PHP OAuth 2.0 Server VS Symfony

For creating a PHP OAuth2 server take a look at https://oauth2.thephpleague.com/ it is not a complete server, but will do most of the work for you.

For the server side, I'll use the OAuth 2.0 server library. The implementation here is more complex, as there are many moving parts that need to be in place.

I looked at the phpleague oauth2-server and there, they say that a SPA (front end in angular or react) should use Authorization code grant and not password grant (it seems password grant is not recommended to use anymore).

Laravel Passport facilitates full OAuth2 server implementation for Laravel Apps in less time. Developing an OAuth2 server from scratch can be tedious and time-consuming, but Laravel Passport is a local OAuth 2 server for Laravel apps. The Laravel Passport package embodies routes, middleware, and database migrations to develop an authorization server that will return access tokens for giving access permission to server resources. It uses the League OAuth2 Server package as a dependency and has a straightforward, easy-to-learn, and easy-to-implement language structure.

Disclosure: I work for FusionAuth.

Depends on what you are looking for.

If you want a standalone auth server, you can use FusionAuth in docker/docker-compose: https://fusionauth.io/docs/v1/tech/installation-guide/docker

You can also package up a library; most major languages have one or more OAuth/OIDC libraries: https://github.com/doorkeeper-gem/doorkeeper for Ruby, https://spring.io/projects/spring-security for Spring/Java, https://oauth2.thephpleague.com/ for PHP, https://pypi.org/project/oauthlib/ for Python.

https://oauth.net/code/ has a further selection of libraries in a variety of languages.

I completely agree with this!! Sometimes there's too much hubris in OSS; classes made final, methods made private- because the author has made their mind up about how the library should work and be used. But sometimes it's not possible to imagine every use case. If software is extensible and someone breaks their app by extending your library and doing something wrong, that's their problem. Take a look at this for example: https://github.com/thephpleague/oauth2-server/issues/885 here the authors don't want to make it more extensible because some people might encode too many claims into their tokens and run into problems with header size. Ffs get off your high horse and let people use their own judgement !! /rant

https://github.com/thephpleague/oauth2-server is also good

Otherwise, if I need something larger, then I would go towards OAuth and than in particular OAuth2 from the PHP league. It provides a good framework to work with to implement authentication in your project. Setting up is a bit of work, but when it works, you don't need to look at it again.

Let's have a look at the class EventSourceHttpClient and try to use it in Symfony\Component\Webhook\Server\Transport. It's an entirely hypothetical example to illustrate the point.

Symfony is an open-source PHP framework developed by SensioLabs which has a thriving community of over 300,000 developers with 29k stars and 9.4k forks on GitHub. It provides a set of reusable PHP components and a development methodology for building complex and scalable web applications. It is recommended due to its advanced features and user-friendly environment. The user can also develop microservices.

Symfony 7

Would be great to see for https://github.com/symfony/symfony, thanks! As that's a monorepo it may provide a challenge to the tool.

As Shopware is mostly based on the Symfony framework, which is in turn based on the PHP language, we should also consider learning about the basics, which will also be useful for other frameworks apart from Shopware, like Symfonycasts, symfony.com, php.net.

Use PHP frameworks such as Symfony. It cares about all the stuff.

Symfony is a PHP framework. https://symfony.com/

It caused much of the internal of Drupal to be re-written. This included how it was extended. With previous major versions you learned about new features and APIs. They followed mostly existing design patterns so it was easy to learn and updates your extensions for. With Symfony you had to learn whole new systems and ways of doing things. It was like learning something entirely new. And, porting extensions to it was far more work and time.

Also, the updates made Drupal slower while consuming far more system resources for the same thing. This increased costs to operate.

Internally, the kernel executes a controller, that is a callable, passing it an array of arguments. For each of these arguments, Symfony calculates its value using services that implement the ValueResolverInterface1.

Drupal is one of the content management systems aka CMS. It has long history and good stability, which is based on PHP and Symfony.