oauth2-server-php
oauth2-server-php copied to clipboard
bshaffer
A library for implementing an OAuth2 Server in php
Currently, `Oauth2\Encryption\FirebaseJwt::encode` has a different signature from `OAuth2\Encryption\Jwt::encode`; the `FirebaseJwt` function has an additional `$keyId` parameter. This parameter, when included, is passed into the `kid` parameter of the JWT header....
just show my purpose. if it is worth to do, i will finish all my work.
After this PR #898 I able to run tests. And I get: ``` There were 2 failures: 1) OAuth2\GrantType\JwtBearerTest::testInvalidJti Failed asserting that two strings are equal. --- Expected +++ Actual...
curl -u testclient:testpass http://localhost/token.php -d 'grant_type=client_credentials' { "error": "invalid_request", "error_description": " grant type was not specified in the request" } I've done post and options method both
Using https://developers.google.com/oauthplayground, I confirmed that this library removes the refresh_token after the first use, regardless of the always_issue_new_refresh_token and unset_refresh_token_after_use settings e.g. $server->addGrantType(new OAuth2\GrantType\RefreshToken($storage), array( 'always_issue_new_refresh_token' => false, 'unset_refresh_token_after_use' =>...
The [`Jwt`](https://github.com/bshaffer/oauth2-server-php/blob/develop/src/OAuth2/Encryption/Jwt.php) encryption class has the header hardcoded in the `encode` function, and requires quite a bit to override. We should make `sign` protected, and make the headers editable (or...
I'm trying to revoke a token in php using this lib but I keep getting a false after calling handleRevokeRequest I'm struggling to find working example on the web ```...
When you are using the UserCredentials grant, the default TokenController doesn't check if Client Credentials user_id matches with UserCredentials user_id. This means when you are requesting a token you can...
Hi, I created authorize server but am getting this error: You must supply a storage object implementing \OAuth2\Storage\ClientInterface to use the authorize server. How to submit a storage object to...
 I'm getting this weird messages instead of  This only happens when I use Oauth2. What can I do to avoid this? Thank you
