Download the PHP package iansimpson/ss-oauth2-server without Composer
On this page you can find all versions of the php package iansimpson/ss-oauth2-server. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download iansimpson/ss-oauth2-server
More information about iansimpson/ss-oauth2-server
Files in iansimpson/ss-oauth2-server
Package ss-oauth2-server
Short Description Silverstripe OAuth 2.0 Server
License MIT
Homepage https://logicstudio.nz
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package ss-oauth2-server
OAuth2 Server
Introduction 👋
This allows your Silverstripe site to be in OAuth 2.0 provider.
Please note that this is under development. It should work just fine, but has not been extensively tested, and is poorly documented.
It supports the following grants:
- Authorization code grant
- Refresh grant
⚠️ Upgrade Warning
Grant Type Validation
Grant type validation has been updated to strictly match the grant type stored in the Silverstripe CMS against the grant type sent in the request. Previously, these could differ without causing an error.
Action required: If you are upgrading from previous module version or upgrading to CMS version 6, you must ensure that the Grant Type value stored against each OAuth client in the CMS matches the grant type used in your access token requests (e.g. authorization_code, client_credentials). Mismatched values will now cause the token request to be rejected.
Requirements 🦺
- PHP ^8.1
- Silverstripe ^4.13
Installation 👷♀️
Install the add-on with Composer:
Next, generate a private/public key pair:
Put these on your web server, somewhere outside the web root
Generate encryption key:
Add the following lines in your .env, updating the OAUTH_PRIVATE_KEY_PATH and OAUTH_PUBLIC_KEY_PATH to point to the key files, and adding the encryption key you have just generated:
Finally, after doing a /dev/build/ go into your site settings and on the OAuth Configuration and add a new Client. Using this you should now be able to generate a key at /oauth/authorize, per the OAuth 2.0 spec (https://tools.ietf.org/html/rfc6749).
Usage 🏃🏃🏃
To verify the Authorization header being submitted is correct, add this to your Controller:
it will return a Member object if the Authorization header is correct, or null if there's an error. Simple!
All versions of ss-oauth2-server with dependencies
guzzlehttp/psr7 Version ^2.5
league/oauth2-server Version ^9.3
monolog/monolog Version ^3
robbie/psr7-adapters Version ^1
silverstripe/framework Version ^6
silverstripe/siteconfig Version ^6