oauth2-server
oauth2-server copied to clipboard
thephpleague
A spec compliant, secure by default PHP OAuth 2.0 Server
I'm working through the V4->V5 upgrade (we're using Diactoros to work around the PSR-7 requirement for now) and one thing that has me stumped is how to make refresh tokens...
I am working on an implementation using level 4 Uuids as unique identifiers for the tokens and auth code. My first approach was to create a custom Grant overriding the...
In `League\OAuth2\Server\Grant\AbstractGrant` I could not understand why `generateUniqueIdentifier` is implemented as it is. There is no way to configure the length other than by extending `AbstractGrant` and override it, but...
Are you going to include something [RFC7009](https://tools.ietf.org/html/rfc7009) compliant to the lib that could be used in a straightforward way like `$server->respondToRevokeTokenRequest($request, $response);`?
Hi, Please could you clarify for me what an implementation of AccessTokenEntityInterface should do with the scopes parameter in getNewToken() ? or any of the parameters actually. The getNewToken method...
Hi, I'm currently using the PSR-7 version with Zend Expressive 2, but I'm facing some obstacles on adapting it to work with Zend Expressive 3. Is there any plans to...
// Return the request with additional attributes return $request ->withAttribute('oauth_access_token_id', $token->getClaim('jti')) ->withAttribute('oauth_client_id', $token->getClaim('aud')) ->withAttribute('oauth_user_id', $token->getClaim('sub')) ->withAttribute('oauth_scopes', $token->getClaim('scopes')); The appears to expect the client identifier as audience which seems to conflict...
An [old pull request](https://github.com/thephpleague/oauth2-server/pull/801) allowed us to replace the # with an alternative fragment identifier for the implicit grant. I am struggling to find where in the spec this is...
The OAuth spec limits characters that can be used in a scope to the following: > scope-token = 1*( %x21 / %x23-5B / %x5D-7E ) I don't believe we currently...
Metadata
Owner
Metadata
A spec compliant, secure by default PHP OAuth 2.0 Server