mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-01 16:33:07 +05:30

A spec compliant, secure by default PHP OAuth 2.0 Server

Go to file

Alex Bilbie da92410ecb Merge pull request #196 from barryvdh/patch-1 Remove links to wiki		2014-08-13 08:29:34 +02:00
sql	Use utf8_unicode_ci as default collation	2014-06-26 15:39:35 +01:00
src/League/OAuth2/Server	In Resource::getExceptionHttpHeaders() use Request::BuildFromGlobals	2014-07-23 07:48:05 -07:00
tests	401 status is for invalid_token, not insufficient_scope	2014-07-11 11:59:18 -05:00
.gitattributes	Merge branch 'refs/heads/master' into develop	2013-09-26 11:18:10 +01:00
.gitignore	Ignore build files	2014-07-11 15:21:32 +01:00
.travis.yml	Ninja 5.6 test	2014-02-11 12:27:35 -05:00
CHANGELOG.md	Updated changelog	2014-07-23 16:08:33 +01:00
composer.json	Update composer.json	2014-08-10 11:11:15 +01:00
CONTRIBUTING.md	Update CONTRIBUTING.md	2013-12-06 10:50:22 +00:00
license.txt	Updated License	2013-05-08 19:04:40 -07:00
phpunit.xml.dist	Removed printer [ci skip]	2013-07-30 10:13:47 +01:00
README.md	Remove links to wiki	2014-08-08 10:57:30 +02:00

README.md

PHP OAuth 2.0 Server

A standards compliant OAuth 2.0 authorization server and resource server written in PHP.

Package Installation

The framework is provided as a Composer package which can be installed by adding the package to your composer.json file:

{
	"require": {
		"league/oauth2-server": "3.*"
	}
}

Framework Integrations

Laravel Service Provider by @lucadegasperi
Laravel Eloquent implementation by @ScubaClick (under development)

The library features 100% unit test code coverage. To run the tests yourself run phpunit from the project root.

[master]

[develop]

Current Features

Authorization Server

The authorization server is a flexible class and the following core specification grants are implemented:

authorization code (section 4.1)
refresh token (section 6)
client credentials (section 2.3.1)
password (user credentials) (section 4.3)

Resource Server

The resource server allows you to secure your API endpoints by checking for a valid OAuth access token in the request and ensuring the token has the correct scope(s) (i.e. permissions) to access resources.

Custom grants

Custom grants can be created easily by implementing an interface.

Changelog

See the project releases page

Contributing

Please see CONTRIBUTING for details.

Support

Bugs and feature request are tracked on GitHub

License

This package is released under the MIT License. See the bundled LICENSE file for details.

Credits

This code is principally developed and maintained by Alex Bilbie.

Special thanks to:

The initial code was developed as part of the Linkey project which was funded by JISC under the Access and Identity Management programme.