="YOUR_APP_SECRET" \
--scope="get_user_info"
- Use in your template:
<a href="{{ path('qq_oauth2_login') }}">Login with QQ</a>
Configuration
Routes
The bundle automatically registers the following routes:
/qq-oauth2/login- Initiate QQ login/qq-oauth2/callback- OAuth callback handler
Note: The redirect URI is automatically generated based on your routing configuration.
Make sure your QQ application is configured with the correct callback URL:
https://yourdomain.com/qq-oauth2/callback
Bundle Dependencies
This bundle automatically includes and configures:
- Tourze DoctrineTimestampBundle - for automatic timestamp management
- Tourze DoctrineIndexedBundle - for automatic index management
- Tourze BundleDependency - for proper bundle dependency resolution
Usage
Basic Login Flow
// In your controller or template <a href="{{ path('qq_oauth2_login') }}">Login with QQ</a>
Get User Information
use Tourze\QQConnectOAuth2Bundle\Service\QQOAuth2Service; class YourController { public function __construct( private QQOAuth2Service $qqOAuth2Service ) {} public function getUserInfo(string $openid): array { return $this->qqOAuth2Service->getUserInfo($openid); } }
Refresh Tokens via Command
# Refresh a specific user's token php bin/console qq-oauth2:refresh-token test_openid # Refresh all expired tokens php bin/console qq-oauth2:refresh-token --all # Dry run to see what would be refreshed php bin/console qq-oauth2:refresh-token --all --dry-run
CLI Commands
Manage configurations
# List all configurations php bin/console qq-oauth2:config list # Update configuration php bin/console qq-oauth2:config update --id=1 --enabled=false # Delete configuration php bin/console qq-oauth2:config delete --id=1 # Clean up expired states php bin/console qq-oauth2:cleanup
Entities
The bundle provides three main entities:
- QQOAuth2Config - Stores OAuth application configuration (App ID, App Secret, etc.)
- QQOAuth2State - Manages OAuth state for security (linked to QQOAuth2Config)
- QQOAuth2User - Stores QQ user information and tokens (linked to QQOAuth2Config)
Advanced Usage
Custom Event Handling
You can listen to OAuth events by creating custom event listeners:
use Symfony\Component\EventDispatcher\EventSubscriberInterface; class QQOAuthEventSubscriber implements EventSubscriberInterface { public static function getSubscribedEvents(): array { return [ 'qq_oauth.user_authenticated' => 'onUserAuthenticated', ]; } public function onUserAuthenticated($event): void { // Handle successful authentication } }
Extended Configuration
For complex scenarios, you can extend the service:
use Tourze\QQConnectOAuth2Bundle\Service\QQOAuth2Service; class CustomQQOAuth2Service extends QQOAuth2Service { public function customUserInfoProcessing(array $userInfo): array { // Add custom processing logic return $userInfo; } }
Security
This bundle implements several security measures:
- State Parameter: Prevents CSRF attacks during OAuth flow
- Token Validation: Validates all tokens received from QQ
- Secure Storage: User tokens are stored securely in the database
- Automatic Cleanup: Expired states are automatically cleaned up
Security Best Practices
- Always use HTTPS in production
- Regularly clean up expired tokens using the provided commands
- Monitor for suspicious OAuth activities
- Keep your QQ application secrets secure
Testing
vendor/bin/phpunit
Contributing
Please see CONTRIBUTING.md for details.
Changelog
Please see CHANGELOG.md for details.
License
MIT