PHPackages                             zestic/graphql-auth-component - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. zestic/graphql-auth-component

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

zestic/graphql-auth-component
=============================

v0.3.0(8mo ago)01.3k↓100%Apache-2.0PHPPHP ^8.3CI passing

Since Dec 27Pushed 8mo ago1 watchersCompare

[ Source](https://github.com/zestic/graphql-auth-component)[ Packagist](https://packagist.org/packages/zestic/graphql-auth-component)[ RSS](/packages/zestic-graphql-auth-component/feed)WikiDiscussions main Synced 1mo ago

READMEChangelog (4)Dependencies (17)Versions (6)Used By (0)

Auth Component
==============

[](#auth-component)

[![Test](https://github.com/zestic/graphql-auth-component/actions/workflows/test.yml/badge.svg)](https://github.com/zestic/graphql-auth-component/actions/workflows/test.yml)[![Lint](https://github.com/zestic/graphql-auth-component/actions/workflows/lint.yml/badge.svg)](https://github.com/zestic/graphql-auth-component/actions/workflows/lint.yml)[![codecov](https://camo.githubusercontent.com/55461c19e8c4696a76db9044321c43f50b4ead53cb2c19814a986c26bfc4de37/68747470733a2f2f636f6465636f762e696f2f67682f7a65737469632f6772617068716c2d617574682d636f6d706f6e656e742f6272616e63682f6d61696e2f67726170682f62616467652e737667)](https://codecov.io/gh/zestic/graphql-auth-component)[![PHP Version](https://camo.githubusercontent.com/fa5f087ee2f855c93d11f5a5b456f44ee5a6446679989626fe67b12c6cbf7dac/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f7a65737469632f6772617068716c2d617574682d636f6d706f6e656e74)](https://packagist.org/packages/zestic/graphql-auth-component)[![License](https://camo.githubusercontent.com/c1e7075d81673d15ce685f54a3bddb285fec71fb6f93655c5248696fafd735a7/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f7a65737469632f6772617068716c2d617574682d636f6d706f6e656e74)](https://github.com/zestic/graphql-auth-component/blob/main/LICENSE)

A GraphQL authentication component with OAuth2 support, magic link authentication, and JWT tokens.

Setup
-----

[](#setup)

### Generating OAuth2 Keys

[](#generating-oauth2-keys)

Before using the authentication component, you need to generate the required OAuth2 keys:

```
composer run generate-keys
```

This script will generate:

- **JWT Private/Public Key Pair**: Used for signing and verifying JWT tokens
- **Encryption Key**: Used for encrypting authorization and refresh codes

The keys will be saved to:

- `config/jwt/private.key` - JWT private key (keep secure!)
- `config/jwt/public.key` - JWT public key
- `config/autoload/auth.local.php` - Contains only the encryption key

**Important**: The script will fail if keys already exist to prevent accidental overwriting.

### Key Generation Parameters

[](#key-generation-parameters)

The script uses configurable OpenSSL parameters for JWT key generation:

- **digestAlg**: Hash algorithm (`sha256`, `sha384`, `sha512`)

    - `sha256`: Fast, widely supported (default)
    - `sha384`: More secure, good balance
    - `sha512`: Most secure, slower
- **privateKeyBits**: Key size in bits (`2048`, `3072`, `4096`)

    - `2048`: Fast, minimum recommended (default)
    - `3072`: Good security/performance balance
    - `4096`: Maximum security, slower
- **privateKeyType**: Key algorithm (`RSA`, `DSA`, `DH`, `EC`)

    - `RSA`: Most widely supported (default)
    - `EC`: Elliptic Curve, smaller keys, good performance

### Docker Support

[](#docker-support)

For Docker environments, you can override the key paths using environment variables:

```
export JWT_PRIVATE_KEY_PATH=/app/keys/jwt/private.key
export JWT_PUBLIC_KEY_PATH=/app/keys/jwt/public.key
export AUTH_LOCAL_CONFIG_PATH=/app/config/autoload/auth.local.php
composer run generate-keys
```

### Configuration

[](#configuration)

The component uses the following default configuration structure:

```
'auth' => [
    'jwt' => [
        'privateKeyPath' => 'config/jwt/private.key',
        'publicKeyPath'  => 'config/jwt/public.key',
        'passphrase'     => null, // Set via environment if needed
        'keyGeneration' => [
            'digestAlg'       => 'sha256',     // sha256, sha384, sha512
            'privateKeyBits'  => 2048,        // 2048, 3072, 4096
            'privateKeyType'  => 'RSA',       // RSA, DSA, DH, EC
        ],
    ],
    'token' => [
        'accessTokenTtl'  => 60,    // 1 hour (in minutes)
        'loginTtl'        => 10,    // 10 minutes
        'refreshTokenTtl' => 10080, // 1 week (in minutes)
        'registrationTtl' => 1440,  // 24 hours (in minutes)
    ],
]
```

Notifications
-------------

[](#notifications)

Need to create a class that implements SendVerificationEmailInterface and configure it

###  Health Score

35

—

LowBetter than 79% of packages

Maintenance62

Regular maintenance activity

Popularity15

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity47

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~57 days

Total

5

Last Release

267d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/bd5a2c6deedf2f52379d21fa55c9f5c6d0999b0ac1ca2ca2f33293e229107bfe?d=identicon)[iampersistent](/maintainers/iampersistent)

---

Top Contributors

[![iampersistent](https://avatars.githubusercontent.com/u/16964?v=4)](https://github.com/iampersistent "iampersistent (148 commits)")

###  Code Quality

TestsPHPUnit

Static AnalysisPHPStan

Code StylePHP CS Fixer

Type Coverage Yes

### Embed Badge

![Health badge](/badges/zestic-graphql-auth-component/health.svg)

```
[![Health](https://phpackages.com/badges/zestic-graphql-auth-component/health.svg)](https://phpackages.com/packages/zestic-graphql-auth-component)
```

###  Alternatives

[shopware/platform

The Shopware e-commerce core

3.3k1.5M3](/packages/shopware-platform)[shopware/core

Shopware platform is the core for all Shopware ecommerce products.

595.2M385](/packages/shopware-core)[simplesamlphp/simplesamlphp

A PHP implementation of a SAML 2.0 service provider and identity provider.

1.1k12.4M190](/packages/simplesamlphp-simplesamlphp)[sulu/sulu

Core framework that implements the functionality of the Sulu content management system

1.3k1.3M151](/packages/sulu-sulu)[prestashop/prestashop

PrestaShop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers.

9.0k15.4k](/packages/prestashop-prestashop)[simplesamlphp/saml2

SAML2 PHP library from SimpleSAMLphp

30317.2M40](/packages/simplesamlphp-saml2)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)