aetah / oidc-http-based-logout
Generic PHP library implementing OpenID Connect HTTP-Based Logout 1.0 processing helpers
Maintainers
Requires
- php: ^8.3
Requires (Dev)
- phpstan/phpstan: ^2.1
- phpunit/phpunit: ^12.1
- squizlabs/php_codesniffer: ^4.0
This package is not auto-updated.
Last update: 2026-06-20 15:29:26 UTC
README
This repository is a read-only split of aetah/php-openid-toolkit.
- Development happens in the monorepo.
- Feature PRs and issues should be opened against
aetah/php-openid-toolkit. - This split repository is published from the monorepo and should not be treated as the source of truth.
OIDC Http Based Logout
Generic PHP library for OpenID Connect HTTP-Based Logout 1.0 processing primitives.
Scope
This package is designed as a reusable base for aetah/* libraries and CMS
integrations. It provides:
- End Session request parsing for OpenID Connect logout parameters.
- End Session request validation helpers for
id_token_hint,client_id, andpost_logout_redirect_uricombinations. - End Session endpoint URL builder for RP-initiated logout redirects.
- Post-logout redirect URL builder with optional
state.
The package intentionally leaves ID Token signature verification, OP session management, and HTTP endpoint orchestration to host applications.
Install
composer require aetah/oidc-http-based-logout
Quick Start
<?php declare(strict_types=1); use Aetah\OIDCHttpBasedLogout\OIDCHttpBasedLogout; $logout = new OIDCHttpBasedLogout(); $request = $logout->parseEndSessionRequest($_GET); $logout->validateEndSessionRequest($request, ['https://rp.example/post-logout']);
Spec
OpenID Connect HTTP-Based Logout 1.0 (draft 04): https://openid.net/specs/openid-connect-logout-1_0-04.html
Spec Status
Missing/out of scope:
- ID Token signature and claim verification.
- OP cookie/session invalidation workflows.
- User-agent redirect execution and HTTP runtime endpoint orchestration.
- Dynamic OP/RP metadata retrieval and registration lifecycle behavior.
Quality Checks
Run Static Analysis
composer analyse
Run Tests
composer test
Generated artifacts are written under build/:
build/phpunit/for JUnit reportsbuild/coverage/for coverage output
Clean Build Artifacts
composer clean
Run Test Coverage
composer test:coverage
Run Style Checks
composer lint
Fix Style Checks
composer lint:fix
License
Licensed under AGPL-3.0-or-later. See LICENSE for details.