Hubzilla Project: Oauth2

OAuth 2.0


    The OAuth 2.0 client authentication scheme is partially implemented in Hubzilla as of commit 547ef772a. This wiki page is intended to be a place to summarize the state of the implementation and how to complete it.

    Formatting and conventions

    • File paths are relative to the core Hubzilla git repo root (https://github.com/redmatrix/hubzilla.git, dev branch)


    • https://aaronparecki.com/oauth-2-simplified/
    • https://bshaffer.github.io/oauth2-server-php-docs/
      • http://bshaffer.github.io/oauth2-server-php-docs/cookbook/
    • OAuth 2.0 dynamic client registration

    Relevant files

    • /Zotlabs/Identity/OAuth2Server.php
    • /Zotlabs/Module/Token.php
    • /Zotlabs/Module/Authorize.php
    • /vendor/bshaffer/oauth2-server-php

    Discovered issues


    The oauth2-server-php library needs database tables like oauth_clients that do not exist yet (see /vendor/bshaffer/oauth2-server-php/test/lib/OAuth2/Storage/Bootstrap.php for example). The list of required tables is defined in /vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php.