nl.idaas / openid-server
OpenID Connect server for PHP
v0.4.2
2023-11-27 08:34 UTC
Requires
- lcobucci/jwt: ^4.3|^5.0
- league/oauth2-server: ^8
- nyholm/psr7: ^1.3
Requires (Dev)
- laminas/laminas-diactoros: ^3.3.0
- phpunit/phpunit: ^9.6.13
- dev-master
- v0.4.2
- v0.4.1
- v0.4.0
- v0.3.2
- v0.3.1
- v0.3.0
- v0.2.6
- v0.2.5
- v0.2.4
- v0.2.3
- v0.2.2
- v0.2.1
- v0.2.0
- v0.1.9
- v0.1.8
- v0.1.7
- v0.1.6
- v0.1.4
- v0.1.3
- v0.1.2
- v0.1.1
- v0.1.0
- dev-feature/documentation
- dev-feature/formatting-and-fixes
- dev-feat-update-packages
- dev-dependabot/composer/laminas/laminas-diactoros-2.17.0
- dev-dependabot/composer/nyholm/psr7-1.6.1
- dev-feature/fix-for-jwt-to-string
- dev-feature/minor-updates
- dev-feature/allow-specific-userinfo-responses
- dev-feature/updates-for-jwt-package
- dev-feature/pipeline-fix
- dev-feature/improved-claim-support
- dev-feature/basic-test
This package is auto-updated.
Last update: 2024-10-27 10:38:00 UTC
README
PHP OpenID Connect Server
This is an OpenID Connect Server written in PHP, built on top of thephpleague/oauth2-server.
It is used by idaas.nl: (not) yet another identity as a service platform.
This library supports everything that is supported by thephpleague/oauth2-server
, plus the following specifications
This library was created by Arie Timmerman.
Installation
composer require nl.idaas/openid-server
Example
This example implements show how to implement an authorization server with support for an authorization grant, including OpenID Connect support.
// Init our repositories $scopeRepository = new ScopeRepository(); // instance of ScopeRepositoryInterface $authCodeRepository = new AuthCodeRepository(); // instance of AuthCodeRepositoryInterface $refreshTokenRepository = new RefreshTokenRepository(); // instance of RefreshTokenRepositoryInterface // Specific to this module $clientRepository = new ClientRepository(); // instance of \Idaas\OpenID\Repositories\ClientRepositoryInterface $accessTokenRepository = new AccessTokenRepository(); // instance of \Idaas\OpenID\Repositories\AccessTokenRepositoryInterface $claimRepository = new ClaimRepository(); // instance of ClaimRepositoryInterface $privateKey = 'file://path/to/private.key'; //$privateKey = new CryptKey('file://path/to/private.key', 'passphrase'); // if private key has a pass phrase $encryptionKey = 'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen'; // generate using base64_encode(random_bytes(32)) // Setup the authorization server $server = new \League\OAuth2\Server\AuthorizationServer( $clientRepository, $accessTokenRepository, $scopeRepository, $privateKey, $encryptionKey ); // OpenID Connect Authorization Code Grant $grant = new \Idaas\OpenID\Grant\AuthCodeGrant( $authCodeRepository, $refreshTokenRepository, $claimRepository, new \Idaas\OpenID\Session, new DateInterval('PT10M'), // authorization codes will expire after 10 minutes new DateInterval('PT10M') // ID Token will expire after 10 minutes ); $grant->setRefreshTokenTTL(new \DateInterval('P1M')); // refresh tokens will expire after 1 month // Enable the authentication code grant on the server $server->enableGrantType( $grant, new \DateInterval('PT1H') // access tokens will expire after 1 hour );