Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/eko/authz-php-sdk
Authz PHP SDK
https://github.com/eko/authz-php-sdk
abac authorization permissions php rbac
Last synced: 23 days ago
JSON representation
Authz PHP SDK
- Host: GitHub
- URL: https://github.com/eko/authz-php-sdk
- Owner: eko
- License: mit
- Created: 2023-01-12T20:11:05.000Z (almost 2 years ago)
- Default Branch: master
- Last Pushed: 2023-07-07T05:43:32.000Z (over 1 year ago)
- Last Synced: 2024-11-29T10:41:59.138Z (about 1 month ago)
- Topics: abac, authorization, permissions, php, rbac
- Language: PHP
- Homepage: https://authz.fr
- Size: 322 KB
- Stars: 2
- Watchers: 2
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Authz PHP SDK
This is the Authz development kit for PHP.
## Installation
You can install the SDK in your project by adding the following dependency:
```bash
$ composer require eko/authz-sdk
```
⚠️ Please note that you will need to install the [`grpc` PHP extension](https://cloud.google.com/php/grpc).
## Usage
You have to instanciate a new Authz Client in your code by doing:
```php
', '');
```
Once the client is instanciate, you have access to all the gRPC methods.
In order to create a new Principal, you can use
```php
[$response, $status] = $client->PrincipalCreate(new PrincipalCreateRequest([
'id' => 'user-123',
'attributes' => [
new Attribute(['key' => 'email', 'value' => '[email protected]']),
],
]))->wait();
```
To declare a new resource:
```php
[$response, $status] = $client->ResourceCreate(new ResourceCreateRequest([
'id' => 'post.123',
'kind' => 'post',
'value' => '123',
'attributes' => [
new Attribute(['key' => 'owner_email', 'value' => '[email protected]']),
],
]))->wait();
```
You can also declare a new policy this way:
```php
[$response, $status] = $client->PolicyCreate(new PolicyCreateRequest([
'id' => 'post-owners',
'resources' => ['post.*'],
'actions' => ['edit', 'delete'],
'attribute_rules' => [
'principal.email == resource.owner_email',
],
]))->wait();
```
Then, you can perform a check with:
```php
if ($client->IsAllowed('user-123', 'post', '123', 'edit')) {
// Do something
}
```
Please note that you have access to all the gRPC methods [declared here](https://github.com/eko/authz/blob/master/backend/api/proto/api.proto) in the proto file.
## Configuration
This SDK connects over gRPC to the backend service. Here are the available configuration options:
| Property | Description |
| -------- | ----------- |
| Address | Authz backend to connect to |
| ClientID | Your service account client id used to authenticate |
| ClientSecret | Your service account client secret key used to authenticate |