eureka2/oauth-client

OAuth client library

Maintainers

Details

github.com/eureka2/oauth-client

Source

Issues

Installs: 2

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 0

1.0.2 2019-09-20 16:56 UTC

Requires

MIT abe7d5c3dea8f0f249081a572752927716bd0ddb

This package is auto-updated.

Last update: 2024-09-21 05:20:50 UTC

README

This library is a multi-protocol client based on OAuth.

Supported protocols are: OAuth 1.0, OAuth 1.0a, OAuth 2.0 and OpenID 1.0

This library can be configured to work with any platform providing services or resources based on these protocols.

The configuration of some providers is integrated in the library (built-in providers) which allows to use their services with a minimum of parameters.

For those who are not integrated, an array of options allows you to control access to services and resources. This array contains the list of endpoints, the mapping of non-standard fields, the identifiers registered with the provider as well as the way (strategy) to compose access requests.

Requirements

  • PHP >=7.1.3
  • symfony/http-client >= 4.3

Installation

From the root directory of your application, run: composer require eureka2/oauth-client

Usage

Low-level requests to a builtin OAuth provider

use eureka2\OAuth\Client\OAuthClient;

try {
   $client = OAuthClient::create('Google');
   $client->setClientId('<YOUR CLIENT ID>');
   $client->setClientSecret('<YOUR CLIENT SECRET>');
   $client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']);
   $user = (object) [];
   if ($client->initialize([
       'strategy' => [
           'offline_access' => true
       ]
   ])) {
       if ($client->authenticate()) {
           if (!empty($client->getAccessToken())) {
               $user = $client->getResourceOwner();
           }
       }
       $client->finalize();
   }
   if ($client->shouldExit()) {
       exit;
   }
   ....
   // Do something with $user
} catch (\Exception $e) {
   // Do something with $e
}

High-level request to a builtin OAuth provider

use eureka2\OAuth\Client\OAuthClient;

try {
   $client = OAuthClient::create('Google');
   $options = [ // See the full list of options below
       'provider' => [
           'registration' => [
               'keys' => [
                   'client_id' => '<YOUR CLIENT ID>',
                   'client_secret' => '<YOUR CLIENT SECRET>',
                   'redirect_uri' => 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']
               ]
           ]
       ],
       'strategy' => [
           'offline_access' => true
       ]
   ];
   $user = $client->fetchResourceOwner($options);
   ....
   // Do something with $user
} catch (\Exception $e) {
   // Do something with $e
}

Options

$options = [
  'provider' => [
    'protocol' => [
      'name' => 'string',
      'version' => 'string'
    ],
    'endpoints' => [
      'discovery_endpoint' => 'string',
      'authorization_endpoint' => 'string',
      'token_endpoint' => 'string',
      'registration_endpoint' => 'string',
      'introspection_endpoint' => 'string',
      'revocation_endpoint' => 'string',
      'request_token_endpoint' => 'string',
      'userinfo_endpoint' => 'string',
      'end_session_endpoint' => 'string',
      'pin_dialog_url' => 'string',
      'jwks_uri' => 'string'
    ],
    'mapping' => [ // see https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims and https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim
      'user_id_field' => 'string',
      'name_field' => 'string',
      'given_name_field' => 'string',
      'family_name_field' => 'string',
      'middle_name_field' => 'string',
      'nickname_field' => 'string',
      'preferred_username_field' => 'string',
      'profile_field' => 'string',
      'picture_field' => 'string',
      'website_field' => 'string'
      'email_field' => 'string',
      'email_verified_field' => 'string',
      'gender_field' => 'string',
      'birthdate_field' => 'string',
      'zoneinfo_field' => 'string',
      'locale_field' => 'string',
      'phone_number_field' => 'string',
      'phone_number_verified_field' => 'string',
      'updated_at_field' => 'string',
      'formatted_field' => 'string',
      'street_address_field' => 'string',
      'locality_field' => 'string',
      'region_field' => 'string',
      'postal_code_field' => 'string',
      'country_field' => 'string'
    ],
    'registration' => [
      'keys' => [
        'client_id' => 'string',
        'client_secret' => 'string',
        'redirect_uri' => 'string',
        'realm' => 'string',
        'api_key' => 'string',
        'pin' => 'string'
      ],
      'credentials' => [
        'username' => 'string',
        'password' => 'string'
      ]
    ]
  ],
  'strategy' => [
    'reauthentication_parameter' => 'string',
    'offline_access' => 'boolean',
    'offline_access_parameter' => 'string',
    'append_state_to_redirect_uri' => 'string',
    'authorization_in_header' => 'boolean',
    'parameters_in_url' => 'boolean',
    'token_request_method' => 'string',
    'signature_method' => 'string',
    'signature_certificate_file' => 'string',
    'access_token_authentication' => 'string',
    'access_token_parameter' => 'string',
    'default_access_token_type' => 'string',
    'store_access_token_response' => 'boolean',
    'refresh_token_authentication' => 'string',
    'grant_type' => 'string',
    'get_token_with_api_key' => 'boolean',
    'access_token_content_type' => 'string',
    'access_token_language' => 'string',
    'scope' => 'string'
  ],
  'storage' => [
     'type' => 'string',
     'key' => 'string',
     'dsn' => 'string'
  ]
];

Static methods

Methods

API documentation

Documentation of oauth-client classes

Copyright and license

© 2019 Eureka2 - Jacques Archimède. Code released under the MIT license.