{"id":36978681,"url":"https://github.com/xauth-ecosystem/oauth2-xauthconnect","last_synced_at":"2026-01-13T22:48:12.165Z","repository":{"id":318740916,"uuid":"1076370655","full_name":"xauth-ecosystem/oauth2-xauthconnect","owner":"xauth-ecosystem","description":"An OAuth 2.0 client provider for integrating with an XAuthConnect authorization server. This library is built to work with the popular league/oauth2-client package.","archived":false,"fork":false,"pushed_at":"2025-12-30T06:15:21.000Z","size":76,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-02T16:37:28.105Z","etag":null,"topics":["identity-provider","league-oauth2","library","oauth2-client","php","xauth-connect","xauth-ecosystem"],"latest_commit_sha":null,"homepage":"https://packagist.org/packages/xauth/oauth2-xauthconnect","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xauth-ecosystem.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-14T19:05:17.000Z","updated_at":"2025-12-30T11:57:58.000Z","dependencies_parsed_at":"2025-10-21T22:26:14.853Z","dependency_job_id":null,"html_url":"https://github.com/xauth-ecosystem/oauth2-xauthconnect","commit_stats":null,"previous_names":["newlandpe/oauth2-xauthconnect","xauth-ecosystem/oauth2-xauthconnect"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/xauth-ecosystem/oauth2-xauthconnect","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xauth-ecosystem%2Foauth2-xauthconnect","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xauth-ecosystem%2Foauth2-xauthconnect/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xauth-ecosystem%2Foauth2-xauthconnect/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xauth-ecosystem%2Foauth2-xauthconnect/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xauth-ecosystem","download_url":"https://codeload.github.com/xauth-ecosystem/oauth2-xauthconnect/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xauth-ecosystem%2Foauth2-xauthconnect/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28403742,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-13T21:51:37.118Z","status":"ssl_error","status_checked_at":"2026-01-13T21:45:14.585Z","response_time":56,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["identity-provider","league-oauth2","library","oauth2-client","php","xauth-connect","xauth-ecosystem"],"created_at":"2026-01-13T22:48:11.505Z","updated_at":"2026-01-13T22:48:12.153Z","avatar_url":"https://github.com/xauth-ecosystem.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# XAuthConnect Provider for The PHP League OAuth 2.0 Client\n\n[![Latest Stable Version](https://img.shields.io/packagist/v/xauth/oauth2-xauthconnect.svg?label=Packagist\u0026logo=packagist)](https://packagist.org/packages/xauth/oauth2-xauthconnect)\n[![Total Downloads](https://img.shields.io/packagist/dt/xauth/oauth2-xauthconnect.svg?label=Downloads\u0026logo=packagist)](https://packagist.org/packages/xauth/oauth2-xauthconnect)\n[![License](https://img.shields.io/packagist/l/xauth/oauth2-xauthconnect.svg?label=Licence\u0026logo=open-source-initiative)](https://packagist.org/packages/xauth/oauth2-xauthconnect)\n[![Tests](https://img.shields.io/github/actions/workflow/status/xauth-ecosystem/oauth2-xauthconnect/phpunit.yml?label=Tests\u0026logo=github)](https://github.com/xauth-ecosystem/oauth2-xauthconnect/actions/workflows/phpunit.yml)\n[![Test Coverage](https://img.shields.io/codecov/c/github/xauth-ecosystem/oauth2-xauthconnect?label=Test%20Coverage\u0026logo=codecov)](https://app.codecov.io/gh/xauth-ecosystem/oauth2-xauthconnect)\n\nThis package provides an OAuth 2.0 client provider for integrating with an XAuthConnect authorization server. It is built to work with the popular [`league/oauth2-client`](https://github.com/thephpleague/oauth2-client) package.