An OAuth2 Server Library for PHP

Implement an OAuth 2.0 Server cleanly into your PHP application. Download the Code from GitHub to get started.

Requirements

PHP 5.3.9+ is required for this library. However, there is a stable release and development branch for PHP 5.2.x-5.3.8 as well.

Installation

This library follows the zend PSR-0 standards. A number of autoloaders exist which can autoload this library for that reason, but if you are not using one, you can register the OAuth2\Autoloader:

Php
require_once('/path/to/oauth2-server-php/src/OAuth2/Autoloader.php');
OAuth2\Autoloader::register();

Using Composer? Execute the following command:

composer.phar require bshaffer/oauth2-server-php "^1.10"

This will add the requirement to the composer.json and install the library.

It is highly recommended you check out the v1.10.0 tag to ensure your application doesn’t break from backwards-compatibility issues. However, if you’d like to stay on the bleeding edge of development, you can set this to dev-master instead.

Get Started With This Library

Looking through the cookbook examples is the best way to get started. For those who just skim the docs for code samples, here is an example of a bare-bones OAuth2 Server implementation:

Php
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
$server = new OAuth2\Server($storage);
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage)); // or any grant type you like!
$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();

See Main Concepts for more information on how this library works.

Learning the OAuth2.0 Standard

  1. If you are new to OAuth2, I highly recommend the OAuth in 8 Steps screencast from Knp University: OAuth in 8 Steps

  2. Additionally, take some time to click around on the OAuth2 Demo Application and view the source code for examples using a variety of grant types. OAuth Demo Application

  3. Also, Auth0 provides a very nice layer for implementing OAuth2.0 for PHP applications.

  4. Finally, consult the official OAuth2.0 documentation for the down-and-dirty technical specifications.

Contact

The best way to get help and ask questions is to file an issue. This will help answer questions for others as well.

If for whatever reason filing an issue does not make sense, contact Brent Shaffer (bshafs gmail com)

Fork me on GitHub