PHPackages                             ybelenko/oauth2\_email\_grant - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Mail &amp; Notifications](/categories/mail)
4. /
5. ybelenko/oauth2\_email\_grant

ActiveLibrary[Mail &amp; Notifications](/categories/mail)

ybelenko/oauth2\_email\_grant
=============================

Custom OAuth2 Email Grant compliant with league/oauth2-server package.

1.0.0(3y ago)02MITPHPPHP ^8.0

Since Nov 22Pushed 3y ago1 watchersCompare

[ Source](https://github.com/ybelenko/oauth2_email_grant)[ Packagist](https://packagist.org/packages/ybelenko/oauth2_email_grant)[ RSS](/packages/ybelenko-oauth2-email-grant/feed)WikiDiscussions main Synced 1mo ago

READMEChangelogDependencies (4)Versions (3)Used By (0)

OAuth 2.0 Email Grant(Custom)
=============================

[](#oauth-20-email-grantcustom)

[![Tests](https://github.com/ybelenko/oauth2_email_grant/actions/workflows/main.yml/badge.svg)](https://github.com/ybelenko/oauth2_email_grant/actions/workflows/main.yml)[![Coverage Status](https://camo.githubusercontent.com/969c85979d611df9e99701141cf602fb5ecd86cffb693bd0ee54653b94ec67bc/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f6769746875622f7962656c656e6b6f2f6f61757468325f656d61696c5f6772616e742f62616467652e7376673f6272616e63683d6d61696e)](https://coveralls.io/github/ybelenko/oauth2_email_grant?branch=main)

Requirements
------------

[](#requirements)

- PHP 8.x

Important Notice
----------------

[](#important-notice)

> If you decide to extend some of the classes make sure you **DON'T expose access token** somewhere. Check that you DON'T `echo/print/var_dump` access token or instance of it.

Installation via [Composer](https://getcomposer.org/doc/00-intro.md#installation-linux-unix-macos)
--------------------------------------------------------------------------------------------------

[](#installation-via-composer)

Run in command line:

```
composer require ybelenko/oauth2_email_grant
```

Basic Usage
-----------

[](#basic-usage)

Assuming you already have [PHP League OAuth 2.0 Server](https://oauth2.thephpleague.com) installed and configured.

```
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\UserEntityInterface;
use Ybelenko\OAuth2\Server\Grant\CustomEmailGrant;

// if you want to use class method instead of anonymous functions
// do $onAccessToken = \Closure::fromCallable([$this, 'onAccessToken'])
// or when method is static $onAccessToken = \Closure::fromCallable([UserClass::class, 'onAccessToken'])

$grant = new CustomEmailGrant(
    $userRepository, // repository used in your oauth2 server implementation
    static function (
        string $email,
        AccessTokenEntityInterface $accessToken,
        ClientEntityInterface $client,
        UserEntityInterface $user,
        array $scopes
    ) {
        // send access token to user via email
        // or do something else
    },
    static function (string $email) {
        // validate email the way you want
        // throw an exception or return true|false
        // everything beside true return will stop token creation
    }
);

// all other repos should be added from auth server automatically
// right after you call
$server->enableGrantType($grant, new \DateInterval('PT1H'));
```

then in your `UserRepositoryInterface` implementation handle new custom grant:

```
/**
 * {@inheritdoc}
 */
public function getUserEntityByUserCredentials(
    $username,
    $password,
    $grantType,
    ClientEntityInterface $clientEntity
) {
    if ($grantType === 'custom_email') {
        // password is empty string now
        // just for readability
        $email = $username;
        // if user with provided email exists return new entity
        // otherwise return null
        // don't need to check password since we send token
        // to provided email, works like common account recover flow
        $user = new FakeUserEntity();
        $user->setIdentifier($email);
        return $user;
    }

    // handle other grants also check password from now

    return null;
}
```

To use new grant user can send POST with a small change(`grant_type` changed to `custom_email`, new field `email`):

```
{
    "grant_type": "custom_email",
    "client_id": "client",
    "client_secret": "secret",
    "email": "johndoe@example.dev",
    "scope": "foo baz bar"
}
```

it's also possible to send `client_id` and `client_secret` as `"Authorization: Basic {base64_encode($clientId . ':' . $clientSecret)}"` HTTP header.

Instead of usual access token response user receives payload like:

```
{
    "message": "Mail with recover link has been sent to provided address",
    "expires_in": 3600
}
```

Author
------

[](#author)

[Yuriy Belenko](https://github.com/ybelenko)

###  Health Score

22

—

LowBetter than 22% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity2

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity52

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

1265d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/bc88fb16ce6ab53268f3ea38dec05691aa20360ab4dc91f3ddab815e7625545a?d=identicon)[ybelenko](/maintainers/ybelenko)

---

Top Contributors

[![ybelenko](https://avatars.githubusercontent.com/u/5541023?v=4)](https://github.com/ybelenko "ybelenko (6 commits)")

---

Tags

emailoauth2grant

###  Code Quality

TestsPHPUnit

Code StylePHP CS Fixer

### Embed Badge

![Health badge](/badges/ybelenko-oauth2-email-grant/health.svg)

```
[![Health](https://phpackages.com/badges/ybelenko-oauth2-email-grant/health.svg)](https://phpackages.com/packages/ybelenko-oauth2-email-grant)
```

###  Alternatives

[egulias/email-validator

A library for validating emails against several RFCs

11.6k691.3M307](/packages/egulias-email-validator)[sendgrid/sendgrid

This library allows you to quickly and easily send emails through Twilio SendGrid using PHP.

1.5k47.5M164](/packages/sendgrid-sendgrid)[pelago/emogrifier

Converts CSS styles into inline style attributes in your HTML code

94944.1M109](/packages/pelago-emogrifier)[zbateson/mail-mime-parser

MIME email message parser

53949.2M79](/packages/zbateson-mail-mime-parser)[soundasleep/html2text

A PHP script to convert HTML into a plain text format

48419.5M74](/packages/soundasleep-html2text)[opcodesio/mail-parser

Parse emails without the mailparse extension

216.8M8](/packages/opcodesio-mail-parser)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)