Download the PHP package phant/auth without Composer
On this page you can find all versions of the php package phant/auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Informations about the package auth
Auth
Presentation
The authentication service is intended to manage access (Applications and Users) to applications and APIs.
The application wishing to use this service must first obtain an API key (to be generated).
Authentication service aims to provide an access token allowing access of applications and users.
Obtaining the access token is subject to various methods.
The access token has a limited lifetime. It embeds data relating to its applicant (application, user).
Technologies used
PHP 8.1
Composer
for dependencies management (PHP)
Installation
composer install
Request access
For each use case the following setup is required.
From API key
Process :
- The application requests an access token by providing its API key,
- The service provides an access token.
From Otp
Process :
- The application asks the user to authenticate himself by providing his contact details (last name, first name and e-mail address),
- The application generates an access request by providing its identity and the user's contact details (last name, first name and e-mail address),
- The service generates an Otp and requests its sending to the user,
- The user receives an Otp,
- The application retrieves the Otp from the user,
- The user transmits the received Otp to the application,
- The application verifies the Otp with the service,
- The application requests an access token,
- The service provides an access token.
The Otp is sent to user by your own OtpSender service (e-mail, SMS, etc.).
From third party
Process :
- The application generates an access request by providing its identity,
- The service generates an Access-Request and returns an Access-Request Token,
- The application forwards the authentication request to the third party service by passing the access request token,
- The user authenticates with the third-party authentication service,
- The application retrieves the user authentication result,
- The application declares the authentication result,
- The service takes note of the authentication.
- The service provides an access token.
Access token
The access token is a JWT.
For each use case the following setup is required.
JWT decrypt method
The application may need the public key for the following uses :
- check the integrity of the token,
- extract data from the token.
Verification
The application can verify the integrity of the token with the service.
Get payload
The app can get the token payload from the service.