menumbing/oauth2-resource-server

OAuth2 Resource Server component for Hyperf

Maintainers

Details

github.com/menumbing/oauth2-resource-server

Source

Issues

Installs: 0

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 0

dev-master 2025-06-19 08:38 UTC

Requires

Requires (Dev)

Suggests

  • hyperf/database: Required to enable user provider for authenticating users via Database Connection
  • menumbing/http-client: Required to enable user provider for authenticating users via OAuth Server API
  • swow/swow: Required to create swow components.

MIT ed5097d42b7017a8415032c485e8eb93f374d1ac

phphyperf

This package is auto-updated.

Last update: 2025-06-19 08:39:11 UTC

README

menumbing/oauth2-resource-server is a Hyperf component that wraps the PHP League OAuth2 Server for Resource Server implementation and configuration.

This package simplifies the process of validating access tokens and protecting API endpoints using the OAuth2 Resource Server specification.

Table of Contents

Requirements

  • PHP>=8.3
  • swoole extension

Installation

composer req menumbing/oauth2-resource-server

php bin/hyperf.php vendor:publish menumbing/oauth2-resource-server

After publishing package there should be the oauth2-resource-server.php configuration file in the config/autoload folder.

Configuration

Public Key

To setup the public key required for an OAuth2 Resource Server to validate access tokens, add the following environment variable below with either the public key file path or content.

OAUTH2_PUBLIC_KEY=...

Usage

Authentication Guard

menumbing/oauth2-resource-server uses the menumbing/auth package that implements Laravel's auth system.

This package provides the two following guards to authenticate User and Client tokens. The following are the configurations for the guards.

User Guard

'oauth2_user' => [
    'driver' => \Menumbing\OAuth2\ResourceServer\Guard\OAuth2UserGuard::class,
    'provider' => 'api_user',
    'options' => [
        'client_provider' => 'stateless',
        'access_token_provider' => 'stateless',
    ],
],

Client Guard

'oauth2_client' => [
    'driver' => \Menumbing\OAuth2\ResourceServer\Guard\OAuth2ClientGuard::class,
    'provider' => 'stateless_client',
    'options' => [
        'access_token_provider' => 'stateless',
    ],
],

Provider

This package has three data providers to retrieve User/Client data from the access token received from incoming request. The following are the available providers:

  • API: User/Client data is retrieved by requesting API to OAuth Server. Requires the menumbing/http-client package to be installed.
  • Database: User/Client data is retrieved by connecting to OAuth Database. Requires the hyperf/database package to be installed.
  • Stateless: User/Client data is retrieved from token payload.

API Provider

User

'api_user' => [
    'driver' => \Menumbing\OAuth2\ResourceServer\Provider\User\ApiUserProvider::class,
    'options' => [
        'http_client' => 'oauth2',
    ],
],

Client

'api_client' => [
    'driver' => \Menumbing\OAuth2\ResourceServer\Provider\Client\ApiClientProvider::class,
    'options' => [
        'http_client' => 'oauth2',
    ],
],

Database Provider

User

'database_user' => [
    'driver' => \Menumbing\OAuth2\ResourceServer\Provider\User\DatabaseUserProvider::class,
    'options' => [
        'connection' => 'oauth2',
    ],
],

Client

'database_client' => [
    'driver' => \Menumbing\OAuth2\ResourceServer\Provider\Client\DatabaseClientProvider::class,
    'options' => [
        'connection' => 'oauth2',
    ],
],

Stateless Provider

User

'stateless_user' => [
    'driver' => \Menumbing\OAuth2\ResourceServer\Provider\User\StatelessUserProvider::class,
],

Client

'stateless_client' => [
    'driver' => \Menumbing\OAuth2\ResourceServer\Provider\Client\StatelessClientProvider::class,
],