README

RFC 7636的实现（https://tools.ietf.org/html/rfc7636）

用法

use function OAuth\PKCE\generatePair;
use function OAuth\PKCE\generateChallenge;
use function OAuth\PKCE\verifyChallenge;

// Generate a pair
$pair = generatePair(128);

// Store this in session
$codeVerifier = $pair->getVerifier();

// Pass this onto the /authorize endpoint of the OAuth server
$codeChallenge = $pair->getChallenge();

$queryString = http_build_query([
    'redirect_uri' => 'https://example.com',
    'response_type' => 'code',
    'client_id' => 'xxxxx',
    'code_challenge_method' => 'S256',
    'code_challenge' => $codeChallenge,
    'state' => $state,
]);

// Use the verifier to exchange the auth code for a token
$params = [
    'client_id' => 'xxxxx',
    'client_secret' => 'xxxxx', // If you have one
    'code' => $code, // Received on your redirect uri
    'code_verifier' => $codeVerifier, // Fetched from the session
];

// On the server side:
if (! verifyChallenge($codeVerifier, $codeChallenge)) {
    // Throw exception because the given code, code_verifier and code_challenge are not matching.
}

// Or if you've saved the code with the code_challenge as a key:
// Query for a stored token with the given code and generated code_challenge
$codeChallenge = generateChallenge($codeVerifier);

贡献

请随意发起pull request。给出简明但完整的描述，说明应添加/更改/删除/修复的内容。

测试

在推送代码之前，运行单元测试套件。

vendor/bin/phpunit

许可证

MIT