1 Release 1 Tag

RSS Feed

• v1.0.0 120f0b616d

  TigerStyle Scent v1.0.0 Stable

  rsp2k released this 2026-05-27 20:32:46 +00:00 | 1 commits to main since this release

  🔑 TigerStyle Scent v1.0.0

  Enterprise OAuth2 authentication server for WordPress. Like cats authenticate each other through scent, Scent provides secure OAuth2 authentication for your WordPress territory.

  Highlights

  • RFC 6749 OAuth 2.0 Authorization Framework
  • RFC 6750 Bearer Token Usage
  • RFC 7636 PKCE (Proof Key for Code Exchange) — critical for SPAs and mobile clients
  • RFC 7009 Token Revocation
  • RFC 7662 Token Introspection
  • PSR-4 namespaced PHP architecture
  • Argon2ID client secret hashing
  • Cryptographically-secure token generation (random_bytes())
  • Timing-attack resistant secret comparison

  Security

  Scent ships with comprehensive security audit documentation:

  • SECURITY_AUDIT_REPORT.md — line-by-line code review
  • FINAL_SECURITY_AUDIT_REPORT.md — production security assessment
  • OAUTH2_RFC_COMPLIANCE_AUDIT.md — RFC compliance matrix
  • SECURITY_IMPLEMENTATION_GUIDE.md — implementation patterns and defense-in-depth

  Use Cases

  • WordPress as identity provider for headless apps
  • API access control with scoped tokens
  • Mobile/SPA backends needing PKCE
  • Multi-app SSO across the same WordPress install

  Installation

  1. Download tigerstyle-scent-1.0.0.zip below
  2. WordPress admin → Plugins → Add New → Upload Plugin
  3. Select the ZIP, install, activate
  4. Register your OAuth2 clients under TigerStyle Scent in the admin sidebar

  Requirements

  • WordPress 5.0+
  • PHP 7.4+
  • HTTPS strongly recommended (required for production OAuth2 flows)

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
  • tigerstyle-scent-1.0.0.zip
    81 KiB