PHPackages authbucket/oauth2 - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Logging & Monitoring](/categories/logging) 4. / 5. authbucket/oauth2 Abandoned → [authbucket/oauth2-php](/?search=authbucket%2Foauth2-php)Library[Logging & Monitoring](/categories/logging) authbucket/oauth2 ================= The standard compliant OAuth2.0 library based on the Symfony Components 4.2.2(8y ago)8288124[11 PRs](https://github.com/authbucket/oauth2-php/pulls)MITPHPPHP >=5.5.9 Since Jul 1Pushed 8y ago9 watchersCompare [ Source](https://github.com/authbucket/oauth2-php)[ Packagist](https://packagist.org/packages/authbucket/oauth2)[ Docs](https://github.com/authbucket/oauth2-php)[ RSS](/packages/authbucket-oauth2/feed)WikiDiscussions master Synced 2mo ago READMEChangelogDependencies (24)Versions (111)Used By (0) AuthBucket\\OAuth2 ================== [](#authbucketoauth2) [![Build Status](https://camo.githubusercontent.com/442480132dcb10d44116b4cb75b957b0400c9033270198e783093e25b0a665c4/68747470733a2f2f7472617669732d63692e6f72672f617574686275636b65742f6f61757468322d7068702e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/authbucket/oauth2-php)[![Coverage Status](https://camo.githubusercontent.com/20b8373d152a026cc009c99b6661f985dd486925d8651eca4f25fbdcdbbd8c37/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f617574686275636b65742f6f61757468322d7068702f62616467652e7376673f6272616e63683d6d617374657226736572766963653d676974687562)](https://coveralls.io/github/authbucket/oauth2-php?branch=master)[![Dependency Status](https://camo.githubusercontent.com/d43c31e3043ea4b2cb0e927e916332ec302a93fe4bd897c44f43624fc432f515/68747470733a2f2f7777772e76657273696f6e6579652e636f6d2f7068702f617574686275636b65743a6f61757468322d7068702f6465762d6d61737465722f62616467652e737667)](https://www.versioneye.com/php/authbucket:oauth2-php/dev-master)[![Latest Stable Version](https://camo.githubusercontent.com/8f9a4148c258cb9260c8c219c4dba73988ed6a3f9b0af8b177e931ea63de1108/68747470733a2f2f706f7365722e707567782e6f72672f617574686275636b65742f6f61757468322d7068702f762f737461626c652e737667)](https://packagist.org/packages/authbucket/oauth2-php)[![Total Downloads](https://camo.githubusercontent.com/a015d7c5ca0d5e186e17293cf64efa5dab5a5236313c5a2aa7cac31fe57d1840/68747470733a2f2f706f7365722e707567782e6f72672f617574686275636b65742f6f61757468322d7068702f646f776e6c6f6164732e737667)](https://packagist.org/packages/authbucket/oauth2-php)[![License](https://camo.githubusercontent.com/2b59e5833892ac936a4ca3ef2e6bccc77f5e268527eafddf8005209359a50168/68747470733a2f2f706f7365722e707567782e6f72672f617574686275636b65742f6f61757468322d7068702f6c6963656e73652e737667)](https://packagist.org/packages/authbucket/oauth2-php) The primary goal of [AuthBucket\\OAuth2](http://oauth2-php.authbucket.com/) is to develop a standards compliant [RFC6749 OAuth2.0](http://tools.ietf.org/html/rfc6749) library; secondary goal would be develop corresponding wrapper [Symfony2 Bundle](http://symfony.com) and [Drupal module](https://www.drupal.org). This library bundle with a [Silex](http://silex.sensiolabs.org/) based [AuthBucketOAuth2ServiceProvider](https://github.com/authbucket/oauth2-php/blob/master/src/Silex/Provider/AuthBucketOAuth2ServiceProvider.php) for unit test and demo purpose. Installation and usage can refer as below. Installation ------------ [](#installation) Simply add a dependency on `authbucket/oauth2-php` to your project's `composer.json` file if you use [Composer](http://getcomposer.org/) to manage the dependencies of your project. Here is a minimal example of a `composer.json`: ``` { "require": { "authbucket/oauth2-php": "~5.0" } } ``` ### Parameters [](#parameters) The bundled [AuthBucketOAuth2ServiceProvider](https://github.com/authbucket/oauth2-php/blob/master/src/Silex/Provider/AuthBucketOAuth2ServiceProvider.php) come with following parameters: - `authbucket_oauth2.model`: (Optional) Override this with your own model classes, default with in-memory AccessToken for using resource firewall with remote debug endpoint. - `authbucket_oauth2.model_manager.factory`: (Optional) Override this with your backend model managers, e.g. Doctrine ORM EntityRepository, default with in-memory implementation for using resource firewall with remote debug endpoint. - `authbucket_oauth2.user_provider`: (Optional) For using `grant_type = password`, override this parameter with your own user provider, e.g. using InMemoryUserProvider or a Doctrine ORM EntityRepository that implements UserProviderInterface. ### Services [](#services) The bundled [AuthBucketOAuth2ServiceProvider](https://github.com/authbucket/oauth2-php/blob/master/src/Silex/Provider/AuthBucketOAuth2ServiceProvider.php) come