Giter VIP home page Giter VIP logo

openid-connect's Introduction

OIDC Connect

PHP implementation of https://openid.net/specs/openid-connect-core-1_0.html

Install

Via Composer

$ composer require srako/openid-connect

Usage

Initialization

Using the OIDC discovery endpoint

use Srako\OpenIDConnect\ClientMetadata;
use Srako\OpenIDConnect\ClientFactory;

$issuerUrl = 'https://example.com';
$clientMetadata = new ClientMetadata('clientid', 'clientsecret', 'https://example.com/callback');
$client = ClientFactory::create($issuerUrl, $clientMetadata);
Manually 
use Srako\OpenIDConnect\Client;
use Srako\OpenIDConnect\ClientMetadata;
use Srako\OpenIDConnect\Config;
use Srako\OpenIDConnect\Http\HttpClientFactory;
use Srako\OpenIDConnect\Token\TokenVerifierFactory;
use Srako\OpenIDConnect\ProviderMetadata;

$clientMetadata = new ClientMetadata('clientid', 'clientsecret', 'https://example.com/callback');
$providerMetadata = new ProviderMetadata([
    ProviderMetadata::AUTHORIZATION_ENDPOINT => 'https://example.com/authorize',
    ProviderMetadata::TOKEN_ENDPOINT => 'https://example.com/token',
    // ...
])
$config = new Config($providerMetadata, $clientMetadata);
$client = new Client($config, HttpClientFactory::create());

Authorization Code flow

Step 1 - Redirect the user to authorization endpoint

use Srako\OpenIDConnect\Param\AuthorizationParams;

$state = bin2hex(random_bytes(8));
$_SESSION['oauth_state'] = $state;

$authorizationParams = new AuthorizationParams([
    AuthorizationParams::SCOPE => 'openid profile',
    AuthorizationParams::STATE => $state,
]);

$url = $client->getAuthorizationUrl($authorizationParams); 
header('Location: ' . $url);
exit();

Step 2 - Handle callback and exchange code for tokens

use Srako\OpenIDConnect\Param\CallbackParams;
use Srako\OpenIDConnect\Param\CallbackChecks;

$tokens = $client->handleCallback(
    new CallbackParams($_GET),
    new CallbackChecks($_SESSION['oauth_state'])
);

Client Credentials flow

use Srako\OpenIDConnect\Grant\ClientCredentials;
use Srako\OpenIDConnect\Param\TokenParams;

$tokens = $client->requestTokens(
    new TokenParams(
        new ClientCredentials(),
        [
            TokenParams::SCOPE => 'some scope'
        ]
    )
);

See examples for more

Credits

License

The MIT License (MIT). Please see License File for more information.

openid-connect's People

Contributors

srako avatar

Stargazers

avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.