Stubbed README with usage example from Server docblock

2021-06-12 23:06:55 +02:00 · 2021-06-12 23:06:55 +02:00 · 128da7f53e
commit 128da7f53e
parent 02a2773c60
1 changed files with 41 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -1,2 +1,43 @@
 # taproot/indieauth

+A PSR-7-compatible implementation of the request-handling logic for IndieAuth authorization endpoints
+and token endpoints.
+
+Typical minimal usage looks something like this:
+    
+```php
+// Somewhere in your app set-up code:
+$server = new Taproot\IndieAuth\Server([
+	'secret' => APP_INDIEAUTH_SECRET,  // A secret key, >= 64 characters long.
+	'tokenStorage' => '/../data/auth_tokens/',  // A path to store token data, or an object implementing TokenStorageInterface.
+	'handleAuthenticationRequestCallback' => function (ServerRequestInterface $request, string $authenticationRedirect, ?string $normalizedMeUrl) {
+		// If the request is authenticated, return an array with a `me` key containing the
+		// canonical URL of the currently logged-in user.
+		if ($userUrl = getLoggedInUserUrl($request)) {
+			return ['me' => $userUrl];
+		}
+		
+		// Otherwise, redirect the user to a login page, ensuring that they will be redirected
+		// back to the IndieAuth flow with query parameters intact once logged in.
+		return new Response('302', ['Location' => 'https://example.com/login?next=' . urlencode($authenticationRedirect)]);
+	}
+]);
+
+// In your authorization endpoint route:
+return $server->handleAuthorizationEndpointRequest($request);
+
+// In your token endpoint route:
+return $server->handleTokenEndpointRequest($request);
+
+// In another route (e.g. a micropub route), to authenticate the request:
+// (assuming $bearerToken is a token parsed from an “Authorization: Bearer XXXXXX” header
+// or access_token property from a request body)
+if ($accessToken = $server->getTokenStorage()->getAccessToken($bearerToken)) {
+	// Request is authenticated as $accessToken['me'], and is allowed to
+	// act according to the scopes listed in $accessToken['scope'].
+	$scopes = explode(' ', $accessToken['scope']);
+}
+```
+
+Refer to the `__construct` documentation for further configuration options, and to the
+documentation for both handling methods for further documentation about them.