with following services controller which simplify the OAuth2.0 controller implementation overhead: - `authbucket_oauth2.authorization_controller`: Authorization Endpoint controller. - `authbucket_oauth2.token_controller`: Token Endpoint controller. - `authbucket_oauth2.debug_controller`: Debug Endpoint controller. ### Registering [](#registering) If you are using [Silex](http://silex.sensiolabs.org/), register [AuthBucketOAuth2ServiceProvider](https://github.com/authbucket/oauth2-php/blob/master/src/Silex/Provider/AuthBucketOAuth2ServiceProvider.php) as below: ``` $app->register(new AuthBucket\OAuth2\Silex\Provider\AuthBucketOAuth2ServiceProvider()); ``` Moreover, enable following service providers if that's not already the case: ``` $app->register(new Silex\Provider\MonologServiceProvider()); $app->register(new Silex\Provider\SecurityServiceProvider()); $app->register(new Silex\Provider\ValidatorServiceProvider()); ``` Usage ----- [](#usage) This library seperate the endpoint logic in frontend firewall and backend controller point of view, so you will need to setup both for functioning. To enable the built-in controller with corresponding routing, you need to mount it manually: ``` $app->get('/api/oauth2/authorize', 'authbucket_oauth2.authorization_controller:indexAction') ->bind('api_oauth2_authorize'); $app->post('/api/oauth2/token', 'authbucket_oauth2.token_controller:indexAction') ->bind('api_oauth2_token'); $app->match('/api/oauth2/debug', 'authbucket_oauth2.debug_controller:indexAction') ->bind('api_oauth2_debug'); ``` Below is a list of recipes that cover some common use cases. ### Authorization Endpoint [](#authorization-endpoint) We don't provide custom firewall for this endpoint, which you should protect it by yourself, authenticate and capture the user credential, e.g. by [SecurityServiceProvider](http://silex.sensiolabs.org/doc/providers/security.html): ``` $app['security.default_encoder'] = function ($app) { return new Symfony\Component\Security\Core\Encoder\PlaintextPasswordEncoder(); }; $app['security.user_provider.default'] = $app['security.user_provider.inmemory._proto']([ 'demousername1' => ['ROLE_USER', 'demopassword1'], 'demousername2' => ['ROLE_USER', 'demopassword2'], 'demousername3' => ['ROLE_USER', 'demopassword3'], ]); $app['security.firewalls'] = [ 'api_oauth2_authorize' => [ 'pattern' => '^/api/oauth2/authorize$', 'http' => true, 'users' => $app['security.user_provider.default'], ], ]; ``` ### Token Endpoint [](#token-endpoint) Similar as authorization endpoint, we need to protect this endpoint with our custom firewall `oauth2_token`: ``` $app['security.firewalls'] = [ 'api_oauth2_token' => [ 'pattern' => '^/api/oauth2/token$', 'oauth2_token' => true, ], ]; ``` ### Debug Endpoint [](#debug-endpoint) We should protect this endpoint with our custom firewall `oauth2_resource`: ``` $app['security.firewalls'] = [ 'api_oauth2_debug' => [ 'pattern' => '^/api/oauth2/debug$', 'oauth2_resource' => true, ], ]; ``` ### Resource Endpoint [](#resource-endpoint) We don't provide other else resource endpoint controller implementation besides above debug endpoint. You should consider implement your own endpoint with custom logic, e.g. fetching user email address or profile image. On the other hand, you can protect your resource server endpoint with our custom firewall `oauth2_resource`. Shorthand version (default assume resource server bundled with authorization server, query local model manager, without scope protection): ``` $app['security.firewalls'] = [ 'api_resource' => [ 'pattern' => '^/api/resource', 'oauth2_resource' => true, ], ]; ``` Longhand version (assume resource server bundled with authorization server, query local model manager, protect with scope `demoscope1`): ``` $app['security.firewalls'] = [ 'api_resource' => [ 'pattern' => '^/api/resource', 'oauth2_resource' => [ 'resource_type' => 'model', 'scope' => ['demoscope1'], ], ], ]; ``` If authorization server is hosting somewhere else, you can protect your local resource endpoint by query remote authorization server debug endpoint: ``` $app['security.firewalls'] = [ 'api_resource' => [ 'pattern' => '^/api/resource', 'oauth2_resource' => [ 'resource_type' => 'debug_endpoint', 'scope' => ['demoscope1'], 'options' => [ 'debug_endpoint' => 'http://example.com/api/oauth2/debug', 'cache' => true, ], ], ], ]; ``` Demo ---- [](#demo) The demo is based on [Silex](http://silex.sensiolabs.org/) and [AuthBucketOAuth2ServiceProvider](https://github.com/authbucket/oauth2-php/blob/master/src/Silex/Provider/AuthBucketOAuth2ServiceProvider.php). Read though [Demo](http://oauth2-php.authbucket.com/demo) for more information. You may also run the demo locally. Open a console and execute the following command to install the latest version in the `oauth2-php` directory: ``` $ composer create-project authbucket/oauth2-php authbucket/oauth2-php "~5.0" ``` Then use the PHP built-in web server to run the demo application: ``` $ cd authbucket/oauth2-php $ ./bin/console server:run ``` If you get the error `There are no commands defined in the "server" namespace.