oauth2-client icon indicating copy to clipboard operation
oauth2-client copied to clipboard

Published 20 hours ago verified publisher icon thephpleague

Missing "Token Type" from AccessToken?

Open KidA78 opened this issue 9 years ago • 5 comments

According to the RFC (https://tools.ietf.org/html/rfc6749#section-1.4) there is a token_type field often returned when an Access Token is returned by an OAuth Service. Is this left out on purpose? In terms of the client being able to make decisions on which OAuth flow to use, shouldn't this be something that is available on the AccessToken object?

KidA78 avatar May 07 '16 20:05 KidA78

This is something that League is aware of and we're starting to work towards addressing it with a separate oauth-token package that will be used for all League packages. The initial prototype is in shadowhand/oauth-token#1. I'd love some help on this, it's be hard to find time to keep it moving.

shadowhand avatar May 09 '16 15:05 shadowhand

@shadowhand what kind of help is needed there? Are there open issues? I'd love to help.

stevenmaguire avatar May 09 '16 16:05 stevenmaguire

@stevenmaguire I just need more eyes. We need to have compatible implementations for OAuth2 and OAuth1 tokens. And then we need to try using it in oauth2-client and oauth2-server.

shadowhand avatar May 09 '16 16:05 shadowhand

May i know whether Oauth2 authentication works without google login. Is there any possibility to work with Oauth2 without google authorization login using codeigniter/php?

Developerdjax avatar Jul 15 '16 07:07 Developerdjax

@Developerdjax OAuth2 is a general purpose specification. If you are not familiar with how it works, I recommend starting here http://oauth.net/2/

shadowhand avatar Jul 22 '16 12:07 shadowhand