oauth2-server
oauth2-server copied to clipboard
thephpleague
A spec compliant, secure by default PHP OAuth 2.0 Server
Currently, the unique identifier generator is a function available here that cannot be easily modified: https://github.com/thephpleague/oauth2-server/blob/eb91b4190e7f6169053ebf8ffa352d47e756b2ce/src/Grant/AbstractGrant.php#L569 Would it be possible to customize the generation of the unique identifier? In my...
``` League\OAuth2\Server\Exception\OAuthServerException The resource owner or authorization server denied the request. ```
Token exchange is a new grant type [defined by the IETF](https://www.rfc-editor.org/rfc/rfc8693.html) providing support for impersonation and delegation scenarios, such as the following: [](https://www.scottbrady91.com/oauth/delegation-patterns-for-oauth-20) _Illustration by [Scott Brady](https://www.scottbrady91.com/)_...
# Issue The [OAuth2 specification](https://www.oauth.com/oauth2-servers/access-tokens/authorization-code-request/#security-considerations) has the following: > If an authorization code is used more than once, the authorization server must deny the subsequent requests. This repository addresses this...
The typing in version 9 has broken some Laravel Passport tests. I think the types have probably been too strict so am relaxing this a little to ease the burden...
Updates the requirements on [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) to permit the latest version. Release notes Sourced from phpunit/phpunit's releases. PHPUnit 10.5.20 #5771: JUnit XML logger may crash when test that is run in...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Trying to add support and test v9-rc1 before stable release on Laravel Passport, PR laravel/passport#1734, there are 2 issues: 1. User ID doesn't accept integer 2. Client ID doesn't accept...
I have a scenario where I want to do additional handling of the access token before the API response is sent. I'm not finding a good way to be able...
This PR can be considered as a security enhancement and does 2 changes: 1. Always validate client: * The auth code grant - Unlike all other grants - calls `AbstractGrant::validateClient()`...
Updates the requirements on [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) to permit the latest version. Release notes Sourced from phpunit/phpunit's releases. PHPUnit 10.5.24 Changed #5877: Use array_pop() instead of array_shift() for processing Test objects in...
Metadata
Owner
Metadata
A spec compliant, secure by default PHP OAuth 2.0 Server