Merge branch 'gh-pages' of https://github.com/juliangut/oauth2-server into juliangut-gh-pages

# Conflicts:
#	installation.md

auth-server-auth-code.md

@@ -60,16 +60,18 @@ $refreshTokenRepository = new RefreshTokenRepository();
 $userRepository = new UserRepository();
 
 // Path to public and private keys
-$privateKeyPath = 'file://path/to/private.key';
-$publicKeyPath = 'file://path/to/public.key';
+$privateKey = 'file://path/to/private.key';
+// Private key with passphrase if needed
+//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
+$publicKey = 'file://path/to/public.key';
 
 // Setup the authorization server
 $server = new \League\OAuth2\Server\Server(
     $clientRepository,
     $accessTokenRepository,
     $scopeRepository,
-    $privateKeyPath,
-    $publicKeyPath
+    $privateKey,
+    $publicKey
 );
 
 // Enable the authentication code grant on the server with a token TTL of 1 hour

auth-server-client-credentials.md

@@ -34,16 +34,18 @@ $accessTokenRepository = new AccessTokenRepository();
 $scopeRepository = new ScopeRepository();
 
 // Path to public and private keys
-$privateKeyPath = 'file://path/to/private.key';
-$publicKeyPath = 'file://path/to/public.key';
+$privateKey = 'file://path/to/private.key';
+// Private key with passphrase if needed
+//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
+$publicKey = 'file://path/to/public.key';
 
 // Setup the authorization server
 $server = new \League\OAuth2\Server\Server(
     $clientRepository,
     $accessTokenRepository,
     $scopeRepository,
-    $privateKeyPath,
-    $publicKeyPath
+    $privateKey,
+    $publicKey
 );
 
 // Enable the client credentials grant on the server with a token TTL of 1 hour

auth-server-implicit.md

@@ -46,16 +46,18 @@ $accessTokenRepository = new AccessTokenRepository();
 $userRepository = new UserRepository();
 
 // Path to public and private keys
-$privateKeyPath = 'file://path/to/private.key';
-$publicKeyPath = 'file://path/to/public.key';
+$privateKey = 'file://path/to/private.key';
+// Private key with passphrase if needed
+//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
+$publicKey = 'file://path/to/public.key';
 
 // Setup the authorization server
 $server = new \League\OAuth2\Server\Server(
     $clientRepository,
     $accessTokenRepository,
     $scopeRepository,
-    $privateKeyPath,
-    $publicKeyPath
+    $privateKey,
+    $publicKey
 );
 
 // Enable the implicit grant on the server with a token TTL of 1 hour

auth-server-password.md

@@ -41,16 +41,18 @@ $userRepository = new UserRepository();
 $refreshTokenRepository = new RefreshTokenRepository();
 
 // Path to public and private keys
-$privateKeyPath = 'file://path/to/private.key';
-$publicKeyPath = 'file://path/to/public.key';
+$privateKey = 'file://path/to/private.key';
+// Private key with passphrase if needed
+//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
+$publicKey = 'file://path/to/public.key';
 
 // Setup the authorization server
 $server = new \League\OAuth2\Server\Server(
     $clientRepository,
     $accessTokenRepository,
     $scopeRepository,
-    $privateKeyPath,
-    $publicKeyPath
+    $privateKey,
+    $publicKey
 );
 
 // Enable the password grant on the server with an access token TTL of 1 hour

auth-server-refresh-token.md

@@ -36,16 +36,18 @@ $scopeRepository = new ScopeRepository();
 $refreshTokenRepository = new RefreshTokenRepository();
 
 // Path to public and private keys
-$privateKeyPath = 'file://path/to/private.key';
-$publicKeyPath = 'file://path/to/public.key';
+$privateKey = 'file://path/to/private.key';
+// Private key with passphrase if needed
+//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase');
+$publicKey = 'file://path/to/public.key';
 
 // Setup the authorization server
 $server = new \League\OAuth2\Server\Server(
     $clientRepository,
     $accessTokenRepository,
     $scopeRepository,
-    $privateKeyPath,
-    $publicKeyPath
+    $privateKey,
+    $publicKey
 );
 
 // Enable the refresh token grant on the server with a token TTL of 1 hour

installation.md

@@ -18,7 +18,7 @@ The following versions of PHP are supported:
 In your project root just run:
 
 {% highlight shell %}
-$ composer require league/oauth2-server:5.0.0-RC1
+composer require league/oauth2-server:5.0.0-RC1
 {% endhighlight %}
 
 Ensure that you’ve set up your project to [autoload Composer-installed packages](https://getcomposer.org/doc/00-intro.md#autoloading).
@@ -35,12 +35,26 @@ To generate the private key run this command on the terminal:
 openssl genrsa -out private.key 1024
 {% endhighlight %}
 
+If you want to provide a passphrase for your private key run this command instead:
+
+{% highlight shell %}
+openssl genrsa -passout pass:_passphrase_ -out private.key 1024
+{% endhighlight %}
+
 then extract the public key from the private key:
 
 {% highlight shell %}
-openssl rsa -in private.key -pubout > public.key
+openssl rsa -in private.key -pubout -out public.key
+{% endhighlight %}
+
+or use your passphrase if provided on private key generation:
+
+{% highlight shell %}
+openssl rsa -in private.key -passin pass:_passphrase_ -pubout -out public.key
 {% endhighlight %}
 
 The private key must be kept secret (i.e. out of the web-root of the authorization server). The authorization server also requires the public key.
 
+If a passphrase has been used to generate private key it must be provided to the authorization server.
+
 The public key should be distributed to any services (for example resource servers) that validate access tokens.