OAuth 2.0 Client VS http-message

League/oauth2-client has a lot of implementations

Have a look on this one https://oauth2-client.thephpleague.com/

In regards to oauth the phpleague packages are fairly popular. Again, the flow requires some redirect dancing so not something that can be (simply) just a single boolean-returning method on the PHP side. Additionally, oauth is a relatively weak standard (Especially where you want to verify identity) in which case platform specific actions/tweaks are needed hence why most use platform-specific oauth libraries. OIDC builds upon oauth to standardize the flow, including getting the identity, but it isn't supported by all platforms offering oauth.

For the client side, I'll be using the library league/oauth2-client.

"Login with Google/Facebook/Twitter/etc": That's called OAuth2 and quite easy to implement. This package is good OAuth2 client to start.

I'd recommend using a library - for Azure AD OAuth we've been using https://github.com/thephpleague/oauth2-client + https://github.com/thenetworg/oauth2-azure (see also https://oauth2-client.thephpleague.com/providers/thirdparty/ )

For Azure AD, I'd recommend the combination of https://github.com/thephpleague/oauth2-client for the authentication part (getting the token) and the Microsoft Graph SDK for then using the token to get information about the user https://github.com/microsoftgraph/msgraph-sdk-php

Here's a good example of that: https://github.com/thephpleague/oauth2-client/blob/master/.gitattributes

There is a package within The PHP League that allows validation of an OpenAPI specification: league/openapi-psr7-validator. This package validates requests and responses to the PSR-7 specification.

PSR-7, the standard for requests and responses

Guzzle implements PSR-7: HTTP message interfaces (but apparently not yet PSR-18: HTTP Client, or at least they don't mention it). That means it's possible to use it in third-party libraries/frameworks and easy to replace with similar tools.

The Yii HTTP Application provides the Application::class, as well as the events and handlers needed to interact with HTTP. The package is implemented using PSR-7 and PSR-15 standards.

[PSR Http Message.](https://github.com/php-fig/http-message) This repository holds all interfaces/classes/traits related to [PSR-7](http://www.php-fig.org/psr/psr-7/).

PSR Http Message. This repository holds all interfaces/classes/traits related to PSR-7.

Since the library is designed to be easily integrated with different frameworks, it relies on the usage of PSR-7 compliant HTTP messages. To fulfill this requirement, I'll be using the nyholm/psr7 package.

Sounds good for the future given that PHP-FIG seems uninterested in maintaining the related code repo https://github.com/php-fig/http-message/pull/95