Download the PHP package b2pweb/parroauth2-client without Composer
On this page you can find all versions of the php package b2pweb/parroauth2-client. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download b2pweb/parroauth2-client
More information about b2pweb/parroauth2-client
Files in b2pweb/parroauth2-client
Package parroauth2-client
Short Description B2P OAuth 2 client implementation
License MIT
Informations about the package parroauth2-client
Parroauth2 Client
OAuth 2.0 and OpenID Connect client library for PHP.
Installation
Install with composer :
Simple usage
For a simple usage, using Authorization Server Metadata RFC 8414 or OpenID Connection discovery, you can see example directory.
Password authentication
Authenticate to a provider using password grant type (cf: RFC 6749#4.3).
This example simply configure the OAuth 2.0 client, and call the token endpoint of the provider with owner's credentials (i.e. username and password).
Standard authentication flow
Implements the client-side authentication using authorization_code grant type (cf: RFC 6749#4.1) which is the recommended authorization flow.
- First the session storage is configured
- Then the provider and the client are loaded
- Register extensions
JwtAccessToken
to enable local introspection of the access tokenPkce
to enable PKCE RFC 7636 to mitigate authorization code interception attackIdTokenValidator
(only for OpenID) to enable verification of the ID TokenTokenStorage
store the access token into session, and provide it into oauth endpointsRequiredScopeValidator
assert given scopes are provided in the access token.
- Perform the authentication process if the token is not present or expired, by using
AuthorizationCodeFlow
- Once authenticated, perform userinfo and introspection
- Also implements the logout action, using revocation endpoint and redirect to the OP for stop the session
Access token check on server side
Check the access token passed as Authorization: Bearer header using local introspection.
Advanced usage
Configure provider manually
If the authentication provider do not implement the auto-discovery, or you want to configure manually,
you can use the ProviderBuilder
:
Lazy provider
In some case, you should delay the loading of the provider, and only load it when it's necessary. This is necessary when use a dependency injection container which inject the client or the provider into a service.
In this context you can use ProviderLoader::lazy()
, which allows loading provider
only when calling OP endpoints.
Design consideration
EndPoints
End points are immutable, any call to setters will return a new instance of the endpoint.
So the following code is invalid :
To save a state, like provide a token, you should use Extensions with an EndPointTransformerInterface
,
or inject parameters manually at each endpoint calls.
Extensions
Extension consist of a class with single method configure()
which takes the client as parameter.
They permit modifying or configuring any mutable elements of client like :
- Change client configuration
- Register or replace an end point
- Register an
EndPointTransformerInterface
To simply apply an endpoint transformer, you can inherit AbstractEndPointTransformerExtension
,
implement the desired endpoint transformation method, and use CallableEndPointInterface::onResponse()
to intercept responses.
Note: because endpoints are immutable, the endpoint transformer must return the configured instance of the endpoint
All versions of parroauth2-client with dependencies
ext-json Version *
php-http/client-common Version ~2.4
php-http/discovery Version ~1.14
psr/http-message-implementation Version ~1.0
psr/http-factory-implementation Version ~1.0
psr/http-message Version ~1.0
psr/http-client Version ~1.0
psr/http-factory Version ~1.0
psr/simple-cache Version ~1.0|~2.0|~3.0
spomky-labs/base64url Version ~2.0
web-token/jwt-signature Version ~1.3|~2.0|~3.0
web-token/jwt-checker Version ~1.3|~2.0|~3.0
web-token/jwt-key-mgmt Version ~1.3|~2.0|~3.0
web-token/jwt-signature-algorithm-ecdsa Version ~1.3|~2.0|~3.0
web-token/jwt-signature-algorithm-eddsa Version ~1.3|~2.0|~3.0
web-token/jwt-signature-algorithm-hmac Version ~1.3|~2.0|~3.0
web-token/jwt-signature-algorithm-none Version ~1.3|~2.0|~3.0
web-token/jwt-signature-algorithm-rsa Version ~1.3|~2.0|~3.0
b2pweb/jwt Version ~1.0