PHPackages authlete/authlete - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. authlete/authlete ActiveLibrary[Authentication & Authorization](/categories/authentication) authlete/authlete ================= Authlete Library for PHP 1.14.0(8mo ago)1478.4k↓27.3%1[2 PRs](https://github.com/authlete/authlete-php/pulls)1Apache-2.0PHPPHP >=5.4.0CI failing Since Mar 16Pushed 8mo ago5 watchersCompare [ Source](https://github.com/authlete/authlete-php)[ Packagist](https://packagist.org/packages/authlete/authlete)[ Docs](https://github.com/authlete/authlete-php)[ RSS](/packages/authlete-authlete/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (1)Versions (22)Used By (1) README ====== [](#readme) Overview -------- [](#overview) This is a PHP library for [Authlete Web APIs](https://docs.authlete.com/). [Authlete](https://www.authlete.com/) is a cloud service that provides an implementation of [OAuth 2.0](https://tools.ietf.org/html/rfc6749) & [OpenID Connect](https://openid.net/connect/). By using the Web APIs provided by Authlete, you can develop a *DB-less* authorization server and/or OpenID provider. "DB-less" here means that you don't have to manage a database server that stores authorization data (e.g. access tokens), settings of authorization servers and settings of client applications. These data are stored in the Authlete server on cloud. Please read *[New Architecture of OAuth 2.0 and OpenID Connect Implementation](https://medium.com/@darutk/new-architecture-of-oauth-2-0-and-openid-connect-implementation-18f408f9338d)*for details about the architecture of Authlete. True engineers will love the architecture ;-) > The primary advantage of this architecture is in that the backend service can focus on implementing OAuth 2.0 and OpenID Connect without caring about other components such as identity management, user authentication, login session management, API management and fraud detection. And, consequently, it leads to another major advantage which enables the backend service (implementation of OAuth 2.0 and OpenID Connect) to be combined with any solution of other components and thus gives flexibility to frontend server implementations. License ------- [](#license) Apache License, Version 2.0 Composer -------- [](#composer) ``` "require" : { "authlete/authlete" : "{version}" } ``` Packagist --------- [](#packagist) `https://packagist.org/packages/authlete/authlete` Source Code (authlete-php) -------------------------- [](#source-code-authlete-php) `https://github.com/authlete/authlete-php` API Reference (authlete-php) ---------------------------- [](#api-reference-authlete-php) `https://authlete.github.io/authlete-php/` API Reference (Authlete) ------------------------ [](#api-reference-authlete) `https://docs.authlete.com/` Description ----------- [](#description) #### How To Get AuthleteApi [](#how-to-get-authleteapi) All the methods to communicate with [Authlete Web APIs](https://docs.authlete.com/) are gathered in `AuthleteApi` interface. Currently, `AuthleteApiImpl` class is the only class that implements the interface. The constructor of `AuthleteApiImpl` class requires an implementation of `AuthleteConfiguration` interface. Once you prepare an implementation of `AuthleteConfiguration` interface, you can create an `AuthleteApi` instance as follows. ``` // Prepare configuration to access Authlete Web APIs. $conf = ...; // Create an instance that implements AuthleteApi. $api = new AuthleteApiImpl($conf); ``` `AuthleteConfiguration` is an interface that holds configuration values to access Authlete Web APIs such as the URL of an Authlete server and API credentials of a service. To be concrete, the interface has the following methods. MethodDescription`getBaseUrl()`URL of an Authlete server`getServiceApiKey()`API key of a service`getServiceApiSecret()`API secret of a service`getServiceOwnerApiKey()`API key of your account`getServiceOwnerApiSecret()`API secret of your accountauthlete-php includes three implementations of `AuthleteConfiguration`interface as listed below. ClassDescription`AuthleteEnvConfiguration`Configuration by environment variables`AuthleteIniConfiguration`Configuration by an ini file`AuthleteSimpleConfiguration`Configuration by C# properties#### AuthleteIniConfiguration [](#authleteiniconfiguration) Among the three implementations of `AuthleteConfiguration` interface, this section explains `AuthleteIniConfiguration` class. `AuthleteIniConfiguration` class provides a mechanism to use an ini file to set configuration values to access Authlete Web APIs. The format of the ini file given to `AuthleteIniConfiguration` must be able to be parsed by [parse\_ini\_file()](http://php.net/manual/en/function.parse-ini-file.php) function. The constructor of `AuthleteIniConfiguration` class has an optional argument, `$file`, which is a name of an ini file. If the argument is omitted, the constructor checks the value of the environment variable, `AUTHLETE_CONFIGURATION_FILE`, and if the environment