PHPackages                             strategery/oauth2-client-middleware - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [HTTP &amp; Networking](/categories/http)
4. /
5. strategery/oauth2-client-middleware

Abandoned → [somoza/oauth2-client-middleware](/?search=somoza%2Foauth2-client-middleware)ArchivedLibrary[HTTP &amp; Networking](/categories/http)

strategery/oauth2-client-middleware
===================================

OAuth2 PSR7 middleware for league/oauth2-client

0.3.0(9y ago)2182MITPHPPHP &gt;=7.0.0

Since Feb 10Pushed 3y ago2 watchersCompare

[ Source](https://github.com/gsomoza/oauth2-middleware)[ Packagist](https://packagist.org/packages/strategery/oauth2-client-middleware)[ RSS](/packages/strategery-oauth2-client-middleware/feed)WikiDiscussions master Synced today

READMEChangelog (9)Dependencies (4)Versions (10)Used By (0)

Abandoned
=========

[](#abandoned)

```
This is to inform all users that this package has been abandoned and will no longer receive any
updates or maintenance. We highly recommend users to migrate to an alternative library package.
We apologize for any inconvenience caused.

```

OAuth2 client middleware for league/oauth2-client
-------------------------------------------------

[](#oauth2-client-middleware-for-leagueoauth2-client)

[![Build Status](https://camo.githubusercontent.com/05935ba734c638b95e2d76337d3caf750e1514e6fedbd470776f761a950a7f70/68747470733a2f2f7472617669732d63692e6f72672f67736f6d6f7a612f6f61757468322d6d6964646c65776172652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/gsomoza/oauth2-middleware)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/81ae22b3f4bba49deb002b662708d88ddbcfed52eb2132498ce3227a379689b3/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f67736f6d6f7a612f6f61757468322d6d6964646c65776172652f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/gsomoza/oauth2-middleware/?branch=master)[![Code Coverage](https://camo.githubusercontent.com/361697ed577fd86ba1ca2a5f6caa8c9ab2b935de2c134b46bf859282b4a81f46/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f67736f6d6f7a612f6f61757468322d6d6964646c65776172652f6261646765732f636f7665726167652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/gsomoza/oauth2-middleware/?branch=master)[![Latest Stable Version](https://camo.githubusercontent.com/21a2baaab2c373961566c4cc1e95dbb84d94701e716975ec8363750270f24345/68747470733a2f2f706f7365722e707567782e6f72672f736f6d6f7a612f6f61757468322d636c69656e742d6d6964646c65776172652f762f737461626c65)](https://packagist.org/packages/somoza/oauth2-client-middleware)

[![Author](https://camo.githubusercontent.com/398a40138802d1d00ffba90c35f6e0511b54267953520a2b471604f07a4c8438/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f617574686f722d2534306761627269656c5f5f736f6d6f7a612d626c75652e737667)](https://img.shields.io/badge/author-%40gabriel__somoza-blue.svg)[![License](https://camo.githubusercontent.com/322aefd9a783b94f9a1d295cee923ef0fb8084708f0faa967e8680524ab98d36/68747470733a2f2f706f7365722e707567782e6f72672f736f6d6f7a612f6f61757468322d636c69656e742d6d6964646c65776172652f6c6963656e7365)](https://packagist.org/packages/somoza/oauth2-client-middleware)

PSR7 middleware that uses league/oauth2-client to authenticate requests with an OAuth2 server.

Installation
------------

[](#installation)

```
composer require somoza/oauth2-client-middleware

```

Usage
-----

[](#usage)

The current implementation indirectly depends on Guzzle 6 because it's a direct dependency of `league/oauth2-client`.

Using Guzzle:

```
use Somoza\OAuth2Middleware\OAuth2Middleware;
use Somoza\OAuth2Middleware\TokenService\Bearer;

$stack = new \GuzzleHttp\HandlerStack();
$stack->setHandler(new CurlHandler());
$client = new \GuzzleHttp\Client(['handler' => $stack]);

// instantiate a provider, see league/oauth2-client docs
$provider = new GenericProvider(
    [
        'clientId' => 'your_client_id',
        'clientSecret' => 'your_client_secret',
        'urlAuthorize' => 'your_authorization_url',
        'urlAccessToken' => 'your_access_token_url',
        'urlResourceOwnerDetails' => 'your_resource_owner_url',
    ],
    [ 'httpClient' => $client ] // or don't pass it and let the oauth2-client create its own Guzzle client
);

// attach our oauth2 middleware
$bearerMiddleware = new OAuth2Middleware(
    new Bearer($provider), // use the Bearer token type
    [ // ignore (do not attempt to authorize) the following URLs
        $provider->getBaseAuthorizationUrl(),
        $provider->getBaseAccessTokenUrl(),
    ]
);
$stack->push($bearerMiddleware);

// if you want to debug, it might be useful to attach a PSR7 logger here
```

