oauth2-server-php-docs
oauth2-server-php-docs copied to clipboard
bshaffer
documentation for the oauth2-server-php library
Document the "use_crypto_tokens" option, which makes adding crypto tokens much easier
The Walkthrough should include instructions on how to run this using a built-in PHP server (i.e. php -S localhost:9000)
The /authorize implementation described in the step-by-step walkthrough allows for CSRF, where an attacker would be able to forge a request bypassing the authorization form. It would be great if...
The grant types section should: 1. include a table of contents (for each grant type) - possibly have their own pages? 2. Expand on the creation of a server for...
There is an open issue with the library requesting table definitions for a grant type. [#170](https://github.com/bshaffer/oauth2-server-php/issues/170) Would it be a good idea to add a sample table to the grant...
Moving https://github.com/bshaffer/oauth2-server-php/issues/81 to here From @bojanz: > The implicit flow is less secure than the authorization code flow, neither the spec or any other resources attempt to hide that. >...
http://blog.tankist.de/blog/2013/07/16/oauth2-explained-part-1-principles-and-terminology/