league/oauth2-server 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.| Name | Version | Size | License | Type | Vulnerabilities |
|---|---|---|---|---|---|
| defuse/php-encryption | v2.4.0 | 56.68 kB | MIT | prod | |
| lcobucci/clock | 3.2.0 | 2.92 kB | MIT | prod dev | |
| lcobucci/jwt | 5.3.0 | - | BSD-3-Clause | prod | |
| league/event | 2.2.0 | - | MIT | prod | |
| league/uri | 7.4.1 | - | MIT | prod |
The league/oauth2-server is a powerful library written in PHP that is designed to provide a lightweight and standards-compliant implementation of an OAuth 2.0 authorization server. The primary purpose is to make the process of working with OAuth 2.0 extremely straightforward. You can easily configure an OAuth 2.0 server to protect your API with access tokens, or let apps request and refresh access tokens. It supports all core specification grants, including authorization code grant, implicit grant, client credentials grant, resource owner password credentials grant, and refresh grant.
To get started using the league/oauth2-server package, you must first install it using composer. You can do this by running the command composer require league/oauth2-server in your terminal or command prompt. Once installed, you can start using the library to build a secure OAuth 2.0 server to protect your API and manage access tokens. Please note that it requires PHP 8.0 or newer, and the openssl and json PHP extensions should also be installed. In addition, HTTP messages transferred to your server should accord with the PSR-7 standard to ensure compatibility with other packages and frameworks.
// An illustration of how to use the library (not actual working code)
require 'vendor/autoload.php';
use League\OAuth2\Server\AuthorizationServer;
// Instantiate the server
$server = new AuthorizationServer(
$clientRepository, // an instance of ClientRepositoryInterface
$accessTokenRepository, // an instance of AccessTokenRepositoryInterface
$scopeRepository, // an instance of ScopeRepositoryInterface
$privateKey, // Path to your private key file
$publicKey // Path to your public key file
);
The actual usage and configuration would depend on the type of grant you want to implement, so you need to refer to the official library documentation for detailed instructions.
The official documentation of league/oauth2-server can be found at https://oauth2.thephpleague.com. The documentation provides comprehensive information on how to configure and implement various features of the OAuth 2.0 server in your PHP projects. You are welcome to contribute to the improving the documentation, which is maintained in the gh-pages branch on the GitHub repository. Have in mind that any issues or requests concerning OAuth should be raised via the GitHub issues tracker and not by email.
