PHPackages kr-digital/oauth2-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. kr-digital/oauth2-bundle ActiveSymfony-bundle[Authentication & Authorization](/categories/authentication) kr-digital/oauth2-bundle ======================== Symfony bundle which provides OAuth 2.0 authorization/resource server capabilities. This is a fork created for testing purposes and it will be used until the source bundle will support thephpleague/oauth2-server v8.0. v2.0.1(6y ago)011MITPHPPHP >=7.2CI failing Since Nov 28Pushed 6y ago1 watchersCompare [ Source](https://github.com/kr-digital/symfony-oauth2-bundle)[ Packagist](https://packagist.org/packages/kr-digital/oauth2-bundle)[ Docs](http://www.trikoder.net/)[ RSS](/packages/kr-digital-oauth2-bundle/feed)WikiDiscussions master Synced 5d ago READMEChangelogDependencies (14)Versions (8)Used By (0) Trikoder OAuth 2 Bundle ======================= [](#trikoder-oauth-2-bundle) [![Build Status](https://camo.githubusercontent.com/c6f72f21842d8fd94b6047a574dc7f6ae18ea543c87d42ab074fee3d3b392e95/68747470733a2f2f7472617669732d63692e6f72672f7472696b6f6465722f6f61757468322d62756e646c652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/trikoder/oauth2-bundle)[![Latest Stable Version](https://camo.githubusercontent.com/bde7001ecb763638f3c3a6ed313a551be1657fa228fcd98cb3e4e3e18e0f9347/68747470733a2f2f706f7365722e707567782e6f72672f7472696b6f6465722f6f61757468322d62756e646c652f762f737461626c65)](https://packagist.org/packages/trikoder/oauth2-bundle)[![License](https://camo.githubusercontent.com/202c0228edda7139ad1f707bf4d67ea4816d6b77c6f6b72acd485974099fcd4b/68747470733a2f2f706f7365722e707567782e6f72672f7472696b6f6465722f6f61757468322d62756e646c652f6c6963656e7365)](https://packagist.org/packages/trikoder/oauth2-bundle)[![Code coverage](https://camo.githubusercontent.com/5bf0aaea70ec20412806e28c9b8f73b9fe4619c7fc01d790e1ada526cffbf286/68747470733a2f2f636f6465636f762e696f2f67682f7472696b6f6465722f6f61757468322d62756e646c652f6272616e63682f6d61737465722f67726170682f62616467652e737667)](https://codecov.io/gh/trikoder/oauth2-bundle) Symfony bundle which provides OAuth 2.0 authorization/resource server capabilities. The authorization and resource server actors are implemented using the [thephpleague/oauth2-server](https://github.com/thephpleague/oauth2-server) library. Important notes --------------- [](#important-notes) This bundle provides the "glue" between [thephpleague/oauth2-server](https://github.com/thephpleague/oauth2-server) library and Symfony. It implements [thephpleague/oauth2-server](https://github.com/thephpleague/oauth2-server) library in a way specified by its official documentation. For implementation into Symfony project, please see [bundle documentation](docs/basic-setup.md) and official [Symfony security documentation](https://symfony.com/doc/current/security.html). Status ------ [](#status) This package is currently in the active development. Features -------- [](#features) - API endpoint for client authorization and token issuing - Configurable client and token persistance (includes [Doctrine](https://www.doctrine-project.org/) support) - Integration with Symfony's [Security](https://symfony.com/doc/current/security.html) layer Requirements ------------ [](#requirements) - [PHP 7.2](http://php.net/releases/7_2_0.php) or greater - [Symfony 4.2](https://symfony.com/roadmap/4.2) or [Symfony 3.4](https://symfony.com/roadmap/3.4) - [league/oauth2-server (version 8.x)](https://packagist.org/packages/league/oauth2-server) Installation ------------ [](#installation) 1. Require the bundle and a PSR 7/17 implementation with Composer: ``` composer require trikoder/oauth2-bundle nyholm/psr7 ``` If your project is managed using [Symfony Flex](https://github.com/symfony/flex), the rest of the steps are not required. Just follow the post-installation instructions instead! 🎉 > **NOTE:** This bundle requires a PSR 7/17 implementation to operate. We recommend that you use [nyholm/psr7](https://github.com/Nyholm/psr7). Check out this [document](docs/psr-implementation-switching.md) if you wish to use a different implementation. 