oauth2-server/requirements.md
2016-04-10 16:40:34 +01:00

879 B
Executable File

layout title permalink
default Requirements /requirements/

Requirements

In order to prevent man-in-the-middle attacks, the authorization server MUST require the use of TLS with server authentication as defined by RFC2818 for any request sent to the authorization and token endpoints. The client MUST validate the authorization server's TLS certificate as defined by RFC6125 and in accordance with its requirements for server identity authentication.

This library uses key cryptography in order to encrypt and decrypt, as well as verify the integrity of signatures. See the installation page for details on how to generate the keys.

The following versions of PHP are supported:

  • PHP 5.5 (>=5.5.9)
  • PHP 5.6
  • PHP 7.0
  • HHVM

The openssl PHP extension is required.