oihana/php-auth

Composable PHP authorization toolkit — Casbin RBAC enforcer, JWT/OIDC verification (JWKS), fine-grained capabilities, validation rules and ready-to-use HTTP middlewares for API protection.

Maintainers

Package info

github.com/BcommeBois/oihana-php-auth

pkg:composer/oihana/php-auth

Statistics

Installs: 5

Dependents: 2

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

dev-main 2026-05-26 09:16 UTC

Requires

Requires (Dev)

MPL-2.0 006c09e0f3c4d4899d9c42555ed88b6b42ef7fdc

phpauthorizationAuthenticationoauth2capabilitiesmiddlewareauthrbacjwtoidcJWKScasbinapi-security

This package is auto-updated.

Last update: 2026-05-26 09:16:47 UTC

README

Oihana PHP Auth

Composable PHP authorization toolkit. Part of the Oihana PHP ecosystem, this package combines Casbin RBAC, JWT/OIDC verification, fine-grained capabilities and HTTP middlewares to protect your APIs end‑to‑end.

Latest Version Total Downloads License

📚 Documentation

Full API reference (generated with phpDocumentor): https://bcommebois.github.io/oihana-php-auth

User guides (FR + EN) live under wiki/.

📦 Installation

Requires PHP 8.4+. Install via Composer:

composer require oihana/php-auth

✨ What you can do

  • Authenticate any request against a Zitadel / Auth0 / Keycloak IdP using a JWKS‑backed JWT validator (cached via Memcached).
  • Authorize with Casbin RBAC + domains: route‑level guards, role/permission/policy CRUD, multi‑tenant.
  • Restrict sensitive query parameters, filter keys or skin variants with fine‑grained capabilities (subject PARAM:…).
  • Validate request bodies via Somnambulist Validation rule catalogues.
  • Reuse ready‑made HTTP middlewares (JWT check, authorization, rate‑limit hooks) compatible with any PSR‑15 stack.

Under the hood

  • A consistent set of interfaces (CapabilityEnforcerInterface, PermissionSubjectResolverInterface) you can implement against your own persistence layer.
  • Pure‑PHP JWT validator built on top of firebase/php-jwt v7.
  • Helpers for PSR‑11 Container wiring.
  • Strongly‑typed enums and constants — no magic strings.

✅ Running tests

Run all tests:

composer test

Run a specific test file:

composer test ./tests/oihana/auth/SomeTest.php

🛠️ Generate the documentation

We use phpDocumentor to generate documentation into the ./docs folder.

composer doc

🧾 License

Licensed under the Mozilla Public License 2.0 (MPL‑2.0).

👤 About the author

  • Author: Marc ALCARAZ (aka eKameleon)
  • Email: marc@ooop.fr
  • Website: https://www.ooop.fr

🔗 Related packages

  • oihana/php-core – core helpers and utilities: https://github.com/BcommeBois/oihana-php-core
  • oihana/php-enums – typed constants & enums: https://github.com/BcommeBois/oihana-php-enums
  • oihana/php-exceptions – framework exceptions: https://github.com/BcommeBois/oihana-php-exceptions
  • oihana/php-reflect – reflection and hydration utilities: https://github.com/BcommeBois/oihana-php-reflect
  • oihana/php-schema – Schema.org constants and vocabulary: https://github.com/BcommeBois/oihana-php-schema
  • oihana/php-system – framework helpers (controllers, models, request handling): https://github.com/BcommeBois/oihana-php-system