Skip to content

Latest commit

 

History

History
50 lines (31 loc) · 1.35 KB

README.md

File metadata and controls

50 lines (31 loc) · 1.35 KB

OAuth2 Introspection PSR-15 Middleware

Protect your API with OAuth 2.0 Token Introspection RFC 7662.

PSR-6 can be used to store introspection data during its lifetime (if expiration timestamp of the token is specified by introspection endpoint).

Install

Via Composer

$ composer require kdubuc/oauth2-introspection-psr15

Usage

$middleware =  new Oauth2Introspection($http_psr18_client, $http_stream_psr17_factory, $http_request_psr17_factory, [
    'introspection_endpoint' => 'http://oauth2.example.com/introspect',
    'oauth2_client_id'       => 'client_id',
    'oauth2_client_secret'   => 'client_secret',
]);

$middleware->enableCache($psr6_cache);

// Introspection results will be stored into 'oauth2_access_token_introspection_data' request attribute

Testing

$ vendor/bin/phpunit tests/

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Credits

License

The CeCILL-B License. Please see License File for more information.