PHPackages                             michalkvasnicak/oauth2-server-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. michalkvasnicak/oauth2-server-bundle

ActiveSymfony-bundle[Authentication &amp; Authorization](/categories/authentication)

michalkvasnicak/oauth2-server-bundle
====================================

Symfony OAuth 2.0 server bundle

v1.0.0-alpha8(9y ago)41.6kMITPHPPHP &gt;=5.4

Since May 5Pushed 9y ago2 watchersCompare

[ Source](https://github.com/michalkvasnicak/oauth2-server-bundle)[ Packagist](https://packagist.org/packages/michalkvasnicak/oauth2-server-bundle)[ Docs](http://github.com/michalkvasnicak/oauth2-server-bundle)[ RSS](/packages/michalkvasnicak-oauth2-server-bundle/feed)WikiDiscussions develop Synced today

READMEChangelogDependencies (7)Versions (9)Used By (0)

OAuth 2.0 Server Bundle
=======================

[](#oauth-20-server-bundle)

OAuth 2.0 server bundle for Symfony 2 framework

- Develop: [![Build Status](https://camo.githubusercontent.com/b83a87e511e6f21e4197d86159ab815e1d7ef717fd6ae1541afd44e0298cdbcf/68747470733a2f2f7365637572652e7472617669732d63692e6f72672f6d696368616c6b7661736e6963616b2f6f61757468322d7365727665722d62756e646c652e706e673f6272616e63683d646576656c6f70)](http://travis-ci.org/michalkvasnicak/oauth2-server-bundle)
- Master: [![Build Status](https://camo.githubusercontent.com/94f3eb426f5dab8be3a82f8dbb20c1000acab9b0c5b0580813cd42f9ced11a87/68747470733a2f2f7365637572652e7472617669732d63692e6f72672f6d696368616c6b7661736e6963616b2f6f61757468322d7365727665722d62756e646c652e706e673f6272616e63683d6d6173746572)](http://travis-ci.org/michalkvasnicak/oauth2-server-bundle)
- [![Coverage Status](https://camo.githubusercontent.com/3a6aa3120b82053e94f9f6e758dc67b55f46cb849a46aeb63d240a956226b9f6/68747470733a2f2f696d672e736869656c64732e696f2f636f766572616c6c732f6d696368616c6b7661736e6963616b2f6f61757468322d7365727665722d62756e646c652e737667)](https://coveralls.io/r/michalkvasnicak/oauth2-server-bundle?branch=develop)
- [![Gittip](https://camo.githubusercontent.com/ae68e925bd826b24f09901df25d0d2d1b276f1cbf52f81bb6016157024a40ecb/687474703a2f2f696d672e736869656c64732e696f2f6769747469702f6d696368616c6b7661736e6963616b2e737667)](https://www.gittip.com/michalkvasnicak)
- [![Flattr this git repo](https://camo.githubusercontent.com/7e3f46a36526479d701ef7f90a0f8c3ac2fbab3087446e2a9fceed75cd1ab802/687474703a2f2f6170692e666c617474722e636f6d2f627574746f6e2f666c617474722d62616467652d6c617267652e706e67)](https://flattr.com/submit/auto?user_id=kvasnicak.michal&url=https://github.com/michalkvasnicak/oauth2-server-bundle&title=michalkvasnicak/oauth2-server-bundle&language=php&tags=github&category=software)

Requirements
------------

[](#requirements)

- PHP &gt;= 5.4
- HHVM

Installation
------------

[](#installation)

Using composer

```
{
    "require": {
        "michalkvasnicak/oauth2-server-bundle": "*"
    }
}
```

Configuration
-------------

[](#configuration)

### Basic configuration

[](#basic-configuration)

These are defaults.

```
oauth2_server:
    access_tokens:
        lifetime: 1209600 # 14 days lifetime of token (default)

    authorization_codes:
        lifetime: 60 # 60 seconds lifetime of authorization code (used only by authorization code grant type)

    refresh_tokens:
        generate: true # generate refresh tokens (default)
        lifetime: 2678400 # 31 days lifetime of token (default)

    # www_realm returned WWW-Authenticate HTTP header if you are unauthenticated
    www_realm: 'OAuth2Server'

    # accepted token used to sign requests
    classes:
        token_type: 'OAuth2\TokenType\Bearer'
```

### Tell the Security bundle to use this bundle

[](#tell-the-security-bundle-to-use-this-bundle)

```
security:
    firewalls:
        o_auth2_server_token_endpoint:
            pattern: ^/auth/v2/token
            security: false

    providers:
        o_auth2_provider:
            id: o_auth2_server.user_provider

    encoders:
        OAuth2\Storage\IUser:
            algorithm: sha512
            encode_as_base64: true
            iterations: 512
```

### Register routes

[](#register-routes)

In `routing.yml` of your application register bundle.

```
o_auth2_server:
    resource: "@OAuth2ServerBundle/Resources/config/routing.yml"
```

### Storage

[](#storage)

You can use [michalkvasnicak/OAuth2ServerMongoDBBundle bundle](https://github.com/michalkvasnicak/oauth2-server-mongodb-bundle) or create own model. If you want to create own model you have to define **user provider** and services needed for grant types you are going to use.

```
# this is needed for authentication
# service has to implement Symfony\Component\Security\Core\User\UserProviderInterface
oauth2_server:
    user_provider: 'service id'

# STORAGES
oauth2_server:
    storage:

        # this is needed for authentication and authorization of protected requests
        # also is used by all grant types
        # has to implement OAuth2\Storage\IAccessTokenStorage
        access_token: 'service id'

        # this is needed for client identification
        # also this is used in client credentials grant type
        # has to implement OAuth2\Storage\IClientStorage
        client: 'service id'

        # optional but if you are using authorization code grant type you have to set it
        # has to implement OAuth2\Storage\IAuthorizationCodeStorage
        authorization_code: 'service id'

        # optional but if you are using refresh token grant type or generating refresh tokens
        # you have to set it
        # has to implement OAuth2\Storage\IRefreshTokenStorage
        refresh_token: 'service id'
```

### Grant types

[](#grant-types)

There are pre-installed grant types already. To use them just enable them (by default they are all disabled).

```
oauth2_server:
    grant_types:
        authorization_code: false
        client_credentials: false
        implicit: true
        refresh_token: true
        resource_owner_password_credentials: true
```

### Own grant types

[](#own-grant-types)

You can use your own grant types too, just create services and tag them as `oauth2_server.grant_type`. All services has to implement `OAuth2\GrantType\IGrantType`.

```
my_custom_grant_type:
    class: My\Own\GrantType
    tags:
        - { name: o_auth2_server.grant_type }
```

TODO:
-----

[](#todo)

- Authorization endpoint

###  Health Score

27

—

LowBetter than 49% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity19

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity49

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~2 days

Total

8

Last Release

3639d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/b6524571fe5ad1db922e5a438a279a01e04fe3f727fb17070ae59e51664b7925?d=identicon)[michalkvasnicak](/maintainers/michalkvasnicak)

---

Top Contributors

[![michalkvasnicak](https://avatars.githubusercontent.com/u/174716?v=4)](https://github.com/michalkvasnicak "michalkvasnicak (46 commits)")

---

Tags

symfonysecurityAuthenticationoauthauthorization

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/michalkvasnicak-oauth2-server-bundle/health.svg)

```
[![Health](https://phpackages.com/badges/michalkvasnicak-oauth2-server-bundle/health.svg)](https://phpackages.com/packages/michalkvasnicak-oauth2-server-bundle)
```

###  Alternatives

[hwi/oauth-bundle

Support for authenticating users using both OAuth1.0a and OAuth2 in Symfony.

2.4k21.5M68](/packages/hwi-oauth-bundle)[auth0/symfony

Symfony SDK for Auth0 Authentication and Management APIs.

128738.1k](/packages/auth0-symfony)[lusitanian/oauth

PHP 7.2 oAuth 1/2 Library

1.1k23.2M119](/packages/lusitanian-oauth)[scheb/2fa

Two-factor authentication for Symfony applications (please use scheb/2fa-bundle to install)

578630.7k1](/packages/scheb-2fa)[oryzone/oauth-user-data

Extension library for Lusitanian/PHPoAuthLib to extract user profile data from various oAuth providers

4558.6k](/packages/oryzone-oauth-user-data)[and/oauth

Simple and amazing OAuth library with many providers. Just try it out!

4645.2k2](/packages/and-oauth)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)