tkhamez/eve-sso

EVE Online - SSO

5.0.0 2024-01-26 21:18 UTC

This package is auto-updated.

Last update: 2024-03-26 21:39:50 UTC


README

build Test Coverage

EVE Online SSO

PHP package supporting EVE Online SSO v2 (flow for web based applications) including JWT signature verification.

Install

To install the library via Composer, execute:

composer require tkhamez/eve-sso

Example Usage

// Initiate provider object
// (if you do not provide all optional URLs this will make a request to the metadata URL to
// get them).
try {
    $provider = new Eve\Sso\AuthenticationProvider(
        [
            // required
            'clientId'       => 'your-EVE-app-client-ID',
            'clientSecret'   => 'your-EVE-app-secret-key',
            'redirectUri'    => 'https://your-callback.url',
    
            // optional
            'urlAuthorize'   => 'https://login.eveonline.com/v2/oauth/authorize',
            'urlAccessToken' => 'https://login.eveonline.com/v2/oauth/token',
            'urlRevoke'      => 'https://login.eveonline.com/v2/oauth/revoke',
            'urlKeySet'      => 'https://login.eveonline.com/oauth/jwks',
            'issuer'         => 'https://login.eveonline.com',
            'urlMetadata' => 'https://login.eveonline.com/.well-known/oauth-authorization-server',
        ],
    
        // Add all required scopes.
        ['esi-mail.read_mail.v1', 'esi-skills.read_skills.v1'],
    
        // Optionally use your own HTTP client.
        httpClient: new GuzzleHttp\Client(),
    
        // Optionally add a logger to log exception that are caught from libraries
        // (any class implementing Psr\Log\LoggerInterface, the example uses monolog/monolog
        // which is not included in this package).
        logger: new Monolog\Logger('SSO', [new Monolog\Handler\StreamHandler('/path/to/logfile')])
    );
} catch (Exception $e) {
    echo $e->getMessage();
}

// Optionally disable signature verification.
$provider->setSignatureVerification(false);
// Login URL
session_start();
$_SESSION['state'] = $provider->generateState();
$loginUrl = $provider->buildLoginUrl($_SESSION['state']);
header("Location: $loginUrl");
// Callback URL
session_start();
try {
    $auth = $provider->validateAuthenticationV2($_GET['state'], $_SESSION['state'], $_GET['code']);
} catch (Exception $e) {
    echo $e->getMessage();
}

// Store the token data somewhere
$refreshToken = $auth->getToken()->getRefreshToken();
$accessToken = $auth->getToken()->getToken();
$expires = $auth->getToken()->getExpires();
// ...
// Refreshes access token, if necessary.
$existingToken = new League\OAuth2\Client\Token\AccessToken([
    'refresh_token' => $refreshToken,
    'access_token' => $accessToken,
    'expires' => $expires,
]);
try {
    $token = $provider->refreshAccessToken($existingToken);
} catch (Exception $e) {
    echo $e->getMessage();
}

Dev Env

docker build --tag eve-sso .
docker run -it --mount type=bind,source="$(pwd)",target=/app --workdir /app eve-sso /bin/sh