Implement OAuth 2.1 with PKCE authorization code flow

Browse source

- Add PKCE service with RFC 7636 compliance (S256 and plain methods)
  - Implement OAuth authorization controller with CSRF protection
  - Add comprehensive security testing (SQL injection, XSS, DoS protection)
  - Create 44+ tests across 6 test files with 100% pass rate
  - Implement public/confidential client support with PKCE enforcement
  - Maintain full backward compatibility with existing password grant flow

...

This commit is contained in:

Srijith Nair 2025-07-05 04:10:36 +04:00

parent dbab3c1041

commit 173b317ff4

21 changed files with 4989 additions and 2 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download patch file Download diff file Expand all files Collapse all files

1031

tests/Controller/Api/OAuthAuthorizationSecurityTest.php Normal file

View file

File diff suppressed because it is too large Load diff