oidc
PHP OAuth 2.0 Server
oidc | PHP OAuth 2.0 Server | |
---|---|---|
16 | 10 | |
1,194 | 6,458 | |
3.6% | 0.2% | |
9.1 | 8.9 | |
1 day ago | 9 days ago | |
Go | PHP | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
oidc
-
Easy to use OpenID Connect client and server library written for Go
Zitadel OIDC library code is very well-writen and informative.
Highly encourage everyone jump into source code and explore how IntrospectionResponse struct work with all related code around
https://github.com/zitadel/oidc/blob/main/pkg/oidc/introspec...
// IntrospectionResponse implements RFC 7662, section 2.2 and
// OpenID Connect Core 1.0, section 5.1 (UserInfo).
// https://www.rfc-editor.org/rfc/rfc7662.html#section-2.2.
// https://openid.net/specs/openid-connect-core-1_0.html#Standa....
type IntrospectionResponse struct {
-
Are there any OIDC Provider libraries for Golang?
I started with https://github.com/zitadel/oidc/tree/main/example/server/storage
- ZITADEL Golang OIDC Library Version 2.0 Release
- Easy to use OpenID Connect client and server for Go released v2.0.0
-
How do you implement OIDC Code flow in go?
oidc: github.com/zitadel/oidc (certified by OIDC)
-
Zitadel: The best of Auth0 and Keycloak combined
I had to set up a OIDC server so our website could act as OIDC provider, and was really surprised how hard that is to do if you simply need the most basic setup. In fact it would seem that everybody would just keep a Keycloak or whatever— in their cluster and would keep it up-to-date with whatever user schema they would have in their app. This felt like too much work for me (I didn't want to maintain a whole extra service to just be able and provide a couple Oauth scopes from our API back-end.) so instead I went on and implemented the server directly in our app using https://github.com/zitadel/oidc. In fact this was the only fully-functioning OIDC implementation in Go that I could just plug in and make it work. So big props up to the Zitadel guys, the only worry would be from my side that the server implementation could be more generic and could rely on a set of interfaces that the users would be able to implement easily, without having to import a bunch of code from 'examples/server' like we have to do at the moment?
-
We moved our Go OpenID Connect package to a new home
I just wanted to spread the word, that we moved the library to a new home in the ZITADEL GitHub organisation to ease some of the confusion around the name of the company (CAOS) and the project (ZITADEL).
-
Help us build the best open source identity platform
But to ease the pain of this we release personal access tokens in March and are currently prepping to support client credentials as well, thanks to a contribution.
PHP OAuth 2.0 Server
- Mobile application using website's PHP OAuth
-
What is the best way to implement an SSO for several existing web apps?
For creating a PHP OAuth2 server take a look at https://oauth2.thephpleague.com/ it is not a complete server, but will do most of the work for you.
-
The PHPer's Guide to OAuth
For the server side, I'll use the OAuth 2.0 server library. The implementation here is more complex, as there are many moving parts that need to be in place.
-
oAuth2 server for SPA app
I looked at the phpleague oauth2-server and there, they say that a SPA (front end in angular or react) should use Authorization code grant and not password grant (it seems password grant is not recommended to use anymore).
-
Oauth Authentication In Laravel: Social Login With Laravel Socialite
Laravel Passport facilitates full OAuth2 server implementation for Laravel Apps in less time. Developing an OAuth2 server from scratch can be tedious and time-consuming, but Laravel Passport is a local OAuth 2 server for Laravel apps. The Laravel Passport package embodies routes, middleware, and database migrations to develop an authorization server that will return access tokens for giving access permission to server resources. It uses the League OAuth2 Server package as a dependency and has a straightforward, easy-to-learn, and easy-to-implement language structure.
-
Zitadel: The best of Auth0 and Keycloak combined
Disclosure: I work for FusionAuth.
Depends on what you are looking for.
If you want a standalone auth server, you can use FusionAuth in docker/docker-compose: https://fusionauth.io/docs/v1/tech/installation-guide/docker
You can also package up a library; most major languages have one or more OAuth/OIDC libraries: https://github.com/doorkeeper-gem/doorkeeper for Ruby, https://spring.io/projects/spring-security for Spring/Java, https://oauth2.thephpleague.com/ for PHP, https://pypi.org/project/oauthlib/ for Python.
https://oauth.net/code/ has a further selection of libraries in a variety of languages.
- Is this a good way to secure my REST API?
-
RFC: Sealed classes
I completely agree with this!! Sometimes there's too much hubris in OSS; classes made final, methods made private- because the author has made their mind up about how the library should work and be used. But sometimes it's not possible to imagine every use case. If software is extensible and someone breaks their app by extending your library and doing something wrong, that's their problem. Take a look at this for example: https://github.com/thephpleague/oauth2-server/issues/885 here the authors don't want to make it more extensible because some people might encode too many claims into their tokens and run into problems with header size. Ffs get off your high horse and let people use their own judgement !! /rant
-
What library that can be used to implement simple user authentication?
https://github.com/thephpleague/oauth2-server is also good
-
Weekly "ask anything" thread
Otherwise, if I need something larger, then I would go towards OAuth and than in particular OAuth2 from the PHP league. It provides a good framework to work with to implement authentication in your project. Setting up is a bit of work, but when it works, you don't need to look at it again.
What are some alternatives?
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
laravel-imap - Laravel IMAP is an easy way to integrate both the native php-imap module and an extended custom imap protocol into your Laravel app.
go-oidc - A Go OpenID Connect client.
Sign in with Apple for PHP - PHP library to verify and validate Apple IdentityToken and authenticate a user with Apple ID.
zitadel - ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.
OAuth2 Server - documentation for the oauth2-server-php library
lldap - Light LDAP implementation
Json Web Token - A simple library to work with JSON Web Token and JSON Web Signature
scim-for-keycloak - a third party module that extends keycloak by SCIM functionality
HybridAuth - Open source social sign on PHP Library. HybridAuth goal is to act as an abstract api between your application and various social apis and identities providers such as Facebook, Twitter and Google.
go-ora - Pure go oracle client
php-jwt - PHP package for JWT