PHPackages punktde/oauth2-server - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. punktde/oauth2-server ActiveNeos-package punktde/oauth2-server ===================== OAuth 2.0 Server for the Neos Flow Framework 3.0.1(4y ago)53.9k9[2 PRs](https://github.com/punktDe/oauth2-server/pulls)MITPHP Since Jan 25Pushed 4y ago5 watchersCompare [ Source](https://github.com/punktDe/oauth2-server)[ Packagist](https://packagist.org/packages/punktde/oauth2-server)[ RSS](/packages/punktde-oauth2-server/feed)WikiDiscussions master Synced 5d ago READMEChangelog (8)Dependencies (3)Versions (15)Used By (0) OAuth 2.0 Server for the Flow Framework ======================================= [](#oauth-20-server-for-the-flow-framework) [![Travis Build Status](https://camo.githubusercontent.com/c98968900a73960bdbc734a0e7df66dedc2fe56d2118cf0133bc743703e3463c/68747470733a2f2f7472617669732d63692e6f72672f70756e6b7444652f6f61757468322d7365727665722e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/punktDe/oauth2-server) [![Latest Stable Version](https://camo.githubusercontent.com/16b66891bc2241394b35196bd71de72ff7aee52bcb35866c956b29b1a6bfcbbe/68747470733a2f2f706f7365722e707567782e6f72672f70756e6b7464652f6f61757468322d7365727665722f762f737461626c65)](https://packagist.org/packages/punktde/oauth2-server) [![Total Downloads](https://camo.githubusercontent.com/29774d5c31cad47022c62ce93b4878bf43347a1b004dfb614a9331b63934d0f8/68747470733a2f2f706f7365722e707567782e6f72672f70756e6b7464652f6f61757468322d7365727665722f646f776e6c6f616473)](https://packagist.org/packages/punktde/oauth2-server) This [Flow](https://flow.neos.io) package provides an OAuth 2.0 server, based on [The PHP League OAuth Server](https://oauth2.thephpleague.com/). Setup ===== [](#setup) Installation ------------ [](#installation) The installation is done with composer: ``` composer require punktde/oauth2-server ``` Run the doctrine migrations ``` ./flow doctrine:migrate ``` Optional: Define position of routes ``` Routes are per default included without any position parameter. If routes are positioned wrong adjust the position accordig to the [Flow Route documentation](https://flowframework.readthedocs.io/en/stable/TheDefinitiveGuide/PartIII/Routing.html#subroutes-from-settings) ``` Configuration ------------- [](#configuration) Enable the required grant types within your settings: ``` PunktDe: OAuth2: Server: grantTypes: client_credentials: enabled: false authorization_code: enabled: false ``` Have a look at `Settings.PunktDe.yaml` for further configuration values. Generate server keys: ``` ./flow oauthserver:generateserverkeys ``` Create client credentials: ``` ./flow oauthserver:createclientcredentials ``` Implemented Grants ================== [](#implemented-grants) There is a good listing at [thephpleague.com](https://oauth2.thephpleague.com/authorization-server/which-grant/) of all grant types of OAuth2 which should help you to find the type that fits to your application. The following OAuth 2.0 grant types are implemented: Client credentials Grant ------------------------ [](#client-credentials-grant) If you are authorizing a machine to access resources and you don’t require the permission of a user to access said resources you should implement the client credential grant. Authorization code grant ------------------------ [](#authorization-code-grant) If the client is a web application that has a server side component then you should implement the authorization code grant. The urls to use are: - Access Token URL: `/oauth/token` - Authorization URL: `/oauth/authorize` - Authorization approval URL: `oauth/approveauthorization` The Authorization code grant is currently implemented with an implicit authorization of the requesting application. ### Authenticating users during authorization process [](#authenticating-users-during-authorization-process) If `/oauth/authorize` is called without an authenticated Flow account, the user is automatically redirected to a configurable URL. After authentication, the user should be forwarded to `/oauth/approveauthorization` to approve the previously started authorization session. ### Custom authorization request approval [](#custom-authorization-request-approval) Authentication request approval can be extended to fit your projects needs. You can put your custom logic into a class implementing the `ApprovalStrategyInterface`. ### Health Score 36 — LowBetter than 82% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity27 Limited adoption so far Community17 Small or concentrated contributor base Maturity68 Established project with proven stability Bus Factor1 Top contributor holds 81.4% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~92 days Recently: every ~178 days Total 14 Last Release 1474d ago Major Versions 0.1.4 → 1.0.02019-11-28 0.1.5 → 1.0.12019-11-29 1.0.1 → 2.0.02020-05-18 2.1.0 → 3.0.02021-03-18 ### Community Maintainers ![](https://www.gravatar.com/avatar/0fad3b9ab04057e586b701aca7a8dbbf9598718114cdfd6bf85dada030f7688e?d=identicon)[punktde](/maintainers/punktde) --- Top Contributors [![daniellienert](https://avatars.githubusercontent.com/u/642226?v=4)](https://github.com/daniellienert "daniellienert (57 commits)")[![sorenmalling](https://avatars.githubusercontent.com/u/531918?v=4)](https://github.com/sorenmalling "sorenmalling (10 commits)")[![kaystrobach](https://avatars.githubusercontent.com/u/1185776?v=4)](https://github.com/kaystrobach "kaystrobach (2 commits)")[![sebastiansommer](https://avatars.githubusercontent.com/u/1651774?v=4)](https://github.com/sebastiansommer "sebastiansommer (1 commits)") --- Tags flowframeworkneoscmsoauth2 ### Embed Badge ![Health badge](/badges/punktde-oauth2-server/health.svg) ``` [![Health](https://phpackages.com/badges/punktde-oauth2-server/health.svg)](https://phpackages.com/packages/punktde-oauth2-server) ``` ### Alternatives [shopware/platform The Shopware e-commerce core 3.3k1.5M3](/packages/shopware-platform)[laravel/reverb Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. 1.5k9.4M48](/packages/laravel-reverb)[drupal/core Drupal is an open source content management platform powering millions of websites and applications. 19462.3M1.3k](/packages/drupal-core)[shopware/core Shopware platform is the core for all Shopware ecommerce products. 595.2M386](/packages/shopware-core)[egroupware/egroupware EGroupware extends a classic groupware with an integrated CRM-system, a secure file-server and Collabora Online Office. 2891.6k](/packages/egroupware-egroupware)[php-heroku-client/php-heroku-client A PHP client for the Heroku Platform API 24404.8k4](/packages/php-heroku-client-php-heroku-client) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)