oauth2-server

oauth2-server copied to clipboard

I got started with PHP and Slim few weeks ago, so I'm beginner using this technology. Now I want to make a project where I will implement authorization, creating toke...

DavidAtanasoski

BearerTokenValidator::validateAuthorization requires the JWT to have the 'Not Before' claim

3

With [commit 07bdaeb](https://github.com/thephpleague/oauth2-server/commit/07bdaebb5d63ded6e227da9ba4ad72473fc4cd62) the deprecated Constraint `Lcobucci\JWT\Validation\Constraint\ValidAt` is replaced with the newer `Lcobucci\JWT\Validation\Constraint\StrictValidAt`. This replacement broke our authentication as our tokens (provided by a third party system) do not contain...

goldi80

Test against php 8.1

6

sergiy-petrov

Add token revocation support (RFC 7009)

11

This fixes the merge conflicts in #995 by @jacobweber https://tools.ietf.org/html/rfc7009

tomsisk

Support for league/event 3.0.0

1

# Recreate steps - `league/oauth2-server 8.3.4` installed - `composer outdated` (`league/event 2.2.0 3.0.0 Event package`) - `composer why-not league/event 3.0.0` (`league/oauth2-server 8.3.4 requires league/event (^2.2)`)

vaawebdev

RFC 7591/7592 support

7

Are there any plans to support these two RFCs? I'd love to be able to use this library for managing clients in addition to just authenticating against them.

alexplumb

Private claims implementation

19

This PullRequest should implement private claims as described in RFC7519 in section 4.2. According to #1120 , this is still missing, but is wanted. This implementation is based on that...

skroczek

password grant username for number is not work

5

``` /** * @param ServerRequestInterface $request * @param ClientEntityInterface $client * * @throws OAuthServerException * * @return UserEntityInterface */ protected function validateUser(ServerRequestInterface $request, ClientEntityInterface $client) { $username = $this->getRequestParameter('username', $request);...

yangjisen

Accept key content directly instead of require a key file

10

We are running the server in a docker environment with read-only filesystem and we use the same docker image for staging and production. That's why we configure everything (including keys)...

marc-mabe

Ability to extend the JWT token with information

18

Right now the JWT token has one custom claim called `scopes`. But it would be a nice feature to add some more claims to the JWT when required. Like a...

leroy0211