otpless / otpless-auth-sdk
SDK for Backend PHP SDK for resolving idToken and more.
Requires
- firebase/php-jwt: ^5.0
- guzzlehttp/guzzle: ^7.0
- phpseclib/phpseclib: ^3.0
README
A. OTPLessAuth Dependency
install Below dependency in your project's
composer require otpless/otpless-auth-sdk
you can also get latest version of dependency at https://packagist.org/packages/otpless/otpless-auth-sdk
B. OTPLessAuth class
The OtplessAuth class provides methods to integrate OTPLess authentication into your PHP backend application. This
documentation explains the usage of the class and its methods.
Methods:
1. decodeIdToken
This method help to resolve idToken(JWT token) which is issued by OTPLess which return user detail
from that token also this method verify that token is valid, token should not expired and
issued by only otpless.com
Method Signature:
decodeIdToken(id_token, client_id, client_secret, audience=None)
Method Params:
Return
Return: Object Name: UserDetail
{'success': True, 'auth_time': 1697649943, 'phone_number': '+9193******', 'email': 'dev***@gmail.com', 'name': 'Devloper From OTP-less', 'country_code': '+91', 'national_phone_number': '9313******'}
2. verify code
This method help to resolve code which is return from OTPLess which will return user detail
from that code also this method verify that code is valid, code should not expired and
issued by only otpless.com
Method Signature:
verifyCode(code, client_id, client_secret)
Method Params:
Return
Return: Object Name: UserDetail
{'success': True, 'auth_time': 1697649943, 'phone_number': '+9193******', 'email': 'dev***@gmail.com', 'name': 'Devloper From OTP-less', 'country_code': '+91', 'national_phone_number': '9313******'}
3. Verify Auth Token
This method help to resolve token which is issued by OTPLess which return user detail
from that token also this method verify that token is valid, token should not expired and
issued by only otpless.com
Method Signature:
verifyToken(token, client_id, client_secret)
Method Params:
Return
Return: Object Name: UserDetail
{'success': True, 'auth_time': 1697649943, 'phone_number': '+9193******', 'email': 'dev***@gmail.com', 'name': 'Devloper From OTP-less', 'country_code': '+91', 'national_phone_number': '9313******'}
4. Generate Magic link
The Authorization Endpoint initiates the authentication process by sending a magic link to the user's WhatsApp or email, based on the provided contact information. This link is used to verify the identity of the user. Upon the user's action on this link, they are redirected to the specified URI with an authorization code included in the redirection.
Method Signature:
generateMagicLink(mobile_number, email, client_id, client_secret,redirect_uri,channel)
Method Params:
Return
Return: Object Name: RquestIds
{"requestIds":[{"type":"MOBILE","value":"ac48690347c24c0b8b54270590392b2a"}],"success":true}
Example of usage
require '../vendor/autoload.php'; use Otpless\OTPLessAuth; // Your ID token to decode $token = 'your token here'; $clientId = 'your client id here'; $clientSecret = 'your client secret here'; // Initialize the library class $auth = new OtplessAuth(); $auth->verifyToken($token,$clientId,$clientSecret);
5. Send OTP
This method help to send OTP to your users and OTP issued by only otpless.com
sendOtp(phoneNumber, email, orderId, expiry, hash, clientId, clientSecret, otpLength, channel)
Method Params:
Return
{"success":true,"orderId":"V112444","refId":"108","message":"success"}
6. ReSend OTP
This method help to resend OTP to your users and OTP issued by only otpless.com
resendOtp(orderId, clientId, clientSecret)
Method Params:
Return
{"success":true,"orderId":"V112444","refId":"108","message":"success"}
7. Verify OTP
