oauth2-server/README.md

# PHP OAuth 2.0 Server

### :warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning:
### Security Notice 

### Please upgrade to version `>=5.1.4` (backwards compatible) or `6.x` (one tiny breaking change) to fix some potential security vulnerabilities - [visit this page for more information](https://oauth2.thephpleague.com/v5-security-improvements/)
### :warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning:

[![Latest Version](http://img.shields.io/packagist/v/league/oauth2-server.svg?style=flat-square)](https://github.com/thephpleague/oauth2-server/releases)
[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](LICENSE.md)
[![Build Status](https://img.shields.io/travis/thephpleague/oauth2-server/master.svg?style=flat-square)](https://travis-ci.org/thephpleague/oauth2-server)
[![Coverage Status](https://img.shields.io/scrutinizer/coverage/g/thephpleague/oauth2-server.svg?style=flat-square)](https://scrutinizer-ci.com/g/thephpleague/oauth2-server/code-structure)
[![Quality Score](https://img.shields.io/scrutinizer/g/thephpleague/oauth2-server.svg?style=flat-square)](https://scrutinizer-ci.com/g/thephpleague/oauth2-server)
[![Total Downloads](https://img.shields.io/packagist/dt/league/oauth2-server.svg?style=flat-square)](https://packagist.org/packages/league/oauth2-server)

`league/oauth2-server` is a standards compliant implementation of an [OAuth 2.0](https://tools.ietf.org/html/rfc6749) authorization server written in PHP which makes working with OAuth 2.0 trivial. You can easily configure an OAuth 2.0 server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.

It supports out of the box the following grants:

* Authorization code grant
* Implicit grant
* Client credentials grant
* Resource owner password credentials grant
* Refresh grant

The following RFCs are implemented:

* [RFC6749 "OAuth 2.0"](https://tools.ietf.org/html/rfc6749)
* [RFC6750 " The OAuth 2.0 Authorization Framework: Bearer Token Usage"](https://tools.ietf.org/html/rfc6750)
* [RFC7519 "JSON Web Token (JWT)"](https://tools.ietf.org/html/rfc7519)
* [RFC7636 "Proof Key for Code Exchange by OAuth Public Clients"](https://tools.ietf.org/html/rfc7636)

This library was created by Alex Bilbie. Find him on Twitter at [@alexbilbie](https://twitter.com/alexbilbie).

## Requirements

The following versions of PHP are supported:

* PHP 5.6
* PHP 7.0
* PHP 7.1

The `openssl` extension is also required.

## Documentation

The library documentation can be found at [https://oauth2.thephpleague.com](https://oauth2.thephpleague.com). 
You can contribute to the documentation in the [gh-pages branch](https://github.com/thephpleague/oauth2-server/tree/gh-pages/).

## Changelog

[See the project releases page](https://github.com/thephpleague/oauth2-server/releases)

## Contributing

Please see [CONTRIBUTING.md](https://github.com/thephpleague/oauth2-server/blob/master/CONTRIBUTING.md) and [CONDUCT.md](https://github.com/thephpleague/oauth2-server/blob/master/CONDUCT.md) for details.

## Support

Bugs and feature request are tracked on [GitHub](https://github.com/thephpleague/oauth2-server/issues).

If you have any questions about OAuth _please_ open a ticket here; please **don't** email the address below.

## Commercial Support

If you would like help implementing this library into your existing platform, or would be interested in OAuth advice or training for you and your team please get in touch with [Glynde Labs](https://glyndelabs.com).

## Security

If you discover any security related issues, please email `hello@alexbilbie.com` instead of using the issue tracker.

## License

This package is released under the MIT License. See the bundled [LICENSE](https://github.com/thephpleague/oauth2-server/blob/master/LICENSE) file for details.

## Credits

This code is principally developed and maintained by [Alex Bilbie](https://twitter.com/alexbilbie).

Special thanks to [all of these awesome contributors](https://github.com/thephpleague/oauth2-server/contributors).

Additional thanks go to the [Mozilla Secure Open Source Fund](https://wiki.mozilla.org/MOSS/Secure_Open_Source) for funding a security audit of this library.

