Getting Started

What is oAuth Bridge?

oAuth Bridge is a library focused on API Authentication for Phalcon applications. Mainly it is a library that makes implementing a standards compliant OAuth 2.0 server trivial. Your users can authenticate and authorize application clients, and protect your APIs.

Out of the box it supports all of the grants defined in the OAuth 2.0 Authorization Framework RFC:

  • Authorization code grant
  • Implicit grant
  • Client credentials grant
  • Resource owner password credentials grant
  • Refresh grant

NOTE: This library is fully reworked and separately developed version of League's OAuth 2.0 Server. The thephpleague/oauth2-server v5 and v6 are based on PSR-7 standards, but in the current Phalcon versions (prior to 3.x) this standard is not supported, so, we created a new adapted "version" special for this (based on Phalcon Requests).

The copyright to the thephpleague/oauth2-server code belongs to Alex Bilbie. For more see thephpleague/oauth2-server license.

The main goals of this project:

  • To provide transparent integration using oAuth industrial standards
  • To provide better performance by working with Phalcon Framework
  • To reduce inconvenience resulting from the lack of PSR-7 support in Phalcon Framework (prior to v3.x)

Requirements

In order to prevent man-in-the-middle attacks, the authorization server MUST require the use of TLS with server authentication as defined by RFC2818 for any request sent to the authorization and token endpoints. The client MUST validate the authorization server’s TLS certificate as defined by RFC6125 and in accordance with its requirements for server identity authentication.

This library uses key cryptography in order to encrypt and decrypt, as well as verify the integrity of signatures. See the configuration page for details on how to generate the keys.

  • PHP 7.0 or newer
  • Phalcon 3.2.0 or newer

The openssl PHP extension is required.

Installation

Install Composer in a common location or in your project:

$ curl -s http://getcomposer.org/installer | php

Then create the composer.json file as follows:

{
    "require": {
        "preferans/oauth-bridge": "@stable"
    }
}

Run the composer installer:

$ php composer.phar install

NOTE: The master branch will always contain the latest unstable version. If you wish to check older versions or formal, tagged release, please switch to the relevant tag.

results matching ""

    No results matching ""