Over the last few months I’ve been developing a PHP library that helps you work with OAuth 2.0 in a number of different ways:
- Develop an authentication server which can be used as part of a web “single sign on” solution.
- Secure your APIs with access tokens and scopes.
- Easily sign users in to many different OAuth 2.0 identity providers.
The code for the authentication and resource server can be found on Github here https://github.com/lncd/OAuth2.
The server library code requires PHP 5.3+, is hooked into Packagist (a bit like Ruby Gems but for PHP) and has 100% unit test code coverage. It has built in support for the following grants:
- authentication code (section 4.1)
- refresh token (section 6)
- client credentials (section 2.3.1)
- password (user credentials) (section 4.3)
The code for the client library can be found here https://github.com/lncd/OAuth2-Client – at the time of writing it isn’t quite finished, I’ll blog when it is.
Over the next few blog posts I’ll document how to use the libraries.