This method help to Verify OTP to your users and OTP issued by only otpless.com
Method Signature:
verifyOtp(phoneNumber,email, orderId, otp, clientId, clientSecret)
Method Params:
{"success":true,"isOTPVerified":true}
8. Send OTP V2
This method help to send OTP to your users and OTP issued by only otpless.com
sendOtp(clientId, clientSecret, phoneNumber, email, expiry, hash, otpLength, channels, metadata)
Method Params:
Return
200 OK
{
"requestId": "82b2891ce5394eeb837cc9d7850fef68"
}
4XX
{
"message": "Invalid Request",
"description": "Request error: OTP Length is invalid. 4 and 6 only allowed"
}
9. verify otp V2
verifyOtp(clientId, clientSecret, requestId, otp)
Method Params:
Return
200 OK
{
"requestId": "bb85a5e777004c0fa1d4a5dc6f053cce",
"isOTPVerified": true,
"message": "OTP verified successfully"
}
4XX
{
"message": "Invalid Request",
"description": "Request error: Invalid token/request Id"
}
9. send magic link
generateMagicLink(clientId, clientSecret, phoneNumber, email, expiry, redirectURI, channels, metadata)
Method Params:
Return
200 OK
{
"requestId": "c4db2da14be94f44b2de64753ab8c30b"
}
4XX
{
"message": "Invalid Request",
"description": "Request error: Invalid redirect URI"
}
10. send otp link
generateOTPLink(clientId, clientSecret, phoneNumber, email, expiry, hash, otpLength, redirectURI, channels, metadata)
Method Params:
Return
200 OK
{
"requestId": "df0228c84de845d2ab1f377d0f407c68"
}
4XX
{
"message": "Invalid Request",
"description": "Request error: Invalid phone number's channel"
}
9. verify code
verifyCode(clientId, clientSecret, code)
Method Params:
Return
200 OK
{
"requestId": "7bb4738eXXXXXXXXXX",
"message": "Code verified successfully",
"userDetails": {
"token": "7bXX4738eXXXXXXXXXX",
"timestamp": "2024-05-29T14:09:42Z",
"identities": [
{
"identityType": "MOBILE",
"identityValue": "9195XXXXXXXX",
"channel": "WHATSAPP",
"methods": ["WHATSAPP"],
"name": "XXX",
"verified": true,
"verifiedAt": "2024-05-29T14:09:01Z"
}
],
"network": {
"ip": "35.154.XX.XXX",
"timezone": "Asia/Kolkata",
"ipLocation": {
"city": {
"name": "Mumbai"
},
"subdivisions": {
"code": "MH",
"name": "Maharashtra"
},
"country": {
"code": "IN",
"name": "India"
},
"continent": {
"code": "AS"
},
"latitude": 11.0748,
"longitude": 22.8856,
"postalCode": "123456"
}
},
"deviceInfo": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15"
}
}
}
4XX
{
"message": "Expired",
"description": "Request error: Token is expired"
}
11. initiateOAuth
initiateOAuth(clientId, clientSecret, channels, redirectURI, expiry, metadata)
Method Params:
Return
200 OK
{
"requestId": "7bb4738e978XXXXXXX",
"link": "whatsapp://send?phone=919XXXXXX&text=%E2%80%8E%E2%80%8C%E2%80%8E%E2%80%8E%E2%80%8E%E2%80%8C%E2%80%8D%E2%80%8B%E2%80%8B%E2%80%8B%E2%80%8D%E2%80%8C%E2%80%8E%E2%80%8B%E2%80%8B%E2%80%8ESend%20message%20to%20sign%20in"
}
4XX
{
"message": "Invalid Request",
"description": "Request error: Invalid redirect URI"
}
12. check status
checkStatus($clientId, $clientSecret, $requestId)
Method Params:
Return
200 OK
{
"token": "5b59fd875e6848d6bd1c97aefe83d8b5",
"timestamp": "2024-05-30T08:12:18Z",
"identities": [
{
"identityType": "MOBILE",
"identityValue": "9195XXXX3993",
"channel": "WHATSAPP",
"methods": ["WHATSAPP"],
"name": "viKi!",
"verified": true,
"verifiedAt": "2024-05-30T08:11:24Z"
}
],
"network": {
"ip": "13.235.XX.XXX",
"timezone": "Asia/Kolkata",
"ipLocation": {
"city": {
"name": "Mumbai"
},
"subdivisions": {
"code": "MH",
"name": "Maharashtra"
},
"country": {
"code": "IN",
"name": "India"
},
"continent": {
"code": "AS"
},
"latitude": 11.0748,
"longitude": 22.8856,
"postalCode": "123456"
}
},
"deviceInfo": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15"
}
}
4XX
{
"message": "Invalid Request",
"description": "Request error: Invalid token/request Id"
}