OAuth2 Provider is a provider for Symfony Security component that can be used to build OAuth2 protected applications
With Composer :
composer require texthtml/oauth2-provider
There is a Pimple provider you can use to secure Silex apps
$app = new Silex\Application;
$oAuth2Provider = new TH\OAuth2\Pimple\OAuth2ServerProvider;
$app['security.entry_point.api.oauth2.realm'] = 'My App';
$app->register($oAuth2Provider, [
'oauth2_server.storage.client' => function () use ($config) {
return new TH\OAuth2\Storage\Memory\ClientMemoryStorage([
'NICE_DEV_CLIENT' => [
'name' => 'Nice Dev Client',
'redirect_uri' => 'http://..../my_oauth2_callback',
],
]);
},
'oauth2_server.storage.pdo_connection' => function(Application $app) {
return new PDO('...');
},
]);
$app->mount('/auth/', $oAuth2Provider);
$app['users.provider'] = [
// raw password is foo
'admin' => array('ROLE_ADMIN', '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg=='),
];
$app->register(new Silex\Provider\SecurityServiceProvider, [
'security.firewalls' => [
'oauth.token' => [
'pattern' => '^/auth/token',
'security' => false,
],
'oauth.authorize' => [
'pattern' => '^/auth/authorize',
'http' => true,
'users' => $app['users.provider'],
],
'api' => [
'pattern' => '^/api',
'stateless' => true,
'oauth2' => true,
'security' => true,
'users' => $app['users.provider'],
],
],
]);