michalkvasnicak / oauth2-server-bundle
Symfony OAuth 2.0 server bundle
Installs: 1 556
Dependents: 1
Suggesters: 0
Security: 0
Stars: 4
Watchers: 4
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: >=5.4
- michalkvasnicak/oauth2-server: ^1.0.0-beta3
- symfony/framework-bundle: ~2.6 | ~3.0
- symfony/security-bundle: ~2.6 | ~3.0
Requires (Dev)
- mockery/mockery: ~0.9
- phpunit/php-code-coverage: ~2.0
- phpunit/phpunit: ~4.0
- satooshi/php-coveralls: ~0.6
Suggests
- michalkvasnicak/oauth2-server-mongodb-bundle: Predefined MongoDB model layer for authentication/authorization and user management.
This package is not auto-updated.
Last update: 2025-01-01 15:13:39 UTC
README
OAuth 2.0 server bundle for Symfony 2 framework
- Develop:
- Master:
Requirements
- PHP >= 5.4
- HHVM
Installation
Using composer
{
"require": {
"michalkvasnicak/oauth2-server-bundle": "*"
}
}
Configuration
Basic configuration
These are defaults.
oauth2_server: access_tokens: lifetime: 1209600 # 14 days lifetime of token (default) authorization_codes: lifetime: 60 # 60 seconds lifetime of authorization code (used only by authorization code grant type) refresh_tokens: generate: true # generate refresh tokens (default) lifetime: 2678400 # 31 days lifetime of token (default) # www_realm returned WWW-Authenticate HTTP header if you are unauthenticated www_realm: 'OAuth2Server' # accepted token used to sign requests classes: token_type: 'OAuth2\TokenType\Bearer'
Tell the Security bundle to use this bundle
security: firewalls: o_auth2_server_token_endpoint: pattern: ^/auth/v2/token security: false providers: o_auth2_provider: id: o_auth2_server.user_provider encoders: OAuth2\Storage\IUser: algorithm: sha512 encode_as_base64: true iterations: 512
Register routes
In routing.yml of your application register bundle.
o_auth2_server: resource: "@OAuth2ServerBundle/Resources/config/routing.yml"
Storage
You can use michalkvasnicak/OAuth2ServerMongoDBBundle bundle or create own model. If you want to create own model you have to define user provider and services needed for grant types you are going to use.
# this is needed for authentication # service has to implement Symfony\Component\Security\Core\User\UserProviderInterface oauth2_server: user_provider: 'service id' # STORAGES oauth2_server: storage: # this is needed for authentication and authorization of protected requests # also is used by all grant types # has to implement OAuth2\Storage\IAccessTokenStorage access_token: 'service id' # this is needed for client identification # also this is used in client credentials grant type # has to implement OAuth2\Storage\IClientStorage client: 'service id' # optional but if you are using authorization code grant type you have to set it # has to implement OAuth2\Storage\IAuthorizationCodeStorage authorization_code: 'service id' # optional but if you are using refresh token grant type or generating refresh tokens # you have to set it # has to implement OAuth2\Storage\IRefreshTokenStorage refresh_token: 'service id'
Grant types
There are pre-installed grant types already. To use them just enable them (by default they are all disabled).
oauth2_server: grant_types: authorization_code: false client_credentials: false implicit: true refresh_token: true resource_owner_password_credentials: true
Own grant types
You can use your own grant types too, just create services and tag them as oauth2_server.grant_type. All services has to implement OAuth2\GrantType\IGrantType.
my_custom_grant_type: class: My\Own\GrantType tags: - { name: o_auth2_server.grant_type }
TODO:
- Authorization endpoint