Oz Authorization PHP
, (*1)
A PHP implementation of the 5.0.0 version of the Oz
web authorization protocol., (*2)
[!IMPORTANT]
Oz is one of those rare projects that can be considered "complete". This means
that changes to this repository be infrequent because only the development
dependencies may need to be updated once every few years., (*3)
If there is a bug or error in the documentation, please create an
issue. The issue will
receive a response or be resolved as soon as possible., (*4)
Table of Contents
What is Oz?
According to the
Oz README:, (*5)
Oz is a web authorization protocol based on industry best practices. Oz
combines the Hawk authentication protocol with the Iron encryption protocol
to provide a simple to use and secure solution for granting and authenticating
third-party access to an API on behalf of a user or an application., (*6)
Oz and OAuth 2.0
Oz is an alternative to OAuth 1.0a and OAuth 2.0 three-legged authorization. One
of the goals of Oz is to be simple to use for the most common use cases without
needing to be a web security expert while being flexible enough for less common
use cases that may need more advanced web security knowledge. Oz does this by
providing default options that are secure for the most common use cases, in
other words Oz aims to be secure by default., (*7)
All of the official three-legged OAuth 2.0 grant types have an equivalent Oz
workflow. Below is table showing the Oz workflow equivalents for the OAuth 2.0
grant types., (*8)
Getting Started
Prerequisites
- Git 2.9+
- PHP 7.2.0+
- OpenSSL PHP Extension
- JSON PHP Extension
- cURL PHP Extension (Only if using the Oz client)
- Composer
- Node 6.9.0+ (Only for development)
Installation
Download and install using Composer:, (*9)
composer require shawm11/oz-auth-php
Workflows
This package includes two workflows that are not part of the
official Oz web authorization protocol. These
two new workflows are the User Credentials Workflow
and the Implicit Workflow. The standard Oz workflow
that is specified by the official protocol is referred to as the
"RSVP workflow"., (*10)
Usage Examples
Server Usage Examples
Client Usage Examples
Documentation
API References
-
Server API โ API reference for the classes
in the
Shawm11\Oz\Server namespace
-
Client API โ API reference for the classes
in the
Shawm11\Oz\Client namespace
-
Shared Arrays โ Details about
collections of data used in other parts of the API
Security Considerations
See the Security Considerations
section of Oz's README., (*11)
-
Hawk PHP Implementation โ Hawk is
an HTTP authentication scheme that is an alternative to OAuth 1.0a and OAuth
2.0 two-legged authentication.
-
Iron PHP Implementation โ iron
(spelled with all lowercase), a cryptographic utility for sealing a JSON
object into an encapsulated token. iron can be considered as an alternative
to JSON Web Tokens (JWT).
Contributing/Development
Please read CONTRIBUTING.md for details on coding style, Git
commit message guidelines, and other development information., (*12)
Versioning
This project using SemVer for versioning. For the versions
available, see the tags on this repository., (*13)
License
This project is open-sourced software licensed under the
MIT license., (*14)
Wallogit.com