2. Create the bundle configuration file under `config/packages/trikoder_oauth2.yaml`. Here is a reference configuration file: ``` trikoder_oauth2: authorization_server: # Required # Full path to the private key file. # How to generate a private key: https://oauth2.thephpleague.com/installation/#generating-public-and-private-keys private_key: ~ # Required, Example: /var/oauth/private.key # Passphrase of the private key, if any private_key_passphrase: null # The plain string or the ascii safe string used to create a Defuse\Crypto\Key to be used as an encryption key. # How to generate an encryption key: https://oauth2.thephpleague.com/installation/#string-password encryption_key: ~ # Required # The type of value of 'encryption_key' encryption_key_type: plain # One of "plain"; "defuse" # How long the issued access token should be valid for. # The value should be a valid interval: http://php.net/manual/en/dateinterval.construct.php#refsect1-dateinterval.construct-parameters access_token_ttl: PT1H # How long the issued refresh token should be valid for. # The value should be a valid interval: http://php.net/manual/en/dateinterval.construct.php#refsect1-dateinterval.construct-parameters refresh_token_ttl: P1M # How long the issued auth code should be valid for. # The value should be a valid interval: http://php.net/manual/en/dateinterval.construct.php#refsect1-dateinterval.construct-parameters auth_code_ttl: PT10M # Whether to enable the client credentials grant enable_client_credentials_grant: true # Whether to enable the password grant enable_password_grant: true # Whether to enable the refresh token grant enable_refresh_token_grant: true # Whether to enable the authorization code grant enable_auth_code_grant: true # Whether to enable the implicit grant enable_implicit_grant: true resource_server: # Required # Full path to the public key file # How to generate a public key: https://oauth2.thephpleague.com/installation/#generating-public-and-private-keys public_key: ~ # Required, Example: /var/oauth/public.key # Scopes that you wish to utilize in your application. # This should be a simple array of strings. scopes: [] # Configures different persistence methods that can be used by the bundle for saving client and token data. # Only one persistence method can be configured at a time. persistence: # Required doctrine: # Name of the entity manager that you wish to use for managing clients and tokens. entity_manager: default in_memory: ~ # The priority of the event listener that converts an Exception to a Response exception_event_listener_priority: 10 # Set a custom prefix that replaces the default 'ROLE_OAUTH2_' role prefix role_prefix: ROLE_OAUTH2_ ``` 3. Enable the bundle in `config/bundles.php` by adding it to the array: ``` Trikoder\Bundle\OAuth2Bundle\TrikoderOAuth2Bundle::class => ['all' => true] ``` 4. Update the database so bundle entities can be persisted using Doctrine: ``` bin/console doctrine:schema:update --force ``` 5. Import the routes inside your `config/routes.yaml` file: ``` oauth2: resource: '@TrikoderOAuth2Bundle/Resources/config/routes.xml' ``` You can verify that everything is working by issuing a `POST` request to the `/token` endpoint. **❮ NOTE ❯** It is recommended to control the access to the authorization endpoint so that only logged in users can approve authorization requests. You should review your `security.yml` file. Here is a sample configuration: ``` security: access_control: - { path: ^/authorize, roles: IS_AUTHENTICATED_REMEMBERED } ``` Configuration ------------- [](#configuration) - [Basic setup](docs/basic-setup.md) - [Controlling token scopes](docs/controlling-token-scopes.md) - [Password grant handling](docs/password-grant-handling.md) Development ----------- [](#development) [Docker](https://www.docker.com/) 18.03+ and [Docker Compose](https://github.com/docker/compose) 1.13+ are required for the development environment. ### Building the environment [](#building-the-environment) Make sure your Docker images are all built and up-to-date using the following command: ``` dev/bin/docker-compose build ``` > **NOTE:** You can target a different version of PHP during development by appending the `--build-arg PHP_VERSION=` argument. After that, install all the needed packages required to develop the project: ``` dev/bin/php composer install ``` ### Testing [](#testing) You can run the test suite using the following command: ``` dev/bin/php composer test ``` ### Debugging [](#debugging) You can run the debugger using the following command: ``` dev/bin/php-debug vendor/bin/phpunit ``` Make sure your IDE is setup properly, for more information check out the [dedicated documentation](docs/debugging.md). ### Code linting [](#code-linting) This bundle enforces the PSR-2 and Symfony code standards during development using the [PHP CS Fixer](https://cs.sensiolabs.org/) utility. Before committing any code, you can run the utility so it can fix any potential rule violations for you: ``` dev/bin/php composer lint ``` Changes ------- [](#changes) All the package releases are recorded in the [CHANGELOG](CHANGELOG.md) file. Reporting issues ---------------- [](#reporting-issues) Use the [issue tracker](https://github.com/trikoder/oauth2-bundle/issues) to report any issues you might have. License ------- [](#license) See the [LICENSE](LICENSE.md) file for license rights and limitations (MIT). ### Health Score 27 — LowBetter than 49% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity5 Limited adoption so far Community17 Small or concentrated contributor base Maturity61 Established project with proven stability Bus Factor3 3 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~74 days Recently: every ~83 days Total 6 Last Release 2353d ago Major Versions v1.1.0 → v2.0.0-beta12019-06-14 ### Community Maintainers ![](https://www.gravatar.com/avatar/e77935f53e64963730327a286cac366da67f5212a83d1b1abc4eed5862d09f61?d=identicon)[alyamovsky](/maintainers/alyamovsky) ![](https://www.gravatar.com/avatar/ab266b98b8a8580eeb263c6eacca9f0d6663b95a404d9cbbf116310b6c034b47?d=identicon)[raubel-alexander](/maintainers/raubel-alexander) --- Top Contributors [![Allypost](https://avatars.githubusercontent.com/u/5151543?v=4)](https://github.com/Allypost "Allypost (64 commits)")[![HypeMC](https://avatars.githubusercontent.com/u/2445045?v=4)](https://github.com/HypeMC "HypeMC (35 commits)")[![spideyfusion](https://avatars.githubusercontent.com/u/704579?v=4)](https://github.com/spideyfusion "spideyfusion (31 commits)")[![Nyholm](https://avatars.githubusercontent.com/u/1275206?v=4)](https://github.com/Nyholm "Nyholm (29 commits)")[![X-Coder264](https://avatars.githubusercontent.com/u/12602463?v=4)](https://github.com/X-Coder264 "X-Coder264 (22 commits)")[![ajgarlag](https://avatars.githubusercontent.com/u/388184?v=4)](https://github.com/ajgarlag "ajgarlag (12 commits)")[![rjwebdev](https://avatars.githubusercontent.com/u/12196579?v=4)](https://github.com/rjwebdev "rjwebdev (11 commits)")[![alyamovsky](https://avatars.githubusercontent.com/u/23259219?v=4)](https://github.com/alyamovsky "alyamovsky (5 commits)")[![gschafra](https://avatars.githubusercontent.com/u/3999582?v=4)](https://github.com/gschafra "gschafra (2 commits)")[![kdckrs](https://avatars.githubusercontent.com/u/2227271?v=4)](https://github.com/kdckrs "kdckrs (2 commits)")[![carlos-ea](https://avatars.githubusercontent.com/u/5512089?v=4)](https://github.com/carlos-ea "carlos-ea (2 commits)")[![alexsegura](https://avatars.githubusercontent.com/u/1162230?v=4)](https://github.com/alexsegura "alexsegura (1 commits)") --- Tags oauth2 ### Code Quality TestsPHPUnit Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/kr-digital-oauth2-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/kr-digital-oauth2-bundle/health.svg)](https://phpackages.com/packages/kr-digital-oauth2-bundle) ``` ### Alternatives [prestashop/prestashop PrestaShop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers. 9.0k15.4k](/packages/prestashop-prestashop)[league/oauth2-server-bundle Symfony bundle . 2344.7M6](/packages/league-oauth2-server-bundle)[ec-cube/ec-cube EC-CUBE EC open platform. 78527.0k1](/packages/ec-cube-ec-cube)[trikoder/oauth2-bundle Symfony bundle which provides OAuth 2.0 authorization/resource server capabilities. 2521.8M](/packages/trikoder-oauth2-bundle)[klapaudius/oauth-server-bundle Symfony(5.x to 8.x) OAuth Server Bundle 15547.3k2](/packages/klapaudius-oauth-server-bundle)[simplesamlphp/simplesamlphp-module-oidc A SimpleSAMLphp module adding support for the OpenID Connect protocol 5016.9k1](/packages/simplesamlphp-simplesamlphp-module-oidc) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)