oauth2-server
oauth2-server copied to clipboard
Allow Ecdsa keys as oauth2 server
Currently, the algo is hard-coded here https://github.com/thephpleague/oauth2-server/blob/master/src/Entities/Traits/AccessTokenTrait.php#L47
Switching it does not work in any case, but you get at least a key. Verifiying seems also hard-coded somewhere
Thank you. This implementation is hopefully just a stop gap until we drop PHP 7 support all together. I will flag this for addressing in the next major.
I think the verifying also takes place in this method: https://github.com/thephpleague/oauth2-server/blob/0f32fbe00b6b1bdd72c8a70cb1763be49ce8c99b/src/AuthorizationValidators/BearerTokenValidator.php#L69