\n\nThis provider allows you to easily implement the \"Login with XAuthConnect\" functionality in any PHP application that uses `league/oauth2-client`.\n\n## Features\n\n- **OIDC Discovery:** Automatically configure endpoints from a single `issuer` URL.\n- Implements the standard **Authorization Code Grant** flow.\n- Supports **PKCE** (Proof Key for Code Exchange) for enhanced security.\n- Provides helper methods for XAuthConnect-specific features:\n  - **Token Introspection** (`introspectToken`)\n  - **Token Revocation** (`revokeToken`)\n- Fully compliant with the `league/oauth2-client` `AbstractProvider`.\n- Exposes user data (`ID`, `Nickname`) through a `ResourceOwner` object.\n\n## Installation\n\nInstall the package via Composer:\n\n```bash\ncomposer require xauth/oauth2-xauthconnect\n```\n\nThis package now requires `guzzlehttp/guzzle` v7.0 or greater.\n\n### Installing from a local path (for development)\n\nIf you're developing this library locally or need to use it as a path repository:\n\n1. Place this library in a directory within your project (e.g., `oauth_libs/oauth2-xauthconnect`).\n2. Add the following to your main `composer.json` file:\n\n```json\n{\n    \"require\": {\n        \"xauth/oauth2-xauthconnect\": \"@dev\"\n    },\n    \"repositories\": [\n        {\n            \"type\": \"path\",\n            \"url\": \"./path/to/your/oauth2-xauthconnect\"\n        }\n    ],\n    \"minimum-stability\": \"dev\"\n}\n```\n\n3. Run `composer update` to install the dependencies.\n\n## Usage\n\nFollow these steps to integrate XAuthConnect into your application.\n\n### 1. Initialization\n\nYou can initialize the provider in two ways.\n\n#### Method 1: OIDC Discovery (Recommended)\n\nProvide the `issuer` URL of your XAuthConnect server. The provider will automatically discover all the required endpoint URLs.\n\n\u003e [!IMPORTANT]\n\u003e The `issuer` URL must be publicly accessible and resolvable from the environment where your application is running for OIDC discovery to succeed. If the issuer is not accessible, you must use Method 2 for manual configuration.\n\n```php\nrequire_once 'vendor/autoload.php';\n\n$provider = new ChernegaSergiy\\XAuthConnect\\OAuth2\\Client\\Provider\\XAuthConnect([\n    'clientId'     =\u003e 'your-client-id',\n    'clientSecret' =\u003e 'your-client-secret',\n    'redirectUri'  =\u003e 'https://your-redirect-uri.com',\n    'issuer'       =\u003e 'https://xauth-server.com' // Base URL of your XAuthConnect server\n]);\n```\n\n#### Method 2: Manual Configuration\n\nIf your OIDC `issuer` is not publicly accessible, or if you need to specify or override specific endpoint URLs manually, you can do so by providing them in the constructor options. This method is also useful for overriding a specific endpoint URL discovered via the `issuer`.\n\nThe following options are available for manual configuration:\n\n- `baseAuthorizationUrl`\n- `baseAccessTokenUrl`\n- `resourceOwnerDetailsUrl`\n- `introspectUrl`\n- `revokeUrl`\n\nFor example, if the discovery document provides a wrong `token_endpoint`, you can override it:\n\n```php\n$provider = new ChernegaSergiy\\XAuthConnect\\OAuth2\\Client\\Provider\\XAuthConnect([\n    'clientId'                =\u003e 'your-client-id',\n    'clientSecret'            =\u003e 'your-client-secret',\n    'redirectUri'             =\u003e 'https://your-redirect-uri.com',\n    'issuer'                  =\u003e 'https://xauth-server.com', // Still recommended\n\n    // Manually override the token endpoint\n    'baseAccessTokenUrl'      =\u003e 'httpa://new-token-url.com/token',\n]);\n```\n\n### 2. Authorization\n\nRedirect the user to the XAuthConnect server to authorize your application.\n\n```php\n// If we don't have an authorization code then get one\nif (!isset($_GET['code'])) {\n\n    // Fetch the authorization URL from the provider; this returns the\n    // urlAuthorize URL and generates and stores the state value in the session.