The initial code was developed as part of the [Linkey](http://linkey.blogs.lincoln.ac.uk) project which was funded by [JISC](http://jisc.ac.uk) under the Access and Identity Management programme.
Updated README 2016-04-10 21:01:05 +05:30			`# PHP OAuth 2.0 Server`
README updates 2013-12-06 03:02:29 +05:30
Added security notice 2017-07-01 23:03:03 +05:30			`### :warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning:`
			`### Security Notice`

Added link to security release information page 2017-07-02 23:14:55 +05:30			### Please upgrade to version `>=5.1.4` (backwards compatible) or `6.x` (one tiny breaking change) to fix some potential security vulnerabilities - [visit this page for more information](https://oauth2.thephpleague.com/v5-security-improvements/)
Added security notice 2017-07-01 23:03:03 +05:30			`### :warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning:`

Updated README 2014-10-01 03:42:43 +05:30			`[![Latest Version](http://img.shields.io/packagist/v/league/oauth2-server.svg?style=flat-square)](https://github.com/thephpleague/oauth2-server/releases)`
Update README.md 2014-10-03 19:12:01 +05:30			`[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](LICENSE.md)`
Updated README 2014-10-01 03:42:43 +05:30			`[![Build Status](https://img.shields.io/travis/thephpleague/oauth2-server/master.svg?style=flat-square)](https://travis-ci.org/thephpleague/oauth2-server)`
			`[![Coverage Status](https://img.shields.io/scrutinizer/coverage/g/thephpleague/oauth2-server.svg?style=flat-square)](https://scrutinizer-ci.com/g/thephpleague/oauth2-server/code-structure)`
			`[![Quality Score](https://img.shields.io/scrutinizer/g/thephpleague/oauth2-server.svg?style=flat-square)](https://scrutinizer-ci.com/g/thephpleague/oauth2-server)`
Updated README 2016-02-22 16:34:03 +05:30			`[![Total Downloads](https://img.shields.io/packagist/dt/league/oauth2-server.svg?style=flat-square)](https://packagist.org/packages/league/oauth2-server)`
README updates 2013-12-06 03:02:29 +05:30
Fix typo in the first README sentence 2016-12-23 04:00:54 +05:30			`league/oauth2-server` is a standards compliant implementation of an [OAuth 2.0](https://tools.ietf.org/html/rfc6749) authorization server written in PHP which makes working with OAuth 2.0 trivial. You can easily configure an OAuth 2.0 server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.
Updated README.md with an introduction to the project 2012-06-05 01:46:27 +05:30
Updated README 2014-10-01 03:42:43 +05:30			`It supports out of the box the following grants:`
Updated README.md with an introduction to the project 2012-06-05 01:46:27 +05:30
Updated README 2014-10-01 03:42:43 +05:30			`* Authorization code grant`
Updated README 2016-02-22 16:34:03 +05:30			`* Implicit grant`
Updated README 2014-10-01 03:42:43 +05:30			`* Client credentials grant`
			`* Resource owner password credentials grant`
			`* Refresh grant`
Updated README 2012-08-27 20:13:17 +05:30
Added a list of supported RFCs 2016-05-06 19:53:25 +05:30			`The following RFCs are implemented:`

			`* [RFC6749 "OAuth 2.0"](https://tools.ietf.org/html/rfc6749)`
			`* [RFC6750 " The OAuth 2.0 Authorization Framework: Bearer Token Usage"](https://tools.ietf.org/html/rfc6750)`
			`* [RFC7519 "JSON Web Token (JWT)"](https://tools.ietf.org/html/rfc7519)`
			`* [RFC7636 "Proof Key for Code Exchange by OAuth Public Clients"](https://tools.ietf.org/html/rfc7636)`

