Download the PHP package isigar/oauth2 without Composer

On this page you can find all versions of the php package isigar/oauth2. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of isigar/oauth2

Informations about the package oauth2

OAuth2 Provider

This repository is being developed and it's highly unstable.

Requirements

Drahak/OAuth2 requires PHP version 5.3.0 or higher. The only production dependency is Nette framework 2.0.x.

Installation & setup

The easist way is to use Composer

$ composer require drahak/oauth2:@dev

Then add following code to your app bootstrap file before creating container:

or register it in config.neon:

Neon configuration

OAuth2

Abstract protocol flow

OAuth Roles

Client - the third-party application

This application wants to get user's data from Resource server, so it needs to get an access token.

Resource server - API

There is data which client wants. API server uses access token to access user's information.

Resource owner

Gives access to some portion of their account.

See also OAuth 2 Simplified and original specification

OAuth presenter

Presenter (IOAuthPresenter) that gives an access. In base it has 2 main methods, issueAccessToken and issueAuthorizationCode. Simple OAuth (Resource owner) presenter could looks like this:

Method issueAccessToken determines correct grant type from grant_type parameter. In case of error throws some OAuthException which can be handled by oauthError method in default implementation.

Action authorize is more complex. This is used for generating Authorization code (see below - Authorization code) but for Implicit grant type it's necessary to generate access token here. In case if user is not logged in, redirect user to some login page and then restore authorization request using backlink.

Grant types

Are determined by grant_type parameter. There is support of base grant types as defined in OAuth2 specification: Authorization Code, Implicit, Password, Client Credentials and Refresh token.

  1. Authorization code

    This grant type is great for third-party applications which can secure client secret code.

To generate access token, you'll need to get authorization code first. You can obtain it from IOAuthPresenter by calling issueAuthorizationCode

Request for authorization code:
Authorization code response:

In any case (error or success) Resource owner redirects back to the client using redirect_uri with authorization code as a query parameter:

Or

Since you have authorization code you can make access token request (data provided as application/x-www-form-urlencoded)

Request for access token:
Access token response

In case or error, provides JSON response:

  1. Implicit

    Is used for browser-based (web) or mobile applications, where you can't secure client secret so yopu can't use it to obtain access token.

Request for access token:
Access token response

Redirect to redirect_uri

In case or error, redirects to:

  1. Password

    Is used for trusted (usually first-party) applications, where you completely trust client because you generate access token from real user credentials (username, password)

Request for access token:
Access token response

In case or error:

  1. Client credentials

    If application needs to get access token for their own account outside the context of any specific user this is probably the best way.

Request for access token:
Access token response

In case or error:

  1. Refresh token

    Is used to restore (actually re-generate) access token without authentication process. Refresh token is provided with almost every grant type (excluding Implicit).

Request for refresh token:
Access token response

In case or error:

All versions of oauth2 with dependencies

PHP Build Version
Package Version
Requires php Version >= 5.3.0
nette/nette Version @dev
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package isigar/oauth2 contains the following files

Loading the files please wait ....