mezzio-authentication-oauth2
mezzio-authentication-oauth2 copied to clipboard
mezzio
Wish Item: Auth Aggrogate for Password Grant
- [x] I was not able to find an open or closed issue matching what I'm seeing.
- [x] This is not a question. (Questions should be asked on slack (Signup for Slack here) or our forums.)
Would be nice to be able to provide our own auth method for the password grant, while I could certainly pass in a new userRepository, it would be nice to be able to add an additional password verifier to the existing repo. Perhaps we could make this an aggrogate service, much like zend-auth uses?
Originally posted by @wshafer at https://github.com/zendframework/zend-expressive-authentication-oauth2/issues/25
This request can fall into this request: Create event hooks for all OAuth2 Repository functions.
Though my work with api-skeletons/zf-oauth2-doctrine I often see cases for custom authorization such as to validate against an old password hash or to validate against a PIN instead of a Password.
Originally posted by @TomHAnderson at https://github.com/zendframework/zend-expressive-authentication-oauth2/issues/25#issuecomment-373133733