Skip to content
Switch branches/tags
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

ZF OAuth2 Client

Build Status Coverage Status Total Downloads

When you write an application which includes zfcampus/zf-oauth2 this module is written to connect easily and cleanly connect to that zf-oauth2 implementation.


Installation of this module uses composer. For composer documentation, please refer to

composer require api-skeletons/zf-oauth2-client ^1.0

Add this module to your application's configuration:

'modules' => array(

This module provides the service manager config through the module but you may use the ZF\OAuth2\Client\OAuth2Client class directly by injecting your own Zend\Http\Client and configuration.


Copy config/ to config/autoload/zf-oauth2-client-global.php and edit. You may configure multiple zf-oauth2 authorization code provider profiles. login_redirect_route is your authentication route.

    'zf-oauth2-client' => array(
        'profiles' => array(
            'default' => array(
                'login_redirect_route' => 'zfcuser',
                'client_id' => 'client',
                'secret' => 'password',
                'endpoint' => 'http://localhost:8081/oauth',
                'refresh_endpoint' => 'http://localhost:8081/oauth',
                'scope' = 'list,of,scopes',
            /* 'other provider' => array( ... */

zf-oauth2 Server Configuration

zf-oauth2-client expects the server to return a new refresh token anytime a refresh token is used to get a new access token. To set this flag on zf-oauth2 use

return array(
    'zf-oauth2' => array(
        'options' => array(
            'always_issue_new_refresh_token' => true,


A controller is provided to send the user into the authorization code process and validate the code when the user returns. Upon validation the session will have a valid access_token.

To send a user into the authorization code process direct them to the zf-oauth2-client route.

// Controller
    ->toRoute('zf-oauth2-client', array('profile' => 'default'));

// View
$this->url('zf-oauth2-client', array('profile' => 'default'));

When the user returns from the process they will be redirected to the login_redirect_route. This route should fetch an authorized http client and, using it, authenticate the user based on their profile returned from an API call back to the OAuth2 server.

Command Line Tools

To make JWT easier to test command line tools are included.

  • oauth2:jwt:generate Generate a JWT to send to an OAuth2 grant_type of urn:ietf:params:oauth:grant-type:jwt-bearer


A Client for zfcampus/zf-oauth2




No packages published