PHPackages                             creativecrafts/laravel-openid-connect - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. creativecrafts/laravel-openid-connect

ActiveLibrary

creativecrafts/laravel-openid-connect
=====================================

A simple package that will provide a fluent api to interact with third party authentication providers

1.0.3(8mo ago)21.6k[3 PRs](https://github.com/CreativeCrafts/laravel-openid-connect/pulls)MITPHPPHP ^8.3|^8.2CI passing

Since Oct 4Pushed 3mo ago1 watchersCompare

[ Source](https://github.com/CreativeCrafts/laravel-openid-connect)[ Packagist](https://packagist.org/packages/creativecrafts/laravel-openid-connect)[ Docs](https://github.com/CreativeCrafts/laravel-openid-connect)[ RSS](/packages/creativecrafts-laravel-openid-connect/feed)WikiDiscussions main Synced 1mo ago

READMEChangelog (10)Dependencies (16)Versions (15)Used By (0)

LaravelOpenIdConnect
====================

[](#laravelopenidconnect)

[![Latest Version on Packagist](https://camo.githubusercontent.com/26f59d7e19ced6f677e109f703a196d474ed119dd27caa023eb2e68c0e95abd3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f63726561746976656372616674732f6c61726176656c2d6f70656e69642d636f6e6e6563742e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/creativecrafts/laravel-openid-connect)[![GitHub Tests Action Status](https://camo.githubusercontent.com/781644b331cffa7f97f343a78b74c8ee08e7fe1ccff44ab3ade6d8f90a25cc43/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f63726561746976656372616674732f6c61726176656c2d6f70656e69642d636f6e6e6563742f72756e2d74657374732e796d6c3f6272616e63683d6d61696e266c6162656c3d7465737473267374796c653d666c61742d737175617265)](https://github.com/creativecrafts/laravel-openid-connect/actions?query=workflow%3Arun-tests+branch%3Amain)[![GitHub Code Style Action Status](https://camo.githubusercontent.com/4be50de75884f3fc4136cfe368f5bf7a196887748622444a1926fe4f5bc18a82/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f63726561746976656372616674732f6c61726176656c2d6f70656e69642d636f6e6e6563742f6669782d7068702d636f64652d7374796c652d6973737565732e796d6c3f6272616e63683d6d61696e266c6162656c3d636f64652532307374796c65267374796c653d666c61742d737175617265)](https://github.com/creativecrafts/laravel-openid-connect/actions?query=workflow%3A%22Fix+PHP+code+style+issues%22+branch%3Amain)[![Total Downloads](https://camo.githubusercontent.com/736c664cc96b9faf17f23cfabacbd4142b05ac9e9dacacfb3f9cb62074de0b4a/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f63726561746976656372616674732f6c61726176656c2d6f70656e69642d636f6e6e6563742e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/creativecrafts/laravel-openid-connect)

The **LaravelOpenIdConnect** package offers seamless integration of OpenID Connect authentication for Laravel applications. It allows your app to securely authenticate users via OpenID Connect providers, enabling effortless access token management, user information retrieval, and token refreshment. With a clean and straightforward API, this package abstracts the complexity of managing OAuth 2.0 flows behind the scenes, so developers can focus on building applications rather than managing authentication processes. This is package was forked from "jumbojett/OpenID-Connect-PHP" and modified to work the Laravel way.

- Special thanks to [jumbojett/OpenID-Connect-PHP](https://github.com/jumbojett/OpenID-Connect-PHP).

Key Features
------------

[](#key-features)

- **Authorization URL Generation**: Easily generate the URL to redirect users for OpenID Connect authentication.
- **Access Token Retrieval**: Obtain access tokens using an authorization code in compliance with OAuth 2.0 standards.
- **User Information**: Retrieve user information (claims) from the OpenID Connect provider with ease.
- **Token Refreshing**: Automatically refresh tokens when they expire using the refresh token.
- **Customizable Configurations**: Define multiple OpenID Connect providers in the configuration for multi-provider support.

