{"id":13805458,"url":"https://github.com/tegaphilip/padlock","last_synced_at":"2026-01-11T13:48:02.892Z","repository":{"id":37546627,"uuid":"143159331","full_name":"tegaphilip/padlock","owner":"tegaphilip","description":"Phalcon Authentication Server","archived":false,"fork":false,"pushed_at":"2022-06-21T17:45:25.000Z","size":157,"stargazers_count":25,"open_issues_count":5,"forks_count":6,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-11-18T21:47:47.386Z","etag":null,"topics":["oauth2","phalcon","phalcon-php"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tegaphilip.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-08-01T13:23:50.000Z","updated_at":"2024-10-17T13:26:27.000Z","dependencies_parsed_at":"2022-08-18T03:01:29.160Z","dependency_job_id":null,"html_url":"https://github.com/tegaphilip/padlock","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tegaphilip%2Fpadlock","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tegaphilip%2Fpadlock/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tegaphilip%2Fpadlock/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tegaphilip%2Fpadlock/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tegaphilip","download_url":"https://codeload.github.com/tegaphilip/padlock/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254012968,"owners_count":21999346,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["oauth2","phalcon","phalcon-php"],"created_at":"2024-08-04T01:01:01.348Z","updated_at":"2026-01-11T13:48:02.887Z","avatar_url":"https://github.com/tegaphilip.png","language":"PHP","funding_links":[],"categories":["Authentication \u0026 OAuth"],"sub_categories":[],"readme":"# Padlock, Phalcon Authentication Server\n\n[![Latest Version on Packagist][ico-version]][link-packagist]\n[![Software License][ico-license]](LICENSE.md)\n[![Total Downloads][ico-downloads]][link-downloads]\n\nPadlock is a docker-based phalcon authentication server built on top of the [PHP OAuth 2.0 Server](https://github.com/thephpleague/oauth2-server) \n\nSetting Up\n------------\n* Add the entries `padlock.local` and `padlock-test.local` and map to `127.0.0.1` in your `/etc/hosts` file\n\n* Ensure you have docker installed\n\n* Make a copy of `.env.sample` to `.env` in the `app/env/` directory and replace the values.\n\n* You can generate the `ENCRYPTION_KEY` environment variable by running \n`php -r \"echo base64_encode(random_bytes(40)) . PHP_EOL;\"` on the command line\n\n* cd into the `keys` directory and generate your public and private keys like so: `openssl genrsa -out private.key 2048` \nthen  `openssl rsa -in private.key -pubout -out public.key`. These are needed for encrypting and decrypting tokens\n\n* You will need to change the permissions of the private and public keys you create in the previous step to the following:\n    ``` chgrp www-data -R keys ``` Then ``` chmod 600 keys/private.key ```\n\n* Feel free to change the port mappings in `docker-compose.yml` if you already have services running on ports `8899` for\nthe phalcon app and `33066` for the mysql server\n\n* Run the app like this `./bin/start.sh` or run `docker-compose up -d`\n\n* Login to mysql using the credentials host:127.0.0.1, username: root, password:root, port: 33066\n\n* Create two databases: `padlock_db` and `padlock_test_db` and import the sql file found in `app/db/padlock.sql` into \nboth databases\n\nTry it out\n==========\n\nRequesting a Token\n------------------\n\n1. Password Grant Flow: Send a `POST` request to `http://padlock.local:8899/api/v1/oauth/token` with the following parameters:\n    - client_id: test\n    - client_secret: secret\n    - grant_type: password\n    - username: abc\n    - password: abc\n    \n    NOTE: This grant returns an access token and a refresh token\n    \n2. Client Credentials Grant Flow: Send a `POST` request to `http://padlock.local:8899/api/v1/oauth/token` with the following parameters:\n    - client_id: test\n    - client_secret: secret\n    - grant_type: client_credentials\n    \n    NOTE: This grant returns only an access token\n\n3. Refresh Token Grant: Send a `POST` request to `http://padlock.local:8899/api/v1/oauth/token` with the following parameters:\n    - client_id: test\n    - client_secret: secret\n    - grant_type: refresh_token\n    - refresh_token: value gotten from any flow that returns a refresh token (e.g password grant flow)\n    \n    NOTE: This grant returns another access token and refresh token and invalidates/revokes the previous ones\n    \n4. Implicit Grant: Send a `GET` request to `http://padlock.local:8899/api/v1/oauth/authorize` with the following parameters:\n    - client_id: test\n    - response_type: token\n    - state: a random string (optional)\n    - redirect_uri: http://www.test.com (optional)\n    \n    NOTE: This grant returns an access token immediately. It does not return a refresh token. \n    \n5. Authorization Code Grant: Send a `GET` request to `http://padlock.local:8899/api/v1/oauth/authorize` with the following parameters:\n    - client_id: test\n    - response_type: code\n    - state: a random string (optional)\n    - redirect_uri: http://www.test.com (optional)\n    \n    NOTE: This grant returns an authorization code that is then used to request for a token by sending a `POST`\n    request to the endpoint `http://padlock.local:8899/api/v1/oauth/token` with the following parameters:\n    - client_id: test\n    - client_secret: secret\n    - grant_type: authorization_code\n    - code: value gotten from the get request\n    - redirect_uri: http://www.test.com (optional)\n    \nValidating a Token\n------------------\nSend a `POST` request to `http://padlock.local:8899/api/v1/oauth/token/validate` with an `Authorization` header whose value is\n`Bearer {access_token}`\n  \n\nRunning Tests\n-------------\n\n* Make a copy of `.env.sample` to `.env.test` in the `app/env/` directory and replace the values.\n\n* Login to the app container using `./bin/login.sh` or run `docker exec -it padlock_app bash`\n\n* Execute unit tests  `./unit-test.sh` (uses [PHPUnit](https://phpunit.de/))\n\n* Run integration tests using `./integration-test.sh` (uses [Codeception](https://codeception.com/)) \n\n## Install\n\nVia Composer\n\n``` bash\n$ composer require tegaphilip/padlock\n```\n\n## Change log\n\nPlease see [CHANGELOG](CHANGELOG.md) for more information what has changed recently.\n\n\n## Contributing\n\nPlease see [CONTRIBUTING](CONTRIBUTING.md) and [CONDUCT](CONDUCT.md) for details.\n\n## Credits\n\n- [Tega Oghenekohwo](https://github.com/tegaphilip)\n- [Adeyemi Olaoye](https://github.com/yemexx1)\n- [All Contributors][link-contributors]\n\n\n[ico-version]: https://img.shields.io/packagist/v/tegaphilip/padlock.svg?style=flat-square\n[ico-license]: https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square\n[ico-downloads]: https://img.shields.io/packagist/dt/tegaphilip/padlock.svg?style=flat-square\n\n[link-packagist]: https://packagist.org/packages/tegaphilip/padlock\n[link-code-quality]: https://scrutinizer-ci.com/g/tegaphilip/padlock\n[link-downloads]: https://packagist.org/packages/tegaphilip/padlock/stats\n[link-contributors]: ../../contributors\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftegaphilip%2Fpadlock","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftegaphilip%2Fpadlock","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftegaphilip%2Fpadlock/lists"}