{"id":23219114,"url":"https://github.com/b2pweb/parroauth2-client","last_synced_at":"2025-08-08T05:11:13.021Z","repository":{"id":38453579,"uuid":"399821025","full_name":"b2pweb/parroauth2-client","owner":"b2pweb","description":"OAuth 2 and OpenID connect client in PHP","archived":false,"fork":false,"pushed_at":"2025-08-04T09:00:28.000Z","size":326,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"2.0","last_synced_at":"2025-08-04T10:57:45.649Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/b2pweb.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-08-25T13:02:35.000Z","updated_at":"2025-08-04T08:51:59.000Z","dependencies_parsed_at":"2024-06-19T17:53:03.014Z","dependency_job_id":"81598806-4d66-4c65-a930-b14069207083","html_url":"https://github.com/b2pweb/parroauth2-client","commit_stats":{"total_commits":83,"total_committers":4,"mean_commits":20.75,"dds":0.6024096385542168,"last_synced_commit":"1fbbe514e34a0525f105042c62e39e3c86bb0239"},"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/b2pweb/parroauth2-client","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b2pweb%2Fparroauth2-client","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b2pweb%2Fparroauth2-client/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b2pweb%2Fparroauth2-client/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b2pweb%2Fparroauth2-client/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/b2pweb","download_url":"https://codeload.github.com/b2pweb/parroauth2-client/tar.gz/refs/heads/2.0","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b2pweb%2Fparroauth2-client/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":268699179,"owners_count":24292419,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-04T02:00:09.867Z","response_time":79,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-18T21:19:19.366Z","updated_at":"2025-08-08T05:11:13.010Z","avatar_url":"https://github.com/b2pweb.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Parroauth2 Client\n[![build](https://github.com/b2pweb/parroauth2-client/actions/workflows/php.yml/badge.svg)](https://github.com/b2pweb/parroauth2-client/actions/workflows/php.yml)\n[![Packagist Version](https://img.shields.io/packagist/v/b2pweb/parroauth2-client.svg)](https://packagist.org/packages/b2pweb/parroauth2-client)\n[![Total Downloads](https://img.shields.io/packagist/dt/b2pweb/parroauth2-client.svg)](https://packagist.org/packages/b2pweb/parroauth2-client)\n[![Type Coverage](https://shepherd.dev/github/b2pweb/parroauth2-client/coverage.svg)](https://shepherd.dev/github/b2pweb/parroauth2-client)\n\nOAuth 2.0 and OpenID Connect client library for PHP. \n\n## Installation\n\nInstall with composer :\n\n```bash\ncomposer require b2pweb/parroauth2-client\n```\n\n## Simple usage\n\nFor a simple usage, using **Authorization Server Metadata** [RFC 8414](https://datatracker.ietf.org/doc/html/rfc8414)\nor [OpenID Connection discovery](https://openid.net/specs/openid-connect-discovery-1_0.html), you can see [example](./example) directory.\n\n### [Password authentication](./example/password.php)\n\nAuthenticate to a provider using **password** grant type (cf: [RFC 6749#4.3](https://datatracker.ietf.org/doc/html/rfc6749#section-4.3)).\n\nThis example simply configure the OAuth 2.0 client, and call the token endpoint of the provider with owner's credentials (i.e. username and password).\n\n### [Standard authentication flow](./example/standard.php)\n\nImplements the client-side authentication using **authorization_code** grant type (cf: [RFC 6749#4.1](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1))\nwhich is the recommended authorization flow.\n\n- First the session storage is configured\n- Then the provider and the client are loaded\n- Register extensions\n  - `JwtAccessToken` to enable local introspection of the access token\n  - `Pkce` to enable PKCE [RFC 7636](https://datatracker.ietf.org/doc/html/rfc7636) to mitigate authorization code interception attack\n  - `IdTokenValidator` (only for OpenID) to enable verification of the ID Token\n  - `TokenStorage` store the access token into session, and provide it into oauth endpoints\n  - `RequiredScopeValidator` assert given scopes are provided in the access token.\n- Perform the authentication process if the token is not present or expired, by using `AuthorizationCodeFlow`\n- Once authenticated, perform userinfo and introspection\n- Also implements the **logout** action, using revocation endpoint and redirect to the OP for stop the session\n\n### [Access token check on server side](./example/server_resource.php)\n\nCheck the access token passed as **Authorization: Bearer** header using local introspection.\n\n## Advanced usage\n\n### Configure provider manually\n\nIf the authentication provider do not implement the auto-discovery, or you want to configure manually,\nyou can use the `ProviderBuilder` :\n\n```php\n$loader = new \\Parroauth2\\Client\\Provider\\ProviderLoader();\n\n// Configure and create the provider\n$provider = $loader-\u003ebuilder('http://my-op.example.com')\n    -\u003eopenid() // Enable openid connection on the endpoint\n\n    // Configure endpoints\n    -\u003etokenEndPoint('/token')\n    -\u003eauthorizationEndPoint('/auth')\n    -\u003eintrospectionEndPoint('/introspect')\n    \n    // Configure public key for local introspection\n    -\u003eaddKeyFile('./keys/provider.pub')\n    \n    -\u003ecreate()\n;\n\n// Create the client\n$client = $provider-\u003eclient((new \\Parroauth2\\Client\\ClientConfig('client_id'))-\u003esetSecret('secret'));\n```\n\n### Lazy provider\n\nIn some case, you should delay the loading of the provider, and only load it when it's necessary.\nThis is necessary when use a dependency injection container which inject the client or the provider\ninto a service.\n\nIn this context you can use `ProviderLoader::lazy()`, which allows loading provider\nonly when calling OP endpoints.\n\n### Design consideration\n\n#### EndPoints\n\nEnd points are immutable, any call to setters will return a new instance of the endpoint.\n\nSo the following code is invalid :\n\n```php\n/** @var $client \\Parroauth2\\Client\\ClientInterface */\n$token = $client-\u003eendPoints()-\u003etoken();\n$token-\u003erefresh('MyRefreshToken'); // This instruction has no effect : the return value is ignored\n\n$token-\u003ecall(); // This call will fail : no token has been provided\n```\n\nTo save a state, like provide a token, you should use Extensions with an `EndPointTransformerInterface`,\nor inject parameters manually at each endpoint calls.\n\n#### Extensions\n\nExtension consist of a class with single method `configure()` which takes the client as parameter.\nThey permit modifying or configuring any mutable elements of client like :\n- Change client configuration\n- Register or replace an end point\n- Register an `EndPointTransformerInterface`\n\nTo simply apply an endpoint transformer, you can inherit `AbstractEndPointTransformerExtension`,\nimplement the desired endpoint transformation method, and use `CallableEndPointInterface::onResponse()`\nto intercept responses.\n\n\u003e Note: because endpoints are immutable, the endpoint transformer must return the configured instance\n\u003e of the endpoint\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fb2pweb%2Fparroauth2-client","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fb2pweb%2Fparroauth2-client","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fb2pweb%2Fparroauth2-client/lists"}