Updated README 2016-04-10 21:01:05 +05:30			`This library was created by Alex Bilbie. Find him on Twitter at [@alexbilbie](https://twitter.com/alexbilbie).`
Updated README 2012-08-27 20:13:17 +05:30
Updated README 2014-10-01 03:42:43 +05:30			`## Requirements`
Update README.md 2013-12-19 18:03:39 +05:30
Updated README 2014-10-01 03:42:43 +05:30			`The following versions of PHP are supported:`
Update README.md 2013-12-19 18:03:39 +05:30
Updated README 2014-10-01 03:42:43 +05:30			`* PHP 5.6`
Updated README 2016-01-13 06:16:08 +05:30			`* PHP 7.0`
Mentioned PHP 7.1 support 2017-02-02 22:59:06 +05:30			`* PHP 7.1`
Update README.md 2013-12-19 18:03:39 +05:30
openssl extension requirement added 2016-04-10 20:58:54 +05:30			The `openssl` extension is also required.
Updated README 2012-08-27 20:13:17 +05:30
Updated README 2014-10-01 03:42:43 +05:30			`## Documentation`
Updated README 2012-08-27 20:13:17 +05:30
Updated links 2016-04-10 21:01:55 +05:30			`The library documentation can be found at [https://oauth2.thephpleague.com](https://oauth2.thephpleague.com).`
			`You can contribute to the documentation in the [gh-pages branch](https://github.com/thephpleague/oauth2-server/tree/gh-pages/).`
Added tutorial links 2013-02-22 19:01:05 +05:30
Merge branch 'refs/heads/master' into develop Conflicts: .travis.yml README.md 2013-09-26 15:48:10 +05:30			`## Changelog`
Updated README 2012-08-27 20:13:17 +05:30
Renamed Github user 2014-10-01 04:46:26 +05:30			`[See the project releases page](https://github.com/thephpleague/oauth2-server/releases)`
Updated README 2012-08-27 20:13:17 +05:30
Merge branch 'refs/heads/master' into develop Conflicts: .travis.yml README.md 2013-09-26 15:48:10 +05:30			`## Contributing`
Updated README 2012-08-27 20:13:17 +05:30
Updated README 2016-01-13 06:16:08 +05:30			`Please see [CONTRIBUTING.md](https://github.com/thephpleague/oauth2-server/blob/master/CONTRIBUTING.md) and [CONDUCT.md](https://github.com/thephpleague/oauth2-server/blob/master/CONDUCT.md) for details.`
Added contributors 2013-07-24 22:44:48 +05:30
Merge branch 'refs/heads/master' into develop Conflicts: .travis.yml README.md 2013-09-26 15:48:10 +05:30			`## Support`
Added contributors 2013-07-24 22:44:48 +05:30
Updated README 2016-02-22 16:34:03 +05:30			`Bugs and feature request are tracked on [GitHub](https://github.com/thephpleague/oauth2-server/issues).`

			`If you have any questions about OAuth _please_ open a ticket here; please don't email the address below.`
Added contributors 2013-07-24 22:44:48 +05:30
Added commercial support section to README 2016-05-04 13:47:38 +05:30			`## Commercial Support`

Updated commercial support statement 2016-05-10 17:53:56 +05:30			`If you would like help implementing this library into your existing platform, or would be interested in OAuth advice or training for you and your team please get in touch with [Glynde Labs](https://glyndelabs.com).`
Added commercial support section to README 2016-05-04 13:47:38 +05:30
Added security section 2015-02-05 21:44:59 +05:30			`## Security`

Updated README 2016-04-17 18:02:20 +05:30			If you discover any security related issues, please email `hello@alexbilbie.com` instead of using the issue tracker.
Added security section 2015-02-05 21:44:59 +05:30
Merge branch 'refs/heads/master' into develop Conflicts: .travis.yml README.md 2013-09-26 15:48:10 +05:30			`## License`
Added contributors 2013-07-24 22:44:48 +05:30
Renamed Github user 2014-10-01 04:46:26 +05:30			`This package is released under the MIT License. See the bundled [LICENSE](https://github.com/thephpleague/oauth2-server/blob/master/LICENSE) file for details.`
Added contributors 2013-07-24 22:44:48 +05:30
Merge branch 'refs/heads/master' into develop Conflicts: .travis.yml README.md 2013-09-26 15:48:10 +05:30			`## Credits`
Added contributors 2013-07-24 22:44:48 +05:30
Merge branch 'refs/heads/master' into develop Conflicts: .travis.yml README.md 2013-09-26 15:48:10 +05:30			`This code is principally developed and maintained by [Alex Bilbie](https://twitter.com/alexbilbie).`
Update README.md 2012-09-07 16:29:41 +05:30
Updated changelog and readme 2017-07-01 21:47:55 +05:30			`Special thanks to [all of these awesome contributors](https://github.com/thephpleague/oauth2-server/contributors).`

			`Additional thanks go to the [Mozilla Secure Open Source Fund](https://wiki.mozilla.org/MOSS/Secure_Open_Source) for funding a security audit of this library.`
Add a Bitdeli badge to README 2013-12-06 02:50:48 +05:30
Update README.md 2014-08-06 22:46:16 +05:30			`The initial code was developed as part of the [Linkey](http://linkey.blogs.lincoln.ac.uk) project which was funded by [JISC](http://jisc.ac.uk) under the Access and Identity Management programme.`