Heidar,

我目前正在从事一个类似的项目，这是我目前所发现的.

I am currently working on a similar project and this is what I found so far.

Oauth 正式授权一个网站与网络上的其他资源，Facebook 发现自动化和身份验证的整个分离对其开发人员基础感到困惑，并开始将 Oauth 用于两者.由于它是开发人员一直在关注的主要参与者.

Oauth is officially to authorize a website with a other resource on the web, Facebook found the whole seperation of autorization and authentication to confusing for its developer base, and started using Oauth for both. Since it its a major player developers have been tagging on.

尽管我不太确定您声明中的身份部分是什么意思，但您需要身份、身份验证和授权".

Even though I am not really sure what you mean with the Identity part in your statement, that you need "identity, authentication and authorisation."

您可以将 Oauth 用于其他两个，这是从所有大型互联网公司都这样做的事实中扣除的(在这方面我可以为您做的***，Oauth 文档说它仅用于授权).

You can use Oauth for the other two, deducted from the fact that all big internet companies do so (best I can do for you on this front,Oauth docs say it is only for Authorization).

Google 提供了一个维护得很好的客户端库:http://code.google.com/p/google-api-php-client/wiki/OAuth2

Google offers a client library that is maintained quite well: http://code.google.com/p/google-api-php-client/wiki/OAuth2

此外，对于服务器端库，我将转向 oauth2-php，如您所指，位于 https://github.com/quizlet/oauth2-php 但请参阅这篇文章了解更多详情:是否有 OAuth 2 服务器端 PHP 或 Java 实现?

further more, for server side library I would turn to oauth2-php as you refer to, at https://github.com/quizlet/oauth2-php But please see this post for more details: Are there OAuth 2 server side PHP or Java implementations?

关于 3-legged 身份验证，请在此处查看答案(它确实很广泛，但解释得很好)OAuth 2.0:优点和用例 - 为什么?

and on the part of the 3-legged authentication please see the answer here (it's really extensive but explains it well) OAuth 2.0: Benefits and use cases — why?

请记住，我仍在努力实现这一点.

Please keep in mind though that I am still struggling with actually implementing this.