variable holds a non-empty value, it is regarded as a name of an ini file. If a name of an ini file is not available, the constructor assumes `authlete.ini`. The following examples show the usage of the constructor. ``` // (1) Constructor with no argument. This tries to read a file // named "authlete.ini". The environment variable, // AUTHLETE_CONFIGURATION_FILE, can be used to specify // another different file name. $conf = new AuthleteIniConfiguration(); // (2) Constructor with the name of a configuration file. $conf = new AuthleteIniConfiguration("authlete.ini"); ``` `AuthleteIniConfiguration` class expects entries in the table below to be found in the given configuration file. Property KeyDescription`base_url`URL of an Authlete server`service.api_key`API key of a service`service.api_secret`API secret of a service`service_owner.api_key`API key of your account`service_owner.api_secret`API secret of your accountBelow is an example of a configuration file. ``` base_url = https://api.authlete.com service_owner.api_key = 1532787510 service_owner.api_secret = 9Y0ZARGatedJRhsYLNfiK_aKQIBCug2O3JQU6srZrpk service.api_key = 9463955934 service.api_secret = AAw0rner_wjRCpk-y1A6J9s20Bvez3GxEBoL9jOJVR0 ``` #### AuthleteApi Settings [](#authleteapi-settings) `getSettings()` method of `AuthleteApi` returns an instance of `Settings`interface whereby you can adjust the behaviors of the implementation of `AuthleteApi` interface. ``` // Get an implementation of AuthleteApi interface. $api = ...; // Get the instance which holds settings of the implementation. $settings = $api->getSettings(); // Set a connection timeout in seconds. $settings->setConnectionTimeout(5); // Set a proxy. $settings->setProxyHost("proxy.example.com"); $settings->setProxyPort(8080); $settings->setProxyTunnelUsed(false); ``` #### AuthleteApi Method Categories [](#authleteapi-method-categories) Methods in the `AuthleteApi` interface can be divided into some categories. 1. Methods for Authorization Endpoint Implementation ``` - `authorization(AuthorizationRequest $request)` - `authorizationFail(AuthorizationFailRequest $request)` - `authorizationIssue(AuthorizationIssueRequest $request)` ``` 2. Methods for Token Endpoint Implementation ``` - `token(TokenRequest $request)` - `tokenFail(TokenFailRequest $request)` - `tokenIssue(TokenIssueRequest $request)` ``` 3. Methods for Service Management ``` - `createService(Service $service)` - `deleteService($serviceApiKey)` - `getService($serviceApiKey)` - `getServiceList()` - `getServiceList($start = 0, $end = 5)` - `updateService(Service $service)` ``` 4. Methods for Client Application Management ``` - `createClient(Client $client)` - `deleteClient($clientId)` - `getClient($clientId)` - `getClientList($developer = null, $start = 0, $end = 5)` - `updateClient(Client $client)` - `refreshClientSecret($clientId)` - `updateClientSecret($clientId, $clientSecret)` ``` 5. Methods for Access Token Introspection ``` - `introspection(IntrospectionRequest $request)` - `standardIntrospection(StandardIntrospectionRequest $request)` ``` 6. Methods for Revocation Endpoint Implementation ``` - `revocation(RevocationRequest $request)` ``` 7. Methods for User Info Endpoint Implementation ``` - `userinfo(UserInfoRequest $request)` - `userinfoIssue(UserInfoIssueRequest $request)` ``` 8. Methods for JWK Set Endpoint Implementation ``` - `getServiceJwks($pretty = false, $includePrivateKeys = false)` ``` 9. Methods for OpenID Connect Discovery ``` - `getServiceConfiguration($pretty = true)` ``` 10. Methods for Token Operations ``` - `tokenCreate(TokenCreateRequest $request)` - `tokenDelete($token)` - `tokenUpdate(TokenUpdateRequest $request)` ``` 11. Methods for Records of Granted Scopes ``` - `getGrantedScopes($clientId, $subject)` - `deleteGrantedScopes($clientId, $subject)` ``` 12. Methods for Authorization Management on a User-Client Combination Basis ``` - `deleteClientAuthorization($clientId, $subject)` - `getClientAuthorizationList(ClientAuthorizationGetListRequest $request)` - `updateClientAuthorization($clientId, ClientAuthorizationUpdateRequest $request)` ``` 13. Methods for CIBA (Client Initiated Backchannel Authentication) ``` - `backchannelAuthentication(BackchannelAuthenticationRequest $request)` - `backchannelAuthenticationIssue(BackchannelAuthenticationIssueRequest $request)` - `backchannelAuthenticationFail(BackchannelAuthenticationFailRequest $request)` - `backchannelAuthenticationComplete(BackchannelAuthenticationCompleteRequest $request)` ``` 14. Methods for Device Flow (RFC 8628) ``` - `deviceAuthorization(DeviceAuthorizationRequest $request)` - `deviceVerification(DeviceVerificationRequest $request)` - `deviceComplete(DeviceCompleteRequest $request)` ``` 15. Methods for PAR (Pushed Authorization Requests) ``` - `pushAuthorizationRequest(PushedAuthReqRequest $request)` ``` *Example* The following code snippet is an example to get the list of your services. Each service corresponds to an authorization server. ``` // Prepare