mrblackus / oauth2-server
A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.
Requires
- php: >=5.4.0
Requires (Dev)
- league/phpunit-coverage-listener: ~1.0
- mockery/mockery: ~0.8
Replaces
- lncd/oauth2: *
This package is not auto-updated.
Last update: 2024-11-19 08:51:20 UTC
README
A standards compliant OAuth 2.0 authorization server and resource server written in PHP.
Package Installation
The framework is provided as a Composer package which can be installed by adding the package to your composer.json
file:
{ "require": { "league/oauth2-server": "3.*" } }
Framework Integrations
- Laravel Service Provider by @lucadegasperi
- Laravel Eloquent implementation by @ScubaClick (under development)
The library features 100% unit test code coverage. To run the tests yourself run phpunit
from the project root.
Current Features
Authorization Server
The authorization server is a flexible class and the following core specification grants are implemented:
- authorization code (section 4.1)
- refresh token (section 6)
- client credentials (section 2.3.1)
- password (user credentials) (section 4.3)
Resource Server
The resource server allows you to secure your API endpoints by checking for a valid OAuth access token in the request and ensuring the token has the correct scope(s) (i.e. permissions) to access resources.
Custom grants
Custom grants can be created easily by implementing an interface.
Changelog
Contributing
Please see CONTRIBUTING for details.
Support
Bugs and feature request are tracked on GitHub
License
This package is released under the MIT License. See the bundled LICENSE file for details.
Credits
This code is principally developed and maintained by Alex Bilbie.
Special thanks to:
The initial code was developed as part of the Linkey project which was funded by JISC under the Access and Identity Management programme.