Download the PHP package mperusso/openid-connect-php without Composer

On this page you can find all versions of the php package mperusso/openid-connect-php. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package openid-connect-php

PHP OpenID Connect Basic Client

A simple library that allows an application to authenticate a user through the basic OpenID Connect flow. This library hopes to encourage OpenID Connect use by making it simple enough for a developer with little knowledge of the OpenID Connect protocol to set up authentication.

A special thanks goes to Justin Richer and Amanda Anganes for their help and support of the protocol.

Requirements

  1. PHP 7.0 or greater
  2. CURL extension
  3. JSON extension

Install

  1. Install library using composer

  2. Include composer autoloader

Example 1: Basic Client

See openid spec for available user attributes

Example 2: Dynamic Registration

Example 3: Network and Security

Example 4: Request Client Credentials Token

Example 5: Request Resource Owners Token (with client auth)

Example 6: Basic client for implicit flow e.g. with Azure AD B2C (see http://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth)

Example 7: Introspection of an access token (see https://tools.ietf.org/html/rfc7662)

Example 8: PKCE Client

Example 9: Back-channel logout

Back-channel authentication assumes you can end a session on the server side on behalf of the user (without relying on their browser). The request is a POST from the OP direct to your RP. In this way, the use of this library can ensure your RP performs 'single sign out' for the user even if they didn't have your RP open in a browser or other device, but still had an active session there.

Either the sid or the sub may be accessible from the logout token sent from the OP. You can use either getSidFromBackChannel() or getSubjectFromBackChannel() to retrieve them if it is helpful to match them to a session in order to destroy it.

The below ensures the use of this library to ensure validation of the back-channel logout token, but is afterward just a hypothetical way of finding such a session and destroying it. Adjust it to the needs of your RP.

Example 10: Enable Token Endpoint Auth Methods

By default, only client_secret_basic is enabled on client side which was the only supported for a long time. Recently client_secret_jwt and private_key_jwt have been added, but they remain disabled until explicitly enabled.

Development Environments

In some cases you may need to disable SSL security on your development systems. Note: This is not recommended on production systems.

Also, your local system might not support HTTPS, so you might disable upgrading to it:

Todo

Contributing


All versions of openid-connect-php with dependencies

PHP Build Version
Package Version
Requires php Version >=7.0
ext-json Version *
ext-curl Version *
phpseclib/phpseclib Version ~3.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package mperusso/openid-connect-php contains the following files

Loading the files please wait ....