spomky-labs / oauth2-server-library
OAuth2 Server Library
Requires
- php: >=5.6
- psr/http-message: ^1.0
- spomky-labs/jose: ^5.0
Requires (Dev)
- paquettg/php-html-parser: ^1.6
- phpunit/phpunit: ^5.0
- satooshi/php-coveralls: ^1.0
- symfony/http-foundation: ^2.7|^3.0
- symfony/psr-http-message-bridge: ^0.2
- symfony/var-dumper: ^2.7|^3.0
- zendframework/zend-diactoros: ^1.1
- dev-master / 2.0.x-dev
- v1.0.1-beta39
- v1.0.1-beta38
- v1.0.1-beta37
- v1.0.1-beta36
- v1.0.1-beta35
- v1.0.1-beta34
- v1.0.1-beta33
- v1.0.1-beta32
- v1.0.1-beta31
- v1.0.1-beta30
- v1.0.1-beta29
- v1.0.1-beta28
- v1.0.1-beta27
- v1.0.1-beta26
- v1.0.1-beta25
- v1.0.1-beta24
- v1.0.1-beta23
- v1.0.1-beta22
- v1.0.1-beta21
- v1.0.1-beta20
- v1.0.1-beta19
- v1.0.1-beta18
- v1.0.1-beta17
- v1.0.1-beta16
- v1.0.1-beta15
- v1.0.1-beta14
- v1.0.1-beta13
- v1.0.1-beta12
- v1.0.1-beta11
- v1.0.1-beta10
- v1.0.1-beta9
- v1.0.1-beta2
- v1.0.0-beta8
- v1.0.0-beta7
- v1.0.0-beta6
- v1.0.0-beta5
- v1.0.0-beta4
- v1.0.0-beta3
- v1.0.0-beta2
- v1.0.0-beta1
- v1.0.0-alpha2
- v1.0.0-alpha1
- v0.2.0
- v0.1.0
- v0.0.21
- v0.0.20
- v0.0.19
- v0.0.18
- v0.0.17
- v0.0.16
- v0.0.15
- v0.0.14
- v0.0.13
- v0.0.12
- v0.0.11
- v0.0.10
- v0.0.9
- v0.0.8
- v0.0.7
- v0.0.6
- v0.0.5
- v0.0.4
- v0.0.3
- v0.0.2
- v0.0.1
- v0.0.0
This package is not auto-updated.
Last update: 2016-11-23 22:27:13 UTC
README
Help me out for a couple of 🍻!
This library provides components to build an authorization server based on the OAuth2 Framework protocol (RFC6749) and associated features.
The following components are implemented:
- Access Token Managers:
- JWT access token
- Random string access token
- Ability to use other Access Token managers
- Access Token Types:
- Bearer access token (RFC6750)
- MAC access token (IETF draft 02 only) - The implementation is stopped until the specification has not reach maturity
- Ability to use other Access Token Types
- Exception manager
- Scope manager (RFC6749, section 3.3)
- Clients Managers:
- Public clients (RFC6749, section 2.1) - See
none
authentication method - Password clients (RFC6749, section 2.3.1)
- HTTP Basic Authentication Scheme (RFC2617 and RFC7617) - See
client_secret_basic
authentication method - JWT Assertion using password as shared key (OpenID Connect Core) - See
client_secret_jwt
authentication method - Credentials from request body - See
client_secret_post
authentication method
- HTTP Basic Authentication Scheme (RFC2617 and RFC7617) - See
- SAML clients (RFC7521 and RFC7522) - Help requested!
- JWT clients (RFC7521 and RFC7523) - See
private_key_jwt
authentication method - Unregistered clients (RFC6749, section 2.4) - See
none
authentication method - Ability to use other Client Managers
- Public clients (RFC6749, section 2.1) - See
- Endpoints:
- Authorization (RFC6749, section 3.1)
- Token (RFC6749, section 3.2)
- Token Revocation (RFC7009)
- Token Introspection (RFC7662)
- Dynamic Client Registration Protocol (RFC7591)
- Dynamic Client Registration Management Protocol (RFC7592)
- Ability to use other Endpoints
Grant types:
- Authorization code grant type (RFC6749, section 4.1)
- Proof Key for Code Exchange by OAuth Public Clients (RFC7636)
- Plain
- S256
- Ability to use other challenge methods
- Proof Key for Code Exchange by OAuth Public Clients (RFC7636)
- Implicit grant type (RFC6749, section 4.2)
- Resource Owner Password Credentials grant type (RFC6749, section 4.3)
- Client credentials grant type (RFC6749, section 4.4)
- Refresh token grant type (RFC6749, section 6)
- SAML grant type (RFC7521 and RFC7522) - Help requested!
- JWT Bearer token grant type (RFC7521 and RFC7523)
- Ability to use other Grant Types
- Authorization code grant type (RFC6749, section 4.1)
Partial implementation
- Threat Model and Security Consideration (RFC6819)
- OpenID Connect: See the dedicated page of its implementation
Integration planned
The Release Process
The release process is described here.
Prerequisites
It has been successfully tested using PHP 5.6
, PHP 7.0
, PHP 7.1
and HHVM
.
Installation
The preferred way to install this library is to rely on Composer:
composer require "oauth2-framework/server-library"
How to use
Have a look at How to use to use OAuth2 server and handle your first requests.
Contributing
Requests for new features, bug fixed and all other ideas to make this library useful are welcome. The best contribution you could provide is by fixing the opened issues where help is wanted
Please make sure to follow these best practices.
Licence
This library is release under MIT licence.