ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-29 08:20:20 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'gh-pages' of https://github.com/juliangut/oauth2-server into juliangut-gh-pages

Browse Source 
# Conflicts:
#	installation.md
This commit is contained in:
Alex Bilbie 2016-04-10 16:38:38 +01:00
commit 9a95d65cfe
6 changed files with 74 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
auth-server-auth-code.md
View File

@ -60,16 +60,18 @@ $refreshTokenRepository = new RefreshTokenRepository();
$userRepository = new UserRepository(); $userRepository = new UserRepository();
// Path to public and private keys // Path to public and private keys
$privateKeyPath = 'file://path/to/private.key'; $privateKey = 'file://path/to/private.key';
$publicKeyPath = 'file://path/to/public.key'; // Private key with passphrase if needed
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
$publicKey = 'file://path/to/public.key';
// Setup the authorization server // Setup the authorization server
$server = new \League\OAuth2\Server\Server( $server = new \League\OAuth2\Server\Server(
$clientRepository, $clientRepository,
$accessTokenRepository, $accessTokenRepository,
$scopeRepository, $scopeRepository,
$privateKeyPath, $privateKey,
$publicKeyPath $publicKey
); );
// Enable the authentication code grant on the server with a token TTL of 1 hour // Enable the authentication code grant on the server with a token TTL of 1 hour

10
auth-server-client-credentials.md
View File

@ -34,16 +34,18 @@ $accessTokenRepository = new AccessTokenRepository();
$scopeRepository = new ScopeRepository(); $scopeRepository = new ScopeRepository();
// Path to public and private keys // Path to public and private keys
$privateKeyPath = 'file://path/to/private.key'; $privateKey = 'file://path/to/private.key';
$publicKeyPath = 'file://path/to/public.key'; // Private key with passphrase if needed
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
$publicKey = 'file://path/to/public.key';
// Setup the authorization server // Setup the authorization server
$server = new \League\OAuth2\Server\Server( $server = new \League\OAuth2\Server\Server(
$clientRepository, $clientRepository,
$accessTokenRepository, $accessTokenRepository,
$scopeRepository, $scopeRepository,
$privateKeyPath, $privateKey,
$publicKeyPath $publicKey
); );
// Enable the client credentials grant on the server with a token TTL of 1 hour // Enable the client credentials grant on the server with a token TTL of 1 hour

10
auth-server-implicit.md
View File

@ -46,16 +46,18 @@ $accessTokenRepository = new AccessTokenRepository();
$userRepository = new UserRepository(); $userRepository = new UserRepository();
// Path to public and private keys // Path to public and private keys
$privateKeyPath = 'file://path/to/private.key'; $privateKey = 'file://path/to/private.key';
$publicKeyPath = 'file://path/to/public.key'; // Private key with passphrase if needed
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
$publicKey = 'file://path/to/public.key';
// Setup the authorization server // Setup the authorization server
$server = new \League\OAuth2\Server\Server( $server = new \League\OAuth2\Server\Server(
$clientRepository, $clientRepository,
$accessTokenRepository, $accessTokenRepository,
$scopeRepository, $scopeRepository,
$privateKeyPath, $privateKey,
$publicKeyPath $publicKey
); );
// Enable the implicit grant on the server with a token TTL of 1 hour // Enable the implicit grant on the server with a token TTL of 1 hour

10
auth-server-password.md
View File

@ -41,16 +41,18 @@ $userRepository = new UserRepository();
$refreshTokenRepository = new RefreshTokenRepository(); $refreshTokenRepository = new RefreshTokenRepository();
// Path to public and private keys // Path to public and private keys
$privateKeyPath = 'file://path/to/private.key'; $privateKey = 'file://path/to/private.key';
$publicKeyPath = 'file://path/to/public.key'; // Private key with passphrase if needed
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
$publicKey = 'file://path/to/public.key';
// Setup the authorization server // Setup the authorization server
$server = new \League\OAuth2\Server\Server( $server = new \League\OAuth2\Server\Server(
$clientRepository, $clientRepository,
$accessTokenRepository, $accessTokenRepository,
$scopeRepository, $scopeRepository,
$privateKeyPath, $privateKey,
$publicKeyPath $publicKey
); );
// Enable the password grant on the server with an access token TTL of 1 hour // Enable the password grant on the server with an access token TTL of 1 hour

10
auth-server-refresh-token.md
View File

@ -36,16 +36,18 @@ $scopeRepository = new ScopeRepository();
$refreshTokenRepository = new RefreshTokenRepository(); $refreshTokenRepository = new RefreshTokenRepository();
// Path to public and private keys // Path to public and private keys
$privateKeyPath = 'file://path/to/private.key'; $privateKey = 'file://path/to/private.key';
$publicKeyPath = 'file://path/to/public.key'; // Private key with passphrase if needed
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
$publicKey = 'file://path/to/public.key';
// Setup the authorization server // Setup the authorization server
$server = new \League\OAuth2\Server\Server( $server = new \League\OAuth2\Server\Server(
$clientRepository, $clientRepository,
$accessTokenRepository, $accessTokenRepository,
$scopeRepository, $scopeRepository,
$privateKeyPath, $privateKey,
$publicKeyPath $publicKey
); );
// Enable the refresh token grant on the server with a token TTL of 1 hour // Enable the refresh token grant on the server with a token TTL of 1 hour

18
installation.md
View File

@ -18,7 +18,7 @@ The following versions of PHP are supported:
In your project root just run: In your project root just run:
{% highlight shell %} {% highlight shell %}
$ composer require league/oauth2-server:5.0.0-RC1 composer require league/oauth2-server:5.0.0-RC1
{% endhighlight %} {% endhighlight %}
Ensure that youve set up your project to [autoload Composer-installed packages](https://getcomposer.org/doc/00-intro.md#autoloading). Ensure that youve set up your project to [autoload Composer-installed packages](https://getcomposer.org/doc/00-intro.md#autoloading).
@ -35,12 +35,26 @@ To generate the private key run this command on the terminal:
openssl genrsa -out private.key 1024 openssl genrsa -out private.key 1024
{% endhighlight %} {% endhighlight %}
If you want to provide a passphrase for your private key run this command instead:
{% highlight shell %}
openssl genrsa -passout pass:_passphrase_ -out private.key 1024
{% endhighlight %}
then extract the public key from the private key: then extract the public key from the private key:
{% highlight shell %} {% highlight shell %}
openssl rsa -in private.key -pubout > public.key openssl rsa -in private.key -pubout -out public.key
{% endhighlight %}
or use your passphrase if provided on private key generation:
{% highlight shell %}
openssl rsa -in private.key -passin pass:_passphrase_ -pubout -out public.key
{% endhighlight %} {% endhighlight %}
The private key must be kept secret (i.e. out of the web-root of the authorization server). The authorization server also requires the public key. The private key must be kept secret (i.e. out of the web-root of the authorization server). The authorization server also requires the public key.
If a passphrase has been used to generate private key it must be provided to the authorization server.
The public key should be distributed to any services (for example resource servers) that validate access tokens. The public key should be distributed to any services (for example resource servers) that validate access tokens.