Skip to content

Example OAuth2 implementation using the PHP League OAuth2 Server and Client packages

License

Notifications You must be signed in to change notification settings

pdsinterop/example-oauth-server

Repository files navigation

Example OAuth2 server and client

Project stage: Development License Latest Version Maintained

PDS Interop standard-readme compliant keep-a-changelog compliant

Example OAuth2 implementation using the PHP League OAuth2 Server and Client packages

This project contains a working example of how to create an OAuth2 server with league/oauth2-server and use is with league/oauth2-client.

Besides boilerplating and infrastructure, this projects contains Entity, Repository and Grant classes for league/oauth2-server and custom Provider for league/oauth2-server.

Table of Contents

Background

The code in this project was created in order to understand how OAuth2 and these libraries work, whilst implementing the Authentication and Authorization for the standalone PHP and Nextcloud Solid servers.

This project should make it more clear what sort of data is send across the network and could (or should) be stored by an application acting as an OAuth2 server.

The details of how to store things depends on whatever platform, library or framework integrating the OAuth2 server.

If you feel more comfortable looking at implementations for a specific framework in order to understand how all of this works, take a look at one of the other existing integrations .

Installation

The advised way of running this project is by using the provided docker image.

To install the project locally, create a Git clone and run Composer to install the required dependencies:

git clone https://github.com/pdsinterop/example-oauth-server.git oauth2-example
cd $_
composer install

Usage

The application runs an authorization server, client application, and resource server from the same webroot.

It makes calls to itself and should run HTTPS (HTTP+TLS).

It can be run by using the provided docker image, a docker image of your choice or with the PHP development server.

Provided docker image

The advised way of running this project is by using the provided docker image:

docker run pdsinterop/example-oauth-server

Custom docker image

The project can also be run by mounting it into any TLS enabled PHP+Apache docker image, for instance using php-solid-server created by the test-suites :

docker run                                     \
    -it                                        \
    --name=server                              \
    --network=host                             \
    --rm                                       \
    --volume /path/to/pdsinterop/example-oauth-server:/app \
    php-solid-server

PHP development server

As this is meant as a runnable example and NOT production ready, HTTPS will be disabled when run using the built-in PHP development server (as it does not support HTTP+TLS).

When using the PHP development server, all request to the server by the client will time-out unless it is called with more workers enabled:

PHP_CLI_SERVER_WORKERS=3    \
php                         \
    --docroot ./web/        \
    --server '0.0.0.0:8080' \
    ./web/index.php

Contribute

Questions or feedback can be given by opening an issue on GitHub.

All PDS Interop projects are open source and community-friendly. Any contribution is welcome! For more details read the contribution guidelines.

All PDS Interop projects adhere to the Code Manifesto as its code-of-conduct. Contributors are expected to abide by its terms.

There is a list of all contributors on GitHub.

For a list of changes see the CHANGELOG or the GitHub releases page.

License

All code created by PDS Interop is licensed under the MIT License.

About

Example OAuth2 implementation using the PHP League OAuth2 Server and Client packages

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published