Installation
------------

[](#installation)

1. Install the package via Composer:

```
composer require creativecrafts/laravel-openid-connect
```

Next, publish the package's configuration file:

```
php artisan vendor:publish  --tag="openid-connect-config"
```

This will create a config/openid-connect.php file in your Laravel project. This is the contents of the published config file:

```
/**
 * This configuration file is used to manage the OpenID Connect (OIDC) settings for the Laravel application.
 * The 'default' key specifies the default authentication provider to be used.
 * The 'providers' key contains the configuration details for different OIDC providers.
 */

return [
    /** The default authentication provider to be used. if a provider is not specified */
    'default_provider' => env('OPENID_CONNECT_DEFAULT_PROVIDER', ''),
    /** The default redirect URL to be used. if a provider redirect url is not provided. */
    'default_redirect_url' => env(
        'OPENID_CONNECT_DEFAULT_REDIRECT_URI',
        ''
    ),
    /** List of providers. */
    'providers' => [
        'example' => [
            'provider_url' => env('EXAMPLE_PROVIDER_URI'),
            'issuer' => env('EXAMPLE_ISSUER_URI'),
            'client_id' => env('EXAMPLE_CLIENT_ID'),
            'client_secret' => env('EXAMPLE_CLIENT_SECRET'),
            'scopes' => ['openid', 'email', 'profile'],
            'response_type' => 'code',
            'redirect_url' => env('EXAMPLE_REDIRECT_URI'),
            "token_endpoint_auth_methods_supported" => [
                "client_secret_post",
                "client_secret_basic",
            ],
        ],
    ],
];
```

```
EXAMPLE_CLIENT_ID=your-client-id
EXAMPLE_CLIENT_SECRET=your-client-secret
EXAMPLE_REDIRECT_URI=https://your-app.com/callback

```

Usage
-----

[](#usage)

```
1.Configure the providers in the config/openid-connect.php file.

2.Authenticate users by redirecting them to the provider’s authorization page.:

use CreativeCrafts\LaravelOpenidConnect\LaravelOpenIdConnect;

$openIdConnect = new LaravelOpenIdConnect();
/** @var bool $authorisation */
$authorisation = $openIdConnect
    ->acceptProvider('providerName'))
    ->authenticate();

2.Get User Information:
Once the user is authenticated, retrieve user information from the OpenID Connect provider.
// optionally pass the $authorisation attribute you want to retrieve
if ($authorisation) {
    $userInfo = $openIdConnect->retrieveUserInfo();
}

Error Handling:
If the configuration for the provider is missing or misconfigured, the package throws an InvalidProviderConfigurationException. Ensure that all necessary configurations, such as the issuer URL, client ID, and client secret, are correctly set.
```

State and session management
----------------------------

[](#state-and-session-management)

- This package uses a state-scoped bundle stored in session or cache as the single source of truth for transient values (nonce and PKCE code\_verifier). Direct per-key usage (e.g. separate nonce/state keys) is deprecated; rely on saveStateBundle()/loadStateBundle() behavior.
- Multiple outstanding authorizations per session are supported by scoping bundles to the state value.
- On successful or failed callback processing, the bundle is cleared and a short-lived tombstone is written to prevent replay of the same state.
- When using session storage, ensure cookies are configured with Secure, HttpOnly, and an appropriate SameSite setting for your deployment.

### Potential pitfalls and guidance

[](#potential-pitfalls-and-guidance)

- Regenerating the session ID mid-flow: If your app regenerates IDs aggressively (e.g., on each request), the sid check will reject the callback. Consider deferring regeneration until after OIDC completes, or disable mid-request regeneration for the callback route.
- Distributed systems: When using cache storage (`OPENID_CONNECT_STORAGE=cache`), ensure all app instances point to the same cache backend and share a common prefix (`OPENID_CONNECT_KEY_PREFIX`). Also ensure clock skew is tolerable and cache TTLs are sufficient across nodes.
- Long consent screens: Increase `OPENID_CONNECT_CACHE_TTL` when using cache storage, or prefer session storage if your session persistence is more reliable during long user interactions.
- Legacy keys: Direct usage of `nonce`/`state`/`code_verifier` per-key in storage is deprecated. The manager still cleans legacy keys for backwards compatibility, but your integration should rely on the state-bundled APIs.