configuration to access Authlete APIs. // AuthleteSimpleConfiguration is used here as one // implementation of AuthleteConfiguration interface. // As described above, there are other implementations // such as AuthleteIniConfiguraiton. $conf = new AuthleteSimpleConfiguration(); $conf->setBaseUrl("https://api.authlete.com") ->setServiceOwnerApiKey("1532787510") ->setServiceOwnerApiSecret("9Y0ZARGatedJRhsYLNfiK_aKQIBCug2O3JQU6srZrpk") ->setServiceApiKey("9463955934") ->setServiceApiSecret("AAw0rner_wjRCpk-y1A6J9s20Bvez3GxEBoL9jOJVR0") ; // Get an implementation of AuthleteApi interface. // Currently, AuthleteApiImpl is the only class that // implements the AuthleteApi interface. $api = new AuthleteApiImpl($conf); // Get the list of services. getServiceList() method // returns an instance of ServiceListResponse class. $response = $api->getServiceList(); // Array of Service instances. $services = $response->getServices(); ``` How To Test ----------- [](#how-to-test) #### 1. Unit Tests [](#1-unit-tests) ``` $ vendor/bin/phpunit tests ``` #### 2. Compatibility Check [](#2-compatibility-check) ``` $ PHPCMD={path-to-php54} # e.g. PHPCMD=/usr/local/Cellar/php54/5.4.45_7/bin/php $ find src -name '*.php' -exec $PHPCMD -l '{}' \; ``` How To Release -------------- [](#how-to-release) #### 1. Update Documents [](#1-update-documents) Update `CHANGES.md` and `CHANGES.ja.md`. Update `README.md` and `README.ja.md`, too, if necessary. #### 2. Update User-Agent [](#2-update-user-agent) Update the value of the `$USER_AGENT` variable in `AuthleteApiImpl.php`. #### 3. Update Version [](#3-update-version) [Packagist](https://packagist.org) (which this library is registered into) refers to git tags. To utilize the mechanism, create a new tag for a new version. See [Versions and constraints](https://getcomposer.org/doc/articles/versions.md) for details. ``` $ git tag X.Y.Z $ git push origin X.Y.Z ``` #### 4. Publish Library [](#4-publish-library) If [GitHub Service Hook](https://packagist.org/about#how-to-update-packages) is working correctly, changes are automatically detected by [Packagist](https://packagist.org). #### 5. Update API Reference [](#5-update-api-reference) The following command updates documents under `docs` folder. ``` $ rm -rf docs $ phpdoc ``` #### 6. Publish API Reference [](#6-publish-api-reference) ``` $ git add docs $ git commit -m 'Updated API reference for version X.Y.Z.' $ git push ``` See [Configuring a publishing source for GitHub Pages](https://help.github.com/articles/configuring-a-publishing-source-for-github-pages/) for details. Contact ------- [](#contact) PurposeEmail AddressGeneralSalesPRTechnical ### Health Score 50 — FairBetter than 96% of packages Maintenance62 Regular maintenance activity Popularity38 Limited adoption so far Community18 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 96.7% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~171 days Recently: every ~420 days Total 17 Last Release 242d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/aeabafacd4c72abee819d0a8ab7a3bc69f25dd579f4126f689fd7ab8f3c9b8e8?d=identicon)[authlete](/maintainers/authlete) --- Top Contributors [![TakahikoKawasaki](https://avatars.githubusercontent.com/u/1641166?v=4)](https://github.com/TakahikoKawasaki "TakahikoKawasaki (176 commits)")[![hefa](https://avatars.githubusercontent.com/u/1176995?v=4)](https://github.com/hefa "hefa (2 commits)")[![hidebike712](https://avatars.githubusercontent.com/u/5583716?v=4)](https://github.com/hidebike712 "hidebike712 (1 commits)")[![shaikathaque](https://avatars.githubusercontent.com/u/9042881?v=4)](https://github.com/shaikathaque "shaikathaque (1 commits)")[![tkudo](https://avatars.githubusercontent.com/u/2927585?v=4)](https://github.com/tkudo "tkudo (1 commits)")[![TomonoriIshizaka](https://avatars.githubusercontent.com/u/10804002?v=4)](https://github.com/TomonoriIshizaka "TomonoriIshizaka (1 commits)") --- Tags libraryoauthoauth2oidcopenid-connectphpapisecuritySSOoauthoauth 2.0OpenIdOpenID ConnectoidcAuthlete ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/authlete-authlete/health.svg) ``` [![Health](https://phpackages.com/badges/authlete-authlete/health.svg)](https://phpackages.com/packages/authlete-authlete) ``` ### Alternatives [authlete/authlete-laravel Authlete Library for Laravel 4226.0k](/packages/authlete-authlete-laravel)[league/oauth2-server A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API. 6.6k136.0M248](/packages/league-oauth2-server)[auth0/auth0-php PHP SDK for Auth0 Authentication and Management APIs. 40820.2M68](/packages/auth0-auth0-php)[auth0/login Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints. 2745.0M3](/packages/auth0-login)[auth0/symfony Symfony SDK for Auth0 Authentication and Management APIs. 128738.1k](/packages/auth0-symfony)[league/openid-connect-claims An OpenID Connect ID claims set implementation 15242.9k2](/packages/league-openid-connect-claims) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)