dvsa / php-govuk-account
A league/oauth2-client provider for GOV.UK One Login
Installs: 5 203
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 7
Forks: 0
Open Issues: 0
Requires
- php: ^8.2
- ext-json: *
- firebase/php-jwt: ^6.3
- guzzlehttp/guzzle: ^7.5
- guzzlehttp/psr7: ^2.4.5
- illuminate/collections: ^8.0
- league/oauth2-client: ^2.6
- paragonie/random_compat: ^9.99
- psr/cache: ^1.0
- psr/http-client: ^1.0
- psr/http-factory: ^1.0
- psr/log: ^1.1
Requires (Dev)
- bamarni/composer-bin-plugin: ^1.4
- mockery/mockery: ^1.5
- phpunit/phpunit: ^9.5.4
README
A provider (based on PHP League OAuth2-Client) to interact with GOV.UK Account.
Supports autoconfiguration for most settings using the discovery endpoint.
For identity assurance (when verifying the JWT in , you will need to define the
identity_assurance_public_key
andexpected_core_identity_issuer
for the short interim until the key and issuer is published on the discovery endpoint.
Installing
The recommended way to install is through Composer.
composer require dvsa/php-govuk-account
Configuring
You may want to refer to the documentation provided at PHP League OAuth2-Client as this package is a provider for that abstract package.
When instantiating the provider, the constructor accepts additional attributes defined in array $options = []
which are specific for this provider; in addition to the default options provided by the AbstractProvider (PHP League OAuth2-Client).
'base_uri' => 'https://oidc.integration.account.gov.uk', // Base URI for the GOV.UK One Login API 'discovery_endpoint' => 'https://oidc.integration.account.gov.uk/.well-known/openid-configuration', // Endpoint for OIDC discovery 'core_identity_did_document_url' => 'https://identity.integration.account.gov.uk/.well-known/did.json', // The DID document URL used to verify the JWTCoreIdentity token from UserDetails endpoint 'client_id' => '', // Client ID issued by GOV.UK One Login 'keys' => [ 'algorithm' => 'RS256', // Algorithm for private_key 'private_key' => '', // Private key used to encode assertion when obtaining access token (public key must be shared with GOV.UK One Login) 'public_key' => '', // Public key used to decode assertion when obtaining access token ], 'redirect_uri' => [ 'logged_in' => '', // The url used for redirection back to the service 'logged_out' => '', // The url used for redirection back to the service ], 'expected_core_identity_issuer' => 'https://identity.integration.account.gov.uk/', // Issuer for JWTCoreIdentity token
Contributing
Please refer to our Contribution Guide and Contributor Code of Conduct.