`, then you are probably using PHP 5.3. That's ok! But the built-in web server is only available for PHP 5.4.0 or higher. If you have an older version of PHP or if you prefer a traditional web server such as Apache or Nginx, read the [Configuring a web server](http://silex.sensiolabs.org/doc/web_servers.html) article. Open your browser and access the URL to see the Welcome page of demo application. Also access [http://127.0.0.1:8000/admin/refresh\_database](http://127.0.0.1:8000/admin/refresh_database) to initialize the bundled SQLite database with user account `admin`:`secrete`. Documentation ------------- [](#documentation) OAuth2's documentation is built with [Sami](https://github.com/fabpot/Sami) and publicly hosted on [GitHub Pages](http://authbucket.github.io/oauth2-php). To built the documents locally, execute the following command: ``` $ sami.php update .sami.php ``` Open `build/sami/index.html` with your browser for the documents. Tests ----- [](#tests) This project is coverage with [PHPUnit](http://phpunit.de/) test cases; CI result can be found from [Travis CI](https://travis-ci.org/authbucket/oauth2-php); code coverage report can be found from [Coveralls](https://coveralls.io/r/authbucket/oauth2-php). To run the test suite locally, execute the following command: ``` $ phpunit -c phpunit.xml.dist ``` Open `build/logs/html` with your browser for the coverage report. References ---------- [](#references) - [RFC6749](http://tools.ietf.org/html/rfc6749) - [Demo](http://oauth2-php.authbucket.com/demo) - [API](http://authbucket.github.io/oauth2-php/) - [GitHub](https://github.com/authbucket/oauth2-php) - [Packagist](https://packagist.org/packages/authbucket/oauth2-php) - [Travis CI](https://travis-ci.org/authbucket/oauth2-php) - [Coveralls](https://coveralls.io/r/authbucket/oauth2-php) License ------- [](#license) - Code released under [MIT](https://github.com/authbucket/oauth2-php/blob/master/LICENSE) - Docs released under [CC BY 4.0](http://creativecommons.org/licenses/by/4.0/) ### Health Score 39 — LowBetter than 86% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity30 Limited adoption so far Community17 Small or concentrated contributor base Maturity75 Established project with proven stability Bus Factor1 Top contributor holds 99.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~13 days Recently: every ~4 days Total 109 Last Release 3249d ago Major Versions 3.1.5 → 4.1.62017-05-16 3.2.0 → 4.2.02017-05-31 3.2.1 → 4.2.22017-06-02 3.2.2 → 5.0.0-alpha12017-06-03 4.x-dev → 5.0.0-alpha22017-06-20 PHP version history (3 changes)1.0.0-alpha1PHP >=5.3.3 2.0.0PHP >=5.3.9 3.0.0PHP >=5.5.9 ### Community Maintainers ![](https://www.gravatar.com/avatar/8dc67be71c6d9a9242bfe0db8d0293a7a0731c35f6f9d6ae72ab13ba90af519f?d=identicon)[hswong3i](/maintainers/hswong3i) --- Top Contributors [![hswong3i](https://avatars.githubusercontent.com/u/780562?v=4)](https://github.com/hswong3i "hswong3i (741 commits)")[![PonteIneptique](https://avatars.githubusercontent.com/u/1929830?v=4)](https://github.com/PonteIneptique "PonteIneptique (1 commits)") --- Tags psr-3oauth2silexPSR-4PSR-2PSR-1 ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/authbucket-oauth2/health.svg) ``` [![Health](https://phpackages.com/badges/authbucket-oauth2/health.svg)](https://phpackages.com/packages/authbucket-oauth2) ``` ### Alternatives [authbucket/oauth2-php The standard compliant OAuth2.0 library based on the Symfony Components 82107.6k4](/packages/authbucket-oauth2-php)[laravel/framework The Laravel Framework. 34.6k509.9M17.0k](/packages/laravel-framework)[sylius/sylius E-Commerce platform for PHP, based on Symfony framework. 8.4k5.6M651](/packages/sylius-sylius)[shopware/platform The Shopware e-commerce core 3.3k1.5M3](/packages/shopware-platform)[drupal/core Drupal is an open source content management platform powering millions of websites and applications. 19462.3M1.3k](/packages/drupal-core)[drupal/core-recommended Locked core dependencies; require this project INSTEAD OF drupal/core. 6939.5M343](/packages/drupal-core-recommended) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)