krisrandall/openid-connect-with-client-credentials-php

There is no license information available for the latest version (0.3.2) of this package.

Bare-bones OpenID Connect client

Maintainers

Details

github.com/krisrandall/OpenID-Connect-PHP

Source

Installs: 44

Dependents: 1

Suggesters: 0

Security: 0

Stars: 1

Watchers: 3

Forks: 355

0.3.2 2017-05-25 05:54 UTC

Requires

Unknown License c77624d8acfe9a5f740b6462c3e99a3f60f42952

This package is not auto-updated.

Last update: 2024-04-27 17:59:02 UTC

README

This version was originally forked so as to add the Client Credentials connect flow endpoint. It is maintained because it includes a special condition preventing an error.

To bring the latest changes over from the original jumbojett repo use :

$ git pull upstream master

PHP OpenID Connect Basic Client

A simple library that allows an application to authenticate a user through the basic OpenID Connect flow. This library hopes to encourage OpenID Connect use by making it simple enough for a developer with little knowledge of the OpenID Connect protocol to setup authentication.

A special thanks goes to Justin Richer and Amanda Anganes for their help and support of the protocol.

Requirements

  1. PHP 5.4 or greater
  2. CURL extension
  3. JSON extension

Install

  1. Install library using composer
composer require jumbojett/openid-connect-php:0.1.*
  1. Include composer autoloader
require '/vendor/autoload.php';

Example 1: Basic Client

$oidc = new OpenIDConnectClient('https://id.provider.com',
                                'ClientIDHere',
                                'ClientSecretHere');
$oidc->setCertPath('/path/to/my.cert');
$oidc->authenticate();
$name = $oidc->requestUserInfo('given_name');

See openid spec for available user attributes

Example 2: Dynamic Registration

$oidc = new OpenIDConnectClient("https://id.provider.com");

$oidc->register();
$client_id = $oidc->getClientID();
$client_secret = $oidc->getClientSecret();

// Be sure to add logic to store the client id and client secret

Example 3: Network and Security

// Configure a proxy
$oidc->setHttpProxy("http://my.proxy.com:80/");

// Configure a cert
$oidc->setCertPath("/path/to/my.cert");

Example 4: Request Client Credentials Token

$oidc = new OpenIDConnectClient('https://id.provider.com/',
                                'ClientIDHere',
                                'ClientSecretHere');
$oidc->providerConfigParam(array('token_endpoint'=>'https://id.provider.com/connect/token'));
$oidc->addScope('my_scope');

// this assumes success (to validate check if the access_token property is there and a valid JWT) :
$clientCredentialsToken = $oidc->requestClientCredentialsToken()->access_token;

Example 4: Request Client Credentials Token

$oidc = new OpenIDConnectClient('https://id.provider.com',
                                'ClientIDHere',
                                'ClientSecretHere');
$oidc->providerConfigParam(array('token_endpoint'=>'https://id.provider.com/connect/token'));
$oidc->addScope('my_scope');

// this assumes success (to validate check if the access_token property is there and a valid JWT) :
$clientCredentialsToken = $oidc->requestClientCredentialsToken()->access_token;

Development Environments

In some cases you may need to disable SSL security on on your development systems. Note: This is not recommended on production systems.

$oidc->setVerifyHost(false);
$oidc->setVerifyPeer(false);

Todo

  • Dynamic registration does not support registration auth tokens and endpoints