PHP download

Download the PHP package autisid/oidc-client without Composer

On this page you can find all versions of the php package autisid/oidc-client. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download autisid/oidc-client
More information about autisid/oidc-client
Files in autisid/oidc-client

Vendor autisid
Package oidc-client
Short Description OpenID Connect client
License Apache-2.0

Keywords client SSO rfc6749 OpenID Connect oauth 2 oidc RFC7009 rfc7636 RFC7662

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of autisid/oidc-client

Informations about the package oidc-client

PHP OpenID Connect Basic Client

A simple library that allows an application to authenticate a user through the basic OpenID Connect flow. This library hopes to encourage OpenID Connect use by making it simple enough for a developer with little knowledge of the OpenID Connect protocol to setup authentication.

This package is a complete refactor of JuliusPC/OpenID-Connect-PHP.

Supported Specifications

Requirements

PHP 8.1+
JSON extension
MBString extension
(Optional) One between GMP or BCMath extension to allow faster cipher key operations (for JWT; see here for more information)

Install

Install using composer:

Examples

Example 1: Basic Client

This example uses the Authorization Code flow and will also use PKCE if the OpenID Provider announces it in his Discovery document. If you are not sure, which flow you should choose: This one is the way to go. It is the most secure and versatile.

See OpenID Connect spec for available user attributes

Example 2: Dynamic Registration

Example 3: Network and Security

You should always use HTTPS for your application. If you are using a self-signed certificate, you can disable the SSL verification by calling the verifySsl method on the client and, if you have it, set a custom certificate with certPath method (this works only if verifySsl is set to false).

You can also setup a proxy via the httpProxy.

Example 4: Implicit flow

Reference: https://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth

The implicit flow should be considered a legacy flow and not used if authorization code grant can be used. Due to its disadvantages and poor security, the implicit flow will be obsoleted with the upcoming OAuth 2.1 standard. See Example 1 for alternatives.

Example 5: Introspection of an access token

Reference: https://tools.ietf.org/html/rfc7662

Example 6: PKCE Client

PKCE is already configured and used in most scenarios in Example 1. This example shows you how to explicitly set the Code Challenge Method in the initial config. This enables PKCE in case your OpenID Provider doesn’t announce support for it in the discovery document, but supports it anyway.

Example 7: Token endpoint authentication method

By default, only client_secret_basic is enabled on client side which was the only supported for a long time. Recently client_secret_jwt and private_key_jwt have been added, but they remain disabled until explicitly enabled.

Note: A JWT generator is not included in this library yet.

Development Environments

Sometimes you may need to disable SSL security on your development systems. You can do it by calling the verify method with the false parameter. Note: This is not recommended on production systems.

Todo

Dynamic registration does not support registration auth tokens and endpoints

Contributing

All pull requests, once merged, should be added to the CHANGELOG.md file.

All versions of oidc-client with dependencies

PHP Build Version

Package Version

Version 1.0.2 Release 13. Mar 2023
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of oidc-client from vendor autisid

Requires php Version >=8.0
ext-json Version *
ext-mbstring Version *
cse/helpers-session Version ^1
lcobucci/clock Version ^2
lcobucci/jwt Version ~4.1
web-token/jwt-core Version ^3

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package autisid/oidc-client contains the following files

Loading the files please wait ....