Caching the Access Token
------------------------

[](#caching-the-access-token)

A callback can be assigned to the middleware in order to save the access token for future use. Make sure you know about the security implications of storing an access token (do it at your own risk).

Example:

```
use Somoza\OAuth2Middleware\OAuth2Middleware;
use Somoza\OAuth2Middleware\TokenService\Bearer;
use League\OAuth2\Client\Token\AccessToken;

// see previous example for initialization
$tokenStore = new EncryptedCache(); // you can use whatever you want here
$token = null;
if ($tokenStore->contains($userId)) {
    $tokenData = json_decode($cache->fetch($userId));
    $token = new AccessToken($tokenData);
}

$bearerMiddleware = new OAuth2Middleware(
    new Bearer(
        $provider, // defined as in the "Usage" example
        $token,
        function (AccessToken $newToken, AccessToken $oldToken)
          use ($tokenStore, $userId) {
            // called whenever a new AccessToken is fetched
            $tokenStore->save($userId, $newToken->jsonSerialize());
        }
    ),
);

$stack->push($bearerMiddleware);
```

License
-------

[](#license)

MIT - see LICENSE.md

###  Health Score

28

—

LowBetter than 52% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity14

Limited adoption so far

Community14

Small or concentrated contributor base

Maturity54

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 84.8% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~62 days

Recently: every ~116 days

Total

9

Last Release

3293d ago

PHP version history (2 changes)0.2.0PHP &gt;=5.5.0

0.3.0PHP &gt;=7.0.0

### Community

Maintainers

![](https://www.gravatar.com/avatar/f00ae1c2b13428075ab880d5fec7e857f1e9446cb401dc6097ec947a81122ec5?d=identicon)[gabriel.somoza](/maintainers/gabriel.somoza)

---

Top Contributors

[![gsomoza](https://avatars.githubusercontent.com/u/106219?v=4)](https://github.com/gsomoza "gsomoza (28 commits)")[![geekdevs](https://avatars.githubusercontent.com/u/864822?v=4)](https://github.com/geekdevs "geekdevs (3 commits)")[![bhollan](https://avatars.githubusercontent.com/u/8443608?v=4)](https://github.com/bhollan "bhollan (1 commits)")[![scrutinizer-auto-fixer](https://avatars.githubusercontent.com/u/6253494?v=4)](https://github.com/scrutinizer-auto-fixer "scrutinizer-auto-fixer (1 commits)")

---

Tags

guzzlemiddlewareoauth2psr7-middleware

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/strategery-oauth2-client-middleware/health.svg)

```
[![Health](https://phpackages.com/badges/strategery-oauth2-client-middleware/health.svg)](https://phpackages.com/packages/strategery-oauth2-client-middleware)
```

###  Alternatives

[xeroapi/xero-php-oauth2

Xero official PHP SDK for oAuth2 generated with OpenAPI spec 3

1054.7M18](/packages/xeroapi-xero-php-oauth2)[tempest/framework

The PHP framework that gets out of your way.

2.2k31.1k12](/packages/tempest-framework)[civicrm/civicrm-core

Open source constituent relationship management for non-profits, NGOs and advocacy organizations.

751284.3k37](/packages/civicrm-civicrm-core)[swoole-bundle/swoole-bundle

Open/Swoole Symfony Bundle

7258.5k](/packages/swoole-bundle-swoole-bundle)[softonic/guzzle-oauth2-middleware

Guzzle middleware with OAuth2 integration

113.9M8](/packages/softonic-guzzle-oauth2-middleware)[pdffiller/pdffiller-php-api-client

PHP client for pdffiller.com REST API

14145.0k](/packages/pdffiller-pdffiller-php-api-client)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
