2017 © Pedro Peláez
 

library oauth2-server

OAuth 2.0 server implementation for PHP

image

michalkvasnicak/oauth2-server

OAuth 2.0 server implementation for PHP

  • Friday, May 6, 2016
  • by michalkvasnicak
  • Repository
  • 1 Watchers
  • 5 Stars
  • 1,808 Installations
  • PHP
  • 1 Dependents
  • 0 Suggesters
  • 1 Forks
  • 0 Open issues
  • 5 Versions
  • 2 % Grown

The README.md

# OAuth 2.0 server for PHP and HHVM

  • Develop: Build Status
  • Master: Build Status
  • Gittip
  • Flattr this git repo

OAuth 2.0 server implementation of final draft http://tools.ietf.org/html/rfc6749, (*1)

Examples of using different grant types are in tests directory., (*2)

This library is not tested in production., (*3)

## Requirements

  • PHP >= 5.4.0
  • HHVM

Installation

Using composer:, (*4)

{
    "require": {
        "michalkvasnicak/oauth2-server": "dev-develop"
    }
}

Example

Grant access to application (client)

Used by authorization code and implicit grant types, (*5)

<?php

use OAuth2\Security\Authorizator;
use OAuth2\Resolver\GrantTypeResolver;

$request = new Request; // here create request from globals or whatever

$grantTypeResolver = new GrantTypeResolver;
$grantTypeResolver->accept($grantType); // register OAuth2\GrantType\IGrantType or OAuth2\GrantType\IAuthorizationType

$authorizator = new Authorizator($grantTypeResolver);

// for authorizing you have to provide current request and logged user
$session = $authorizator->authorize($request, $user); 
// returns OAuth2\Security\AuthorizationCodeSession

// there you show form with requested scopes and asks user to accept / deny this request
// you can redirect user if you allow user to access resource to redirect uri from auth session

$session->getRedirectUri(); // returns redirect uri with code and state (if state was provided)

Issue access token to current request (using one of registered grant types)

<?php

use OAuth2\TokenIssuer\AccessTokenIssuer;
use OAuth2\Resolver\GrantTypeResolver;

$request = new Request; // here create request from globals or whatever, implement OAuth2\Http\IRequest

$grantTypeResolver = new GrantTypeResolver;

$grantTypeResolver->accept($grantType); // register OAuth2\GrantType\IGrantType 

$accessTokenIssuer = new AccessTokenIssuer($grantTypeResolver);

// access token lifetime is handled by access token storage
$accessToken = $accessTokenIssuer->issueToken($request); // returns OAuth2\Storage\IAccessToken

// refresh token has to be issued manually
$refreshTokenIssuer = new RefreshTokenIssuer($refreshTokenStorage);

// refresh token lifetime is handled by refresh token storage

$refreshTokenIssuer->issueToken($accessToken); // returns OAuth2\Storage\IRefreshToken

Authenticate user for current request and authorize access to resource

<?php

use OAuth2\Security\Authenticator;
use OAuth2\Resolver\TokenTypeResolver;
use OAuth2\TokenType\Bearer;


$accessTokenStorage = ...; // implementation of OAuth2\Storage\IAccessTokenStorage

// register accepted token types
$tokenTypeResolver = new TokenTypeResolver;
$tokenTypeResolver->accept($tokenType); // accepted token type OAuth2\TokenType\ITokenType

$authenticator = new Authenticator(
    $tokenTypeResolver,
    $accessTokenStorage
);

$currentSession = $authenticator->authenticate($request); // returns OAuth2\Security\Session

$currentSession->isAllowed('edit'); // checks if current access token has given scope, returns boolean

// get logged user
$currentSession->getUser(); // OAuth2\Storage\IUser

// get access token
$currentSession->getAccessToken(); // OAuth2\Storage\IAccessToken

// get client used to connect
$currentSession->getClient(); //OAuth2\Storage\IClient

The Versions

06/05 2016

dev-master

9999999-dev http://github.com/michalkvasnicak/oauth2-server

OAuth 2.0 server implementation for PHP

  Sources   Download

MIT

The Requires

  • php >=5.4.0

 

The Development Requires

authentication authorization php oauth security

06/05 2016

v1.0.0-beta3

1.0.0.0-beta3 http://github.com/michalkvasnicak/oauth2-server

OAuth 2.0 server implementation for PHP

  Sources   Download

MIT

The Requires

  • php >=5.4.0

 

The Development Requires

authentication authorization php oauth security

06/05 2016

dev-develop

dev-develop http://github.com/michalkvasnicak/oauth2-server

OAuth 2.0 server implementation for PHP

  Sources   Download

MIT

The Requires

  • php >=5.4.0

 

The Development Requires

authentication authorization php oauth security

08/09 2014

v1.0.0-beta2

1.0.0.0-beta2 http://github.com/michalkvasnicak/oauth2-server

OAuth 2.0 server implementation for PHP

  Sources   Download

MIT

The Requires

  • php >=5.4.0

 

The Development Requires

authentication authorization php oauth security

21/08 2014

v1.0.0-beta1

1.0.0.0-beta1 http://github.com/michalkvasnicak/oauth2-server

OAuth 2.0 server implementation for PHP

  Sources   Download

MIT

The Requires

  • php >=5.4.0

 

The Development Requires

authentication authorization php oauth security