\n    $authorizationUrl = $provider-\u003egetAuthorizationUrl();\n    $_SESSION['oauth2state'] = $provider-\u003egetState();\n\n    header('Location: ' . $authorizationUrl);\n    exit;\n\n// Check given state against previously stored one to mitigate CSRF attack\n} elseif (empty($_GET['state']) || (isset($_SESSION['oauth2state']) \u0026\u0026 $_GET['state'] !== $_SESSION['oauth2state'])) {\n\n    if (isset($_SESSION['oauth2state'])) {\n        unset($_SESSION['oauth2state']);\n    }\n\n    exit('Invalid state');\n}\n```\n\n### 3. Getting an Access Token\n\nAfter the user authorizes, they will be redirected back to your `redirectUri` with a `code`. Use this code to get an access token.\n\n```php\ntry {\n    // Try to get an access token using the authorization code grant.\n    $accessToken = $provider-\u003egetAccessToken('authorization_code', [\n        'code' =\u003e $_GET['code']\n    ]);\n\n    // We have an access token, let's use it!\n    echo 'Access Token: ' . $accessToken-\u003egetToken() . \"\u003cbr\u003e\";\n    echo 'Refresh Token: ' . $accessToken-\u003egetRefreshToken() . \"\u003cbr\u003e\";\n    echo 'Expired in: ' . $accessToken-\u003egetExpires() . \"\u003cbr\u003e\";\n    echo 'Already expired? ' . ($accessToken-\u003ehasExpired() ? 'Yes' : 'No') . \"\u003cbr\u003e\";\n\n} catch (\\League\\OAuth2\\Client\\Provider\\Exception\\IdentityProviderException $e) {\n    // Failed to get the access token or user details.\n    exit($e-\u003egetMessage());\n}\n```\n\n### 4. Getting Resource Owner Details\n\nWith the access token, you can now fetch the user's profile information.\n\n```php\ntry {\n    // Returns a XAuthConnectUser instance.\n    $user = $provider-\u003egetResourceOwner($accessToken);\n\n    printf('Hello, %s!', $user-\u003egetNickname());\n    echo 'Your UUID is: ' . $user-\u003egetId();\n\n    // Get all user data as an array.\n    var_dump($user-\u003etoArray());\n\n} catch (Exception $e) {\n    // Failed to get user details\n    exit('Oh dear...');\n}\n```\n\n## Extra Features\n\nThis provider includes methods for XAuthConnect-specific endpoints.\n\n### Introspecting a Token\n\nYou can check if a token is active and view its metadata.\n\n```php\n$introspectionResult = $provider-\u003eintrospectToken($accessToken-\u003egetToken());\n\nif ($introspectionResult['active']) {\n    echo \"Token is active.\\n\";\n    echo \"Expires at: \" . date('Y-m-d H:i:s', $introspectionResult['exp']);\n} else {\n    echo \"Token is not active.\";\n}\n```\n\n### Revoking a Token\n\nYou can invalidate an access or refresh token on the server.\n\n```php\n// Revoke the access token\n$provider-\u003erevokeToken($accessToken-\u003egetToken());\n\n// Revoke the refresh token\n$provider-\u003erevokeToken($accessToken-\u003egetRefreshToken());\n\necho \"Tokens have been revoked.\";\n```\n\n## Contributing\n\nContributions are welcome and appreciated! Here's how you can contribute:\n\n1. Fork the project on GitHub.\n2. Create your feature branch (`git checkout -b feature/AmazingFeature`).\n3. Commit your changes (`git commit -m 'Add some AmazingFeature'`).\n4. Push to the branch (`git push origin feature/AmazingFeature`).\n5. Open a Pull Request.\n\nPlease make sure to update tests as appropriate and adhere to the existing coding style.\n\n## License\n\nThis library is licensed under the CSSM Unlimited License v2.0 (CSSM-ULv2). See the [LICENSE](LICENSE) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxauth-ecosystem%2Foauth2-xauthconnect","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxauth-ecosystem%2Foauth2-xauthconnect","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxauth-ecosystem%2Foauth2-xauthconnect/lists"}