flandera / open_id_connect_client_52
PHP 5.2 library for connect to OpenID services
v0.25
2020-02-20 08:49 UTC
Requires
- php: >=5.2
- phpseclib/phpseclib: ^1.0
README
A simple library that allows an application to authenticate a user through the basic OpenID Connect flow. This library hopes to encourage OpenID Connect use by making it simple enough for a developer with little knowledge of the OpenID Connect protocol to setup authentication.
Based on https://github.com/jumbojett/OpenID-Connect-PHP and reworked for PHP 5.2 More information about client functions on Gitbub https://github.com/jumbojett/OpenID-Connect-PHP
Requirements
- PHP 5.2 or greater
- CURL extension
- JSON extension
Install
- Install library using composer
composer require flandera/openid-connect-php-52
- Include composer autoloader
require __DIR__ . '/vendor/autoload.php';
Example 1: Basic Client
$oidc = new JumbojettOpenIDConnectClient('https://id.provider.com', 'ClientIDHere', 'ClientSecretHere'); $oidc->setCertPath('/path/to/my.cert');
[See openid spec for available user attributes][1]
Example 2: Authenticate
$oidc = new JumbojettOpenIDConnectClient('https://id.provider.com', 'ClientIDHere', 'ClientSecretHere'); $oidc->providerConfigParam(array('token_endpoint'=>'https://id.provider.com/connect/token')); $oidc->setRedirectURL('path/where_to_send/response'); $oidc->addScope('my_scope'); //Send authorization information i.e. username and password via form to auth endpoint //get code and state from GET response of auth endpoint if success $_SESSION['openid_connect_state'] = $_GET['state']; $oidc->authenticate(); //if autentization is succesfull retrive token from response $token = $oidc->getTokenResponse(); //get identity from response JWT payload $identity = $oidc->getIdTokenPayload()->identity; //Or use other workflow according to OpenID documentation
Development Environments
In some cases you may need to disable SSL security on on your development systems. Note: This is not recommended on production systems.
$oidc->setVerifyHost(false); $oidc->setVerifyPeer(false);