Configuration
Table of Contents
- Introduction
- Generating public and private keys
- Generating encryption keys
- Authorization Server
- Repositories
Introduction
Depending on which grant you are implementing you will need to enable a number of repositories. We already implemented all of them. Each grant documentation page lists which repositories are required, and each repository interface has it’s own documentation page. Of course, to implement a custom repository you'll have to implement corresponding interface.
The repositories are expected to return (on success) instances of [entity interfaces](https://github.com/preferans/oauth-bridge/tree/master/src/Entities; to make integration with your existing entities and models as easy as possible though, all required methods have been implemented as traits that you can use.
Generating public and private keys
To generate the private key run this command on the terminal:
openssl genrsa -out private.key 1024
If you want to provide a passphrase for your private key run this command instead:
openssl genrsa -passout pass:_passphrase_ -out private.key 1024
then extract the public key from the private key:
openssl rsa -in private.key -pubout -out public.key
or use your passphrase if provided on private key generation:
openssl rsa -in private.key -passin pass:_passphrase_ -pubout -out public.key
The private key must be kept secret (i.e. out of the web-root of the authorization server). The authorization server also requires the public key.
If a passphrase has been used to generate private key it must be provided to the authorization server.
The public key should be distributed to any services (for example resource servers) that validate access tokens.
Generating encryption keys
To generate an encryption key for the AuthorizationServer run the following command in the terminal:
php -r 'echo (new Phalcon\Security\Random)->base64(32);'