Download the PHP package devmahmoudmustafa/laravel-nafath without Composer

On this page you can find all versions of the php package devmahmoudmustafa/laravel-nafath. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravel-nafath

Laravel Nafath Package

📌 This package integrates with Nafath API provided by Elm Company

To obtain credentials (APP_ID, APP_KEY), please contact Elm support team or visit Nafath Developer Portal

A professional Laravel package for integrating with Nafath - Saudi Arabia's National Authentication System via Elm Platform. This package provides ready-to-use endpoints and makes it easy for anyone to integrate Nafath authentication into their Laravel applications.


✨ Why Use This Package?

💡 Important: You can use all endpoints via HTTP requests directly - no need to use DTOs or PHP code unless you specifically need programmatic access from PHP.


📋 Requirements


📥 Installation

Step 1: Install Package

Step 2: Publish & Run Migrations

Step 3: Configure Environment

Add to your .env file:

That's it! The package is ready to use.


🔄 How Nafath Integration Works

Complete Workflow Flow

Key Points

  1. Create Request → User sees verification code
  2. User Action → User approves/rejects in Nafath mobile app
  3. Callback (Source of Truth) → Your server receives update automatically with JWT token
  4. Business Logic → Process the callback, authenticate user, update application
  5. Optional request-info → Use for UI updates or if callback fails

🎯 Available Endpoints

The package provides ready-to-use HTTP endpoints. All endpoints are automatically registered and available at /nafath/* (configurable).

💡 You can use these endpoints directly via HTTP requests - no DTOs or PHP code needed! DTOs are only optional if you want to call from PHP code with type safety.

1. Create Request

Endpoint: POST /nafath/create-request

Purpose: Create a new Nafath authentication request.

When to Use: When user wants to authenticate via Nafath.

Request:

Request Fields:

Response:

Usage: Show the random code to the user. They will enter it in the Nafath app.


2. Get Status

Endpoint: POST /nafath/get-status

Purpose: Check the current status of a request at any time.

When to Use:

Request:

Response:

Status Values:

Usage: Call this endpoint anytime to check request status. It's completely independent and works regardless of callback status.


3. Callback (Source of Truth) ⭐

Endpoint: POST /nafath/callback

Purpose: Receives automatic updates when user approves/rejects the request.

When to Use: This is called automatically by Nafath servers. You handle it via Events.

Request (from Nafath):

Response:

Why It's the Source of Truth:

How to Handle:

Option 1: Using Events (Recommended)

Option 2: Direct Processing The callback endpoint automatically:

You can access the data via events or by querying the database.


4. Request Info (Optional)

Endpoint: POST /nafath/request-info

Purpose: Get decrypted user data. Use for UI updates or as fallback.

When to Use:

Request:

Response:

Important Note: The request-info endpoint reflects user actions (approval/rejection) approximately 20-30 seconds after the user interacts with the Nafath app. This is normal behavior from Nafath's side.

Use Cases:

Don't rely on it as primary source - the callback endpoint is faster and receives updates immediately.


5. Get JWK

Endpoint: GET /nafath/jwk

Purpose: Get JSON Web Keys for manual JWT verification.

When to Use: If you need to verify JWT tokens manually (usually not needed - package handles it automatically).

Response:


6. Simulate User Action (Development Only)

Endpoint: POST /nafath/simulate

Purpose: Simulate user approval/rejection for testing.

When to Use: In development mode only, for testing without real Nafath app.

Request:

Note: Only available in development mode. Returns 403 in production.

Test National ID: 1002133393 (provided by Elm for testing)


📖 Step-by-Step Usage Guide

Step 1: Create Request

What Happens:

Code Example:

Option 1: Using HTTP Endpoint (Recommended - No DTOs needed)

Simply call the HTTP endpoint from your frontend or any HTTP client:

Option 2: Using PHP Code (Optional - Only if you need programmatic access)

If you need to call from PHP code, you can use Facades. DTOs are optional:

Note: You don't need to use DTOs - HTTP endpoints work directly. DTOs are only needed if you're calling from PHP code and want type safety.

What to Do:


Step 2: User Action

What Happens:

Code Needed: None - handled by Nafath app.


Step 3: Receive Callback (Source of Truth)

What Happens:

Code Example:

What to Do:

Why Callback is Source of Truth:


Step 4: Business Logic

What Happens:

Code Example:


Step 5: Optional - Request Info for UI

What Happens:

When to Use:

Code Example:

Option 1: Using HTTP Endpoint (Recommended - No DTOs needed)

Option 2: Using PHP Code (Optional - Only if you need programmatic access)

Note: HTTP endpoints work directly - no DTOs needed. DTOs are only for PHP code if you want type safety.

Important:


Step 6: Check Status (Anytime - Independent)

What Happens:

When to Use:

Code Example:

Option 1: Using HTTP Endpoint (Recommended - No DTOs needed)

Option 2: Using PHP Code (Optional - Only if you need programmatic access)

Note: HTTP endpoints work directly - no DTOs needed. DTOs are only for PHP code if you want type safety.

Status Values:

Important Notes:

Typical Use Cases:

  1. Status check - Verify if request expired or was rejected
  2. UI updates - Show current status to user (polling or on-demand)
  3. Before processing - Check status before proceeding with business logic
  4. Independent verification - Check status without relying on callback

🎯 Events System

The package fires events when callbacks are received. Listen to these events to handle user actions:

Available Events

Event When Fired Contains
NafathRequestCompleted User approves request jwtPayload with user data
NafathRequestRejected User rejects request Request details
NafathRequestExpired Request expires Request details
NafathCallbackReceived Any callback received Full callback data

Example: Listen to Completed Requests


⚙️ Configuration

Essential Settings

Add to your .env:

Note: The service field in create-request is optional. If not provided, it uses NAFATH_DEFAULT_SERVICE from config (default: DigitalServiceEnrollmentWithoutBio).

API Mode

Development Mode:

Production Mode:

See config/nafath.php for all available options.


🔧 Artisan Commands


🧪 Testing

Test National ID

For development testing, use National ID: 1002133393

This ID is provided by Elm for testing purposes. Contact Elm Support to confirm or get other test IDs.

Simulate User Action

In development mode, use /nafath/simulate endpoint to simulate user approval without the real Nafath app.


📚 Documentation


🤝 Contributing

Contributions are welcome! Please see CONTRIBUTING.md for details.


📝 License

MIT License - see LICENSE for details.


🔗 Links


💬 Support

For support and questions, please open an issue on GitHub.


All versions of laravel-nafath with dependencies

PHP Build Version
Package Version
Requires php Version ^8.1
laravel/framework Version ^10.0|^11.0|^12.0
firebase/php-jwt Version ^7.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package devmahmoudmustafa/laravel-nafath contains the following files

Loading the files please wait ...