Download the PHP package juliuspc/openid-connect-php without Composer

On this page you can find all versions of the php package juliuspc/openid-connect-php. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package openid-connect-php

PHP OpenID Connect Client

A simple library that allows an application to authenticate a user through the basic OpenID Connect flow. This library hopes to encourage OpenID Connect use by making it simple enough for a developer with little knowledge of the OpenID Connect protocol to setup authentication.

This library is a fork of jumbojett/OpenID-Connect-PHP, which seems to be discontinued. For progress being made on fixing bugs of the original library see this wiki page.

Supported Specifications

Requirements

  1. PHP 7.3 or greater
  2. JSON extension

Install

  1. Install library using composer

  2. Include composer autoloader

Example 1: Basic Client

This example uses the Authorization Code flow and will also use PKCE if the OpenID Provider announces it in his Discovery document. If you are not sure, which flow you should choose: This one is the way to go. It is the most secure and versatile flow.

See OpenID Connect spec for available user attributes

Example 2: Dynamic Registration

Example 3: Network and Security

Example 4: Request Client Credentials Token

Example 5: Basic client for Implicit Flow

The Implicit Flow should be considered a legacy flow and not used if authorization code grant can be used. Due to its disadvantages and poor security, the implicit flow will be obsoleted with the upcoming OAuth 2.1 standard. See Example 1 for alternatives.

Example 6: Introspection of an access token

Introspection as defined in RFC 7662 is intended to get information about the token without needing to parse it. Especially in case of so called reference token, which are random strings and do not contain information.

Example 7: PKCE Client

PKCE is already configured used in most szenarios in Example 1. This example shows two special things:

  1. You may omit the client secret, if your OpenID Provider allows you to do so and if it is really needed for your use case. This is a rare use case, since PHP applications are typically confidential OAuth clients and thus don’t leak a client secret.
  2. Explicitly setting the Code Challenge Method via setCodeChallengeMethod(). This enables PKCE in case your OpenID Provider doesn’t announce support for it in the discovery document, but supports it anyway.

Development Environments

In some cases you may need to disable TLS certificate validation on on your development systems. Note: This is not recommended on production systems.

Unit Tests

Run the unit tests:

./vendor/bin/phpunit tests

Generate a code coverage report (open html/index.html in a browser to view results):

XDEBUG_MODE=coverage ./vendor/bin/phpunit --coverage-html html tests/

Note: You may need to install Xdebug to make this work.

Todo

Contributing


All versions of openid-connect-php with dependencies

PHP Build Version
Package Version
Requires php Version >=7.3
phpseclib/phpseclib Version ~2.0
ext-json Version *
guzzlehttp/guzzle Version ^7
guzzlehttp/psr7 Version ^1.8
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package juliuspc/openid-connect-php contains the following files

Loading the files please wait ....