PHPackages                             etcpasswd/oauth-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. etcpasswd/oauth-bundle

AbandonedArchivedSymfony-bundle[Authentication &amp; Authorization](/categories/authentication)

etcpasswd/oauth-bundle
======================

An OAuth firewall for Symfony2

3818.9k10[4 issues](https://github.com/mazen/EtcpasswdOAuthBundle/issues)[1 PRs](https://github.com/mazen/EtcpasswdOAuthBundle/pulls)PHP

Since Jan 17Pushed 14y ago2 watchersCompare

[ Source](https://github.com/mazen/EtcpasswdOAuthBundle)[ Packagist](https://packagist.org/packages/etcpasswd/oauth-bundle)[ RSS](/packages/etcpasswd-oauth-bundle/feed)WikiDiscussions master Synced 3d ago

READMEChangelogDependenciesVersions (1)Used By (0)

EtcpasswdOAuthBundle
====================

[](#etcpasswdoauthbundle)

This bundle is is still under development, things might change!

Installation
============

[](#installation)

using svn:

```
$ git clone https://github.com/mazen/EtcpasswdOAuthBundle.git vendor/bundles/Etcpasswd/OAuthBundle
$ git clone https://github.com/kriswallsmith/Buzz.git vendor/buzz

```

register the namespaces in your autoloader:

```
# app/autoload.php
$loader->registerNamespaces(array(
    'Etcpasswd'        => __DIR__.'/../vendor/bundles',
    'Buzz'             => __DIR__.'/../vendor/buzz/lib',
    // .. your other namespaces
));

```

register the bundle within your Application's Kernel:

```
# app/AppKernel.php
$bundles = array(
    new Etcpasswd\OAuthBundle\EtcpasswdOAuthBundle(),
    // .. other bundles
);

```

Configure your security firewall:

```
# app/config/security.yml

firewalls:
    oauth:
      anonymous: true
      logout: true
      pattern: ^/
      oauth:
        auth_provider: api provider
        client_id:     client id
        client_secret: secret
        uid:           email
        scope:         requested scope
        login_path:    /login
        check_path:    /auth
        failure_path:  /

factories:
  - "%kernel.root_dir%/../vendor/bundles/Etcpasswd/OAuthBundle/Resources/config/security_factories.xml"

```

Please not that you do not need to build any controllers for either the login\_path or the check\_path. They are only used internally to identify when a login needs to happen.

Also note that you still have to provide a user provider. This bundle only authenticates the user based on an OAuth service but does not create any User object itself.

Specifying multiple OAuth2 Providers
====================================

[](#specifying-multiple-oauth2-providers)

This package also allows to use different providers at once for signing in. All you have to do is to add those providers to the security.yml

Example:

```
firewalls:
    main:
      anonymous: true
      logout: true
      pattern: ^/

      oauth_github:
        auth_provider: "github"
        client_id: xxx
        client_secret: xxx
        scope: repo,user
        login_path: /login/github
        check_path: /auth/github
        failure_path:  /

      oauth_facebook:
        auth_provider: "facebook"
        client_id:     xxx
        client_secret: xxx
        scope:         ""
        login_path:    /login/facebook
        check_path:    /auth/facebook
        failure_path:  /

      oauth_google:
        auth_provider: "google"
        client_id:     xxx
        client_secret: xxx
        scope:         "https://www.googleapis.com/auth/plus.me"
        login_path:    /login/google
        check_path:    /auth/google
        failure_path:  /

```

Calling either /login/github, /login/facebook or /login/google will then use the correct oauth provider.

Builtin OAuth Providers
=======================

[](#builtin-oauth-providers)

This bundle ships with the following builtin providers:

- Github
- Facebook
- Google

Notes on Google: you need to at least provide the scope `https://www.googleapis.com/auth/plus.me`in order to get a username

Authorizing users
=================

[](#authorizing-users)

This bundle does not ship with any way of authorization of users and / or persitant state. You should have a look at the  for that. If you want to use those users anyways, without ever wanting to persist them into a database, you can though add the provider shipped with this bundle to your security configuration. This will allow you to access the accessToken via the Security Context service to query other API services from the given provider.

Example security.yml:

```
security:
  firewalls:
    main:
      anonymous: true
      logout: true
      pattern: ^/

      oauth_github:
        auth_provider: "github"
        client_id:     xxx
        client_secret: xxx
        scope: repo,user
        login_path: /login/github
        check_path: /auth/github
        failure_path:  /

  role_hierarchy:
    ROLE_ADMIN: [ROLE_USER]

  providers:
    main:
      id: etcpasswd_oauth.user.provider

  access_control: ~ 

  factories:
    - "%kernel.root_dir%/../vendor/bundles/Etcpasswd/OAuthBundle/Resources/config/security_factories.xml"

```

###  Health Score

29

—

LowBetter than 59% of packages

Maintenance18

Infrequent updates — may be unmaintained

Popularity33

Limited adoption so far

Community16

Small or concentrated contributor base

Maturity41

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 57.1% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://www.gravatar.com/avatar/dc1d98911b04c9995aa65cda6132c63f8d29541ec1961c73d42d5369228615ea?d=identicon)[mazen](/maintainers/mazen)

---

Top Contributors

[![mazen](https://avatars.githubusercontent.com/u/118904?v=4)](https://github.com/mazen "mazen (12 commits)")[![gimler](https://avatars.githubusercontent.com/u/200904?v=4)](https://github.com/gimler "gimler (7 commits)")[![justinpfister](https://avatars.githubusercontent.com/u/49603?v=4)](https://github.com/justinpfister "justinpfister (1 commits)")[![stloyd](https://avatars.githubusercontent.com/u/67402?v=4)](https://github.com/stloyd "stloyd (1 commits)")

### Embed Badge

![Health badge](/badges/etcpasswd-oauth-bundle/health.svg)

```
[![Health](https://phpackages.com/badges/etcpasswd-oauth-bundle/health.svg)](https://phpackages.com/packages/etcpasswd-oauth-bundle)
```

###  Alternatives

[namshi/jose

JSON Object Signing and Encryption library for PHP.

1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client

OAuth 1.0 Client Library

99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle

Implements a refresh token system over Json Web Tokens in Symfony

70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google

Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client

41721.2M118](/packages/league-oauth2-google)[illuminate/auth

The Illuminate Auth package.

9327.3M1.0k](/packages/illuminate-auth)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)