oauth2-server/requirements.md
Andrew Millington abf6e18ee4
Update minimum PHP version
Update minimum PHP version and add PSR-7 compliance message
2018-05-25 10:39:39 +01:00

1.0 KiB
Executable File

layout title permalink
default Requirements /requirements/

Requirements

In order to prevent man-in-the-middle attacks, the authorization server MUST require the use of TLS with server authentication as defined by RFC2818 for any request sent to the authorization and token endpoints. The client MUST validate the authorization server's TLS certificate as defined by RFC6125 and in accordance with its requirements for server identity authentication.

This library uses key cryptography in order to encrypt and decrypt, as well as verify the integrity of signatures. See the installation page for details on how to generate the keys.

The following versions of PHP are supported:

  • PHP 7.0
  • PHP 7.1
  • PHP 7.2

The openssl PHP extension is required.

All HTTP messages passed to the server should be PSR-7 compliant. This ensures interoperability between other packages and frameworks.