I'm trying to look for something to protect your API that contains permission given by your users. I've found the thing that calls OAuth 2.0. It is difficult to understand the first time. Because when I try to google find a lot of information and sometimes it conflict and lets you misunderstand the real concept.
Until I've found this guy to make me clear about OAuth
https://www.youtube.com/watch?v=996OiexHze0
However, I still need to find a way to have an OAuth server. Firstly, I looking at Auth0 and OKta to see How it works. So luckily my friend introduces me to Ory/Hydra.
What is Hydra?
Hydra is an OAuth 2.0 and OpenID Connect Provider. In other words, an implementation of the OAuth 2.0 Authorization Framework as well as the OpenID Connect Core 1.0 framework. As such, it issues OAuth 2.0 Access, Refresh, and ID Tokens that enable third-parties to access your APIs in the name of your users.
The benefit of this project it allow to setup OAuth server separate from Authentication service. In case if you already have Authentication system. It different with awesome project like Laravel passport that have complete OAuth server include authentication system in the same place.
Hydra support container :D
It so really easily to setup Hydra with docker image. You can running OAuth server in 5 minutes XD
Hydra integration
Hydra allow you to integrate your existing application to your OAuth server with SDK or make a request directly to API. Unfortunately if you want to use SDK because it requires old packages. In my case, I want to using Laravel 9 that requires Guzzlehttp 7.0+, but SDK requires 6.0 because SDK has been generates from OpenAPI generator need maintainer to understand how to use it.
Sometimes we might want any packages that have less code and are compatible with Laravel. I decided to create an unofficial package instead of maintaining an existing one.
Laravel Hydra
https://github.com/ALTELMA/laravel-hydra
This package provides a API Client for Hydra support Laravel. Next steps will add compatible with Lumen, too.
Conclusion
Ory Hydra is an awesome project, but still lack of documentation and need to take time to understand for How it works? Fee free to comments to your idea
Top comments (0)