Brent Shaffer

From https://github.com/bshaffer/oauth2-server-php/issues/459: > Hello, > > Great work on this, very educational and helpful. Many thanks. > > Here: > http://bshaffer.github.io/oauth2-server-php-docs/cookbook/ > > The server.php code should probably also include:...

from https://github.com/bshaffer/oauth2-server-php/issues/461: > Schema for jti_table and public_key_table implemented by PDO storage is missing. > > http://bshaffer.github.io/oauth2-server-php-docs/cookbook/

From https://github.com/bshaffer/oauth2-server-php/issues/463: > Good afternoon, > > Just noticed that the DDL statements on the following page http://bshaffer.github.io/oauth2-server-php-docs/cookbook/ are not in sync with the OAuth2/Storage/Pdo.php function getBuildSql. > > E.g....

Document the "use_crypto_tokens" option, which makes adding crypto tokens much easier

The Walkthrough should include instructions on how to run this using a built-in PHP server (i.e. php -S localhost:9000)

The /authorize implementation described in the step-by-step walkthrough allows for CSRF, where an attacker would be able to forge a request bypassing the authorization form. It would be great if...

The grant types section should: 1. include a table of contents (for each grant type) - possibly have their own pages? 2. Expand on the creation of a server for...

Moving https://github.com/bshaffer/oauth2-server-php/issues/81 to here From @bojanz: > The implicit flow is less secure than the authorization code flow, neither the spec or any other resources attempt to hide that. >...

http://blog.tankist.de/blog/2013/07/16/oauth2-explained-part-1-principles-and-terminology/

Add a Symfony 1.4 article to the cookbook