yii2-oauth2-server | Yii2 Wrapper around https

by hosannahighertech PHP Version: v1.0.1 License: MIT

X-Ray Key Features Code Snippets Community Discussions(1)Vulnerabilities Install Support

kandi X-RAY | yii2-oauth2-server Summary

yii2-oauth2-server is a PHP library. yii2-oauth2-server has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub.

A wrapper for implementing an OAuth2 Server(This is a fork of I decided to fork it after a long standing issue of branches not being resolved at original repo. There is no guarantee that the two will remain compartible so check out things to see if there is anything broke while transiting.

Support

Quality

Security

License

Reuse

Support

yii2-oauth2-server has a low active ecosystem.

It has 16 star(s) with 17 fork(s). There are 4 watchers for this library.

It had no major release in the last 12 months.

There are 4 open issues and 5 have been closed. On average issues are closed in 78 days. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of yii2-oauth2-server is v1.0.1

Quality

yii2-oauth2-server has 0 bugs and 0 code smells.

Security

yii2-oauth2-server has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

yii2-oauth2-server code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

yii2-oauth2-server is licensed under the MIT License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

yii2-oauth2-server releases are available to install and integrate.

Installation instructions, examples and code snippets are available.

Top functions reviewed by kandi - BETA

kandi has reviewed yii2-oauth2-server and discovered the below as its top functions. This is intended to give you an instant insight into yii2-oauth2-server implemented functionality, and help decide if they suit your requirements.

Create the database .
Get OAuth2 server
Initialize module .
Handles the after action .
Sets the behavior behaviors .
Get the attribute labels .
Returns validation rules .
Bootstrap the module
Handle the authorize request
Initiates the before action

Get all kandi verified functions for this library.

yii2-oauth2-server Key Features

No Key Features are available at this moment for yii2-oauth2-server.

yii2-oauth2-server Examples and Code Snippets

No Code Snippets are available at this moment for yii2-oauth2-server.

Community Discussions

Trending Discussions on yii2-oauth2-server

how to replace subject(sub) to a secret string in id_token at the openid connect?

QUESTION

how to replace subject(sub) to a secret string in id_token at the openid connect?

Asked 2018-Jan-02 at 11:04

oauth2 library:

https://github.com/Filsh/yii2-oauth2-server

https://github.com/bshaffer/oauth2-server-php

please notice that, user id in my system is a integer not a string.

my purpose just hide system user id.

the steps for id token :

http://bshaffer.github.io/oauth2-server-php-docs/overview/openid-connect/

{ "iss": "localhost", "sub": 2, "aud": "-7IloKCawcvBwRijJeo7nsLxx1chC68L", "iat": 1514518157, "exp": 1514521757, "auth_time": 1514518157, "nonce": "dfsdsdsd" }

md5('-7IloKCawcvBwRijJeo7nsLxx1chC68L' + 2) = 3C86CBBFF35AD3B6E609F5622D776531

i wanna replace subject to md5(client_id + subject)

{ "iss": "localhost", "sub": "3C86CBBFF35AD3B6E609F5622D776531", "aud": "-7IloKCawcvBwRijJeo7nsLxx1chC68L", "iat": 1514516044, "exp": 1514519644, "auth_time": 1514516044, "nonce": "dfsdsdsd" }

...

ANSWER

Answered 2018-Jan-02 at 11:04

IF I understand your desire, the OpenID Provider can provide anything for the Subject as long as it is Unique at that OpenID Provider for a specific relying party.

OpenID Connect Identity Token Sub is a Subject Identifier is a locally unique and never re-assigned identifier within the Issuer for the Authenticated Entity, which is intended to be consumed by the OAuth Client.

Two Subject Identifier types (subject_types_supported) are defined by OpenID Connect and are Required to be present in the OpenID Provider Metadata:

public - provides the same sub (subject) value to all OAuth Client. It is the default if the provider has no subject_types_supported element in its discovery document.

pairwise - provides a different Sub value to each OAuth Client, so as not to enable OAuth Client to correlate the End-User's activities without permission.

The OpenID Connect Provider's OpenID Connect Discovery document SHOULD list its supported Subject Identifier types in the subject_types_supported element.

If there is more than one type listed in the array, the OAuth Client MAY elect to provide its preferred identifier type using the subject_type parameter during Registration.

Sub MUST NOT exceed 255 ASCII characters in length.

Sub Sub value is a Case-sensitive string.

Source https://stackoverflow.com/questions/48017114

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install yii2-oauth2-server

The preferred way to install this extension is through [composer](http://getcomposer.org/download/). to the require section of your composer.json.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: