1. Go to this page and download the library: Download facile-it/php-openid-client library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
facile-it / php-openid-client example snippets
use Facile\OpenIDClient\Client\ClientBuilder;
use Facile\OpenIDClient\Issuer\IssuerBuilder;
use Facile\OpenIDClient\Client\Metadata\ClientMetadata;
use Facile\OpenIDClient\Service\Builder\AuthorizationServiceBuilder;
use Facile\OpenIDClient\Service\Builder\UserInfoServiceBuilder;
use Psr\Http\Message\ServerRequestInterface;
$issuer = (new IssuerBuilder())
->build('https://example.com/.well-known/openid-configuration');
$clientMetadata = ClientMetadata::fromArray([
'client_id' => 'client-id',
'client_secret' => 'my-client-secret',
'token_endpoint_auth_method' => 'client_secret_basic', // the auth method tor the token endpoint
'redirect_uris' => [
'https://my-rp.com/callback',
],
]);
$client = (new ClientBuilder())
->setIssuer($issuer)
->setClientMetadata($clientMetadata)
->build();
// Authorization
$authorizationService = (new AuthorizationServiceBuilder())->build();
$redirectAuthorizationUri = $authorizationService->getAuthorizationUri(
$client,
['login_hint' => 'user_username'] // custom params
);
// you can use this uri to redirect the user
// Get access token
/** @var ServerRequestInterface::class $serverRequest */
$serverRequest = null; // get your server request
$callbackParams = $authorizationService->getCallbackParams($serverRequest, $client);
$tokenSet = $authorizationService->callback($client, $callbackParams);
$idToken = $tokenSet->getIdToken(); // Unencrypted id_token, if returned
$accessToken = $tokenSet->getAccessToken(); // Access token, if returned
$refreshToken = $tokenSet->getRefreshToken(); // Refresh token, if returned
// check if we have an authenticated user
if ($idToken) {
$claims = $tokenSet->claims(); // IdToken claims
} else {
throw new \RuntimeException('Unauthorized')
}
// Refresh token
$tokenSet = $authorizationService->refresh($client, $tokenSet->getRefreshToken());
// Get user info
$userInfoService = (new UserInfoServiceBuilder())->build();
$userInfo = $userInfoService->getUserInfo($client, $tokenSet);
use Facile\OpenIDClient\Service\Builder\IntrospectionServiceBuilder;
$service = (new IntrospectionServiceBuilder())->build();
$params = $service->introspect($client, $token);
use Facile\OpenIDClient\Service\Builder\RevocationServiceBuilder;
$service = (new RevocationServiceBuilder())->build();
$params = $service->revoke($client, $token);
use Facile\OpenIDClient\RequestObject\RequestObjectFactory;
$factory = new RequestObjectFactory();
$requestObject = $factory->create($client, [/* custom claims to
use Facile\OpenIDClient\Claims\AggregateParser;
use Facile\OpenIDClient\Claims\DistributedParser;
$aggregatedParser = new AggregateParser();
$claims = $aggregatedParser->unpack($client, $userInfo);
$distributedParser = new DistributedParser();
$claims = $distributedParser->fetch($client, $userInfo);
use Facile\OpenIDClient\Middleware\SessionCookieMiddleware;
use Psr\SimpleCache\CacheInterface;
// Use your PSR-16 simple-cache implementation to persist sessions
/** @var CacheInterface $cache */
$middleware = new SessionCookieMiddleware($cache/* , $cookieName = "openid", $ttl = 300 */);
use Facile\OpenIDClient\Middleware\ClientProviderMiddleware;
$client = $container->get('openid.clients.default');
$middleware = new ClientProviderMiddleware($client);
use Facile\OpenIDClient\Middleware\AuthRequestProviderMiddleware;
use Facile\OpenIDClient\Authorization\AuthRequest;
$authRequest = AuthRequest::fromParams([
'scope' => 'openid',
// other params...
]);
$middleware = new AuthRequestProviderMiddleware($authRequest);
use Facile\OpenIDClient\Middleware\AuthRedirectHandler;
use Facile\OpenIDClient\Service\AuthorizationService;
/** @var AuthorizationService $authorizationService */
$authorizationService = $container->get(AuthorizationService::class);
$middleware = new AuthRedirectHandler($authorizationService);
use Facile\OpenIDClient\Middleware\CallbackMiddleware;
use Facile\OpenIDClient\Service\AuthorizationService;
/** @var AuthorizationService $authorizationService */
$authorizationService = $container->get(AuthorizationService::class);
$middleware = new CallbackMiddleware($authorizationService);
use Facile\OpenIDClient\Middleware\UserInfoMiddleware;
use Facile\OpenIDClient\Service\UserInfoService;
/** @var UserInfoService $userInfoService */
$userInfoService = $container->get(UserInfoService::class);
$middleware = new UserInfoMiddleware($userInfoService);
use Psr\SimpleCache\CacheInterface;
use Facile\OpenIDClient\Issuer\IssuerBuilder;
use Facile\OpenIDClient\Issuer\Metadata\Provider\MetadataProviderBuilder;
use Facile\JoseVerifier\JWK\JwksProviderBuilder;
/** @var CacheInterface $cache */
$cache = $container->get(CacheInterface::class); // get your simple-cache implementation
$metadataProviderBuilder = (new MetadataProviderBuilder())
->setCache($cache)
->setCacheTtl(86400*30); // Cache metadata for 30 days
$jwksProviderBuilder = (new JwksProviderBuilder())
->setCache($cache)
->setCacheTtl(86400); // Cache JWKS for 1 day
$issuerBuilder = (new IssuerBuilder())
->setMetadataProviderBuilder($metadataProviderBuilder)
->setJwksProviderBuilder($jwksProviderBuilder);
$issuer = $issuerBuilder->build('https://example.com/.well-known/openid-configuration');
composer
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.