elyerr / oauth2-passport-server
OAuth Authorization server
Requires
- php: ^8.2.0
- elyerr/api-response: ^1.0
- guzzlehttp/guzzle: ^7.2
- inertiajs/inertia-laravel: ^2.0
- jeremy379/laravel-openid-connect: dev-main
- laravel/framework: ^12.0
- laravel/passport: 13.0
- laravel/tinker: ^2.7
- predis/predis: ^2.2
- rap2hpoutre/laravel-log-viewer: ^2.5
- spatie/laravel-fractal: ^6.0
- stevebauman/purify: ^6.2
- stripe/stripe-php: ^17.1
- symfony/http-client: ^7.0
- symfony/mailgun-mailer: ^7.0
Requires (Dev)
- barryvdh/laravel-debugbar: ^3.15
- fakerphp/faker: ^1.9.1
- laravel/breeze: ^2.0
- laravel/pint: ^1.0
- laravel/sail: ^1.0.1
- mockery/mockery: ^1.4.4
- nunomaduro/collision: ^8.1
- phpunit/phpunit: ^11.0
- spatie/laravel-ignition: ^2.0
README
A robust and centralized authorization server built with Laravel and Laravel Passport. It provides secure authentication and authorization for modern applications using both OAuth2 and OpenID Connect protocols. This solution is ideal for handling complex user management and secure integration across diverse client applications.
Key Features
User Management:
Comprehensive administration capabilities including user profiles, roles, and permissions.Configurable Settings:
Intuitive admin panel to manage environment variables, security options, and integrations.Standard Protocol Support:
Implements OAuth2 and OpenID Connect for secure authorization, token management, and federated identity.Admin Dashboard:
Powerful interface for overseeing users, settings, and system operations.
This server is designed to work seamlessly with both microservices and monolithic architectures, supporting any programming language or database for secure connections and authentication.
Resources
- Documentation
- API Documentation
- Echo Server (coming soon)
- Echo Client (coming soon)
Deployment Guides
Developers Guides
Notes
Regenerating OAuth2 Keys
To regenerate OAuth2 keys, follow these steps:
- Access the admin panel terminal.
- Run the following command:
php artisan passport:keys --force
Payment Methods
Stripe
- Webhook (POST):
https://domain.com/webhook/stripe - Events Handled:
checkout.session.completedpayment_intent.payment_failedcheckout.session.expiredcharge.succeeded
Offline Payment
- Offline: Supports manual payment methods.
Note: Automatic renewal is enabled for all payment methods except Offline.
Configure renewal options through the Admin panel under Settings → Payment → Renew.
CAPTCHA Providers
Enhance form security and prevent spam with the following CAPTCHA options:
hCaptcha
- Privacy-first alternative to reCAPTCHA.
- Generous free usage.
- Get your site key
Cloudflare Turnstile
- User verification without traditional CAPTCHAs.
- Seamless and user-friendly.
- Get your site key
Configuration
To activate your preferred CAPTCHA provider:
- Navigate to Admin → Settings → Security.
- Select your desired provider (hCaptcha or Turnstile).
The system will automatically render the selected CAPTCHA on frontend forms.
Contact
For more information or assistance, join our community on Telegram.