### Storage configuration quick reference

[](#storage-configuration-quick-reference)

- OPENID\_CONNECT\_STORAGE: `session` (default) | `cache` | `none`
- OPENID\_CONNECT\_KEY\_PREFIX: Key prefix for both session and cache storages.
- OPENID\_CONNECT\_CACHE\_STORE: Named Laravel cache store to use when storage is `cache`.
- OPENID\_CONNECT\_CACHE\_TTL: Integer seconds; increase for longer flows or set to null in config to store forever (not recommended for security).

Testing
-------

[](#testing)

```
This package is built with a focus on quality and reliability.

To run the tests, use the following command:
./vendor/bin/pest
```

Changelog
---------

[](#changelog)

Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently.

Contributing
------------

[](#contributing)

Please see [CONTRIBUTING](CONTRIBUTING.md) for details.

Security Vulnerabilities
------------------------

[](#security-vulnerabilities)

Please review [our security policy](../../security/policy) on how to report security vulnerabilities.

Credits
-------

[](#credits)

- [Godspower Oduose](https://github.com/rockblings)
- [All Contributors](../../contributors)

License
-------

[](#license)

The MIT License (MIT). Please see [License File](LICENSE.md) for more information.

###  Health Score

44

—

FairBetter than 92% of packages

Maintenance72

Regular maintenance activity

Popularity21

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity62

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~36 days

Recently: every ~45 days

Total

10

Last Release

253d ago

Major Versions

0.0.6 → 1.0.02025-09-01

PHP version history (2 changes)0.0.1PHP ^8.2

0.0.6PHP ^8.3|^8.2

### Community

Maintainers

![](https://www.gravatar.com/avatar/5b5e5ba42a2029e0f2fa45bd8d874c98599af2d2a1e77bff012ea07eeb0b65bc?d=identicon)[rockblings](/maintainers/rockblings)

---

Top Contributors

[![rockblings](https://avatars.githubusercontent.com/u/5190259?v=4)](https://github.com/rockblings "rockblings (63 commits)")

---

Tags

laravelOpenID ConnectcreativeCraftslaravel-openid-connect

###  Code Quality

TestsPest

Static AnalysisPHPStan, Rector

Code StyleLaravel Pint

### Embed Badge

![Health badge](/badges/creativecrafts-laravel-openid-connect/health.svg)

```
[![Health](https://phpackages.com/badges/creativecrafts-laravel-openid-connect/health.svg)](https://phpackages.com/packages/creativecrafts-laravel-openid-connect)
```

###  Alternatives

[vormkracht10/laravel-mails

Laravel Mails can collect everything you might want to track about the mails that has been sent by your Laravel app.

24149.7k](/packages/vormkracht10-laravel-mails)[spatie/laravel-prometheus

Export Laravel metrics to Prometheus

2651.3M6](/packages/spatie-laravel-prometheus)[hydrat/filament-table-layout-toggle

Filament plugin adding a toggle button to tables, allowing user to switch between Grid and Table layouts.

6292.3k1](/packages/hydrat-filament-table-layout-toggle)[scalar/laravel

Render your OpenAPI-based API reference

6183.9k2](/packages/scalar-laravel)[ralphjsmit/laravel-helpers

A package containing handy helpers for your Laravel-application.

13704.6k2](/packages/ralphjsmit-laravel-helpers)[musahmusah/laravel-multipayment-gateways

A Laravel Package that makes implementation of multiple payment Gateways endpoints and webhooks seamless

852.2k1](/packages/musahmusah-laravel-multipayment-gateways)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)