A spec compliant, secure by default PHP OAuth 2.0 Server
MIT License
Bot releases are visible (Hide)
revokeRefreshTokens()
for enabling or disabling refresh tokens after use (PR #1375)getKeyContents()
to the CryptKeyInterface
(PR #1375)invalid_grant
error and a HTTP 400 response. In previous versions the server incorrectly issued an invalid_request
and HTTP 401 response (PR #1042) (PR #1082)createAuthorizationRequest()
(PR #1111)finalizeScopes()
to allow a reference to an auth code ID (PR #1112)toString()
instead of the magic method __toString()
(PR #1395)Published by Sephster about 1 year ago
Published by Sephster about 1 year ago
Published by Sephster over 1 year ago
Published by Sephster over 1 year ago
Published by Sephster over 1 year ago
Published by Sephster over 1 year ago
Published by Sephster over 1 year ago
Published by Sephster over 1 year ago
Published by Sephster almost 2 years ago
Published by Sephster over 2 years ago
Published by Sephster over 2 years ago
Published by Sephster about 3 years ago
LocalFileReference()
in lcobucci/jwt. Function deprecated as per GHSA-7322-jrq4-x5hf (PR #1249)Published by Sephster about 3 years ago
StrictValidAt()
method in lcobucci/jwt so we can use version 4.1.x or greater of the library (PR #1236)Published by Sephster over 3 years ago
Published by Sephster over 3 years ago
revokeRefreshTokens()
function to decide whether refresh tokens are revoked or not upon use (PR #1189)openssl_pkey_get_private()
and openssl_pkey_get_public()` instead of regex matching (PR #1215)empty()
check (PR #1181)Published by Sephster almost 4 years ago
Published by Sephster almost 4 years ago
Published by Sephster almost 4 years ago
Published by Sephster almost 4 years ago