thephpleague/oauth2-server

Issues

• The `scope` parameter has been mistakenly required on device access token request

  #1411 opened 6 days ago by hafezdivandari
  2

• Not supporting [RFC 9068] Must add issuer claim to the access token JWT!

  #1434 opened 4 months ago by StefanoMantero
  1

• Clarification Needed: Purpose of src/ Folder in OAuth2 Repository with Slim4 Integration

  #1448 opened a month ago by viniribeirossa
  2

• Laravel Passport 13.x

  #1453 opened a month ago by hafezdivandari
  6

• Supports PHP 8.4

  #1450 opened 24 days ago by KorDum
  1

• v9 Client Credentials grant broken

  #1456 opened a month ago by shades684
  7

• RefreshTokenGrant requires client_secret also for non-confidential clients

  #1369 opened a year ago by PMawesome
  3

• AuthCodeGrant doesn't reply with invalid_grant on bad "code" request paramter, but with invalid_request

  #1430 opened 4 months ago by paulmhh
  6

• Change to Defuse key

  #1439 opened 3 months ago by adammeyer
  1

• ClientCredentials with refresh token

  #1438 opened 3 months ago by pavelwitassek
  2

• v9 Typing breaks existing refresh tokens

  #1435 opened 3 months ago by MartinGreen
  0

• Issue with redirect_uri in Authorization Code Grant

  #1418 opened 4 months ago by ls-sean-fraser
  6

• Autogenerated Emitter is not persisted

  #1422 opened 4 months ago by ls-sean-fraser
  0

• Compatibility on interfaces

  #1413 opened 4 months ago by JoMo1970
  2

• Initial Configuration

  #1415 opened 4 months ago by JoMo1970
  3

• client_credentials has empty sub, how to get user information?

  #1417 opened 5 months ago by BenoitDuffez
  1

• Custom unique identifier generator

  #1365 opened a year ago by AurelienPillevesse
  1

• Wrong Type in DocBlock 3rd param `AbstractGrant::issueAccessToken`

  #1391 opened 6 months ago by tonybolzan
  1

• Testing v9-rc1 on Laravel Passport

  #1398 opened 6 months ago by hafezdivandari
  13

• Support league/event v3

  #1387 opened a year ago by shyim
  4

• 2FA

  #1393 opened 7 months ago by IvchaZGB
  1

• Authentication scheme should be matched case-insensitively

  #1399 opened 7 months ago by htvennik
  1

• Oauth

  #1401 opened 8 months ago by Guitgamer
  0

• Support for PHP 8.3

  #1394 opened 8 months ago by tjcdeveloper
  1

• AuthCodeGrant applies wrong validation rules on code_challenge

  #1392 opened 10 months ago by scruoge
  4

• League/Oauth2-Server Key Exposure In Exception Message

  #1388 opened a year ago by ankitdn
  2

• AccessTokenTrait::__toString gives different result each call

  #1389 opened a year ago by KngGroup
  1

• Why setUserIdentifier, not setUser?

  #1376 opened a year ago by DarthLegiON
  9

• Possibility of using different encryptor for shortening auth code

  #1380 opened a year ago by damirius
  2

• Does anyone know if this library is vulnerable to this hack?

  #1381 opened a year ago by LTSCommerce
  1

• Test Refresh Token Fails on Google Home Test Suite

  #1379 opened a year ago by w1lldone
  2

• Google warning - Deceptive site ahead

  #1373 opened a year ago by timyyo
  8

• Class "League\Uri\UriString" not found

  #1371 opened a year ago by jmpecx
  8

• Implict grant for OIDC not supported

  #1374 opened a year ago by georgeboot
  1

• Reuse or revoke existing or access and refresh tokens on new auth

  #1372 opened a year ago by ctadlock
  10

• how to validate client when exchanging auth code for access token

  #1370 opened a year ago by akshare
  1

• Bump league/uri to ^7.0 (psr/http-message:^2.0 related)

  #1366 opened a year ago by bojanbogdanovic
  4

• Documentation: AuthCode grant redirect_uri must match authorization request

  #1368 opened a year ago by iaibai
  0

• Configuring client_id and client_secret

  #1364 opened a year ago by damc
  2

• Is this most likely due to an expired or somehow invalid token?

  #1362 opened a year ago by justageek
  0

• Allow refresh token to never expire

  #1361 opened a year ago by AurelienPillevesse
  0

• Scopes asked by client

  #1358 opened a year ago by AurelienPillevesse
  3

• OpenID Connect implementation

  #1355 opened a year ago by shineability
  2

• Relation between entities/models

  #1357 opened a year ago by AurelienPillevesse
  2

• Private key is shown in Error message on invalid pass phrase

  #1351 opened a year ago by MHC03
  2

• Missing security advisory for latest release

  #1354 opened a year ago by GrahamCampbell
  1

• RefreshTokenGrant should not revoke the access token

  #1347 opened a year ago by Starfox64
  5

• Access token introspection RFC7662

  #1350 opened a year ago by DorelBesliu
  1

• support for league/event 3.0.2

  #1348 opened a year ago by monta990
  1

• redirect_uri is mandatory

  #1346 opened a year ago by sfarkas1988
  2