PHPackages rps/oauth2 - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. rps/oauth2 ActiveLibrary[Authentication & Authorization](/categories/authentication) rps/oauth2 ========== TYPO3 Flow OAuth2 authentication package. 08PHP Since Jan 10Pushed 11y ago1 watchersCompare [ Source](https://github.com/yosokus/Kyoki.OAuth2)[ Packagist](https://packagist.org/packages/rps/oauth2)[ RSS](/packages/rps-oauth2/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) OAuth2 provider for the Flow framework ====================================== [](#oauth2-provider-for-the-flow-framework) This is a fork of the [Kyoki.OAuth2](https://github.com/farconada/Kyoki.OAuth2) package. This is a Flow package that provides a OAuth 2 provider, you could use it for example to enable access to your Flow Application APIs by third party clients (i.e. Mobile clients) without tell username/password to the app [OAuth2 Reference](http://oauth.net/2/) SetUp step by step ------------------ [](#setup-step-by-step) 1. Install the Kyoki.OAuth2 package in FlowCopy tne package inside Flow/Packages/Applications: ``` cd /var/www/Flow/Packages/Applications git clone git://github.com/farconada/Kyoki.OAuth2.git cd /var/www/Flow ./flow doctrine:update ``` 2. SetUp you Flow config file configurations/Settings.yaml``` TYPO3: Flow: security: enable: TRUE authentication: authenticationStrategy: atLeastOneToken providers: # your DefaultProvider DefaultProvider: provider: PersistedUsernamePasswordProvider entryPoint: 'WebRedirect' entryPointOptions: uri: '/login' requestPatterns: # a regexp pattern to disable the DefaultProvider in every Controller for every package named ApiController or TokenController # It could be a better regexp of your own # TokenController belongs to the Kyoki.OAuth2 package # ApiController (or any other controller) is the controller securized by an OAuth access token controllerObjectName: '(?!.*(Api|Token)Controller).*' OAuthTokenProvider: provider: Kyoki\OAuth2\Security\Authentication\Provider\AccessTokenProvider token: Kyoki\OAuth2\Security\Authentication\Token\AccessTokenHttpBasic requestPatterns: # ApiController (or any other controller) is the controller securized by an OAuth access token controllerObjectName: Acme\Demoapp\Controller\ApiController entryPoint: HttpBasic entryPointOptions: realm: 'OAuth2 Access Token Authentication' ``` 3. There are routes defined in Kyoki.OAuth2 for /authorize and /token 4. Ensure that the authenticateAction in you package redirects to requested url after successfuly loginfor example: ``` public function authenticateAction() { try { $this->authenticationManager->authenticate(); } catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Message('Wrong username or password.')); $this->redirect('login'); } if ($interceptedRequest = $this->securityContext->getInterceptedRequest()) { $this->redirect($interceptedRequest->getControllerActionName(), $interceptedRequest->getControllerName(), $interceptedRequest->getControllerPackageKey(), $interceptedRequest->getArguments()); } else { $this->redirect('index'); } } ``` 5. Create a controller and protect it with a Policy.yamlThere are 2 roles: > - **OAuth** this role is declared in the Kyoki.OAuth2 package and allows to request tokens > - **myscope (or the name that you want)** this role should match a OAuthScope identifier and need to be asigned to the user to be able to access the API resources protected by OAuth tokens: > > ``` > resources: > methods: > Acme_Demoapp_Api: 'method(Acme\Demoapp\Controller\ApiController->.*Action())' > roles: > myscope: [] > User: [OAuth,myscope] > acls: > User: > methods: > Acme_Demoapp_Api: GRANT > myscope: > methods: > Acme_Demoapp_Api: GRANT > ``` 6. Create the required domain objects: Accounts, OAuthClient and OAuthScope**OAuthClient**: is an API it could be owned by the user itself or by other user, for example the API owner. The redirectUri property in the OAuthClient defines the beginning part of the URL that must match with the URL from you are querying the API. The account associated is important also cause you are identified as this account when you request a new Token with /token action **OAuthScope**: when someone request access permission it sends a scope in the parameters, this scope must match a role name defined in Policy.yaml and defines the permissions of this scope. Notes ----- [](#notes) - There is a Acme.Demoapp package inside the directory Tests/lamp/ - You can deploy a new virtualbox with vagrant with a fully Flow installation with OAuth configured - There is an exmple OAuth client/consumer in inside the directory Tests/lamp/client ### Health Score 20 — LowBetter than 14% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community7 Small or concentrated contributor base Maturity41 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/45b7b957d40ea4f46682d329e5c335286607c9e9825912a49b32923bb90ad6b3?d=identicon)[yosokus](/maintainers/yosokus) --- Top Contributors [![farconada](https://avatars.githubusercontent.com/u/469221?v=4)](https://github.com/farconada "farconada (70 commits)") ### Embed Badge ![Health badge](/badges/rps-oauth2/health.svg) ``` [![Health](https://phpackages.com/badges/rps-oauth2/health.svg)](https://phpackages.com/packages/rps-oauth2) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)