PHPackages                             curio/sdclient - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Utility & Helpers](/categories/utility)
4. /
5. curio/sdclient

ActiveLibrary[Utility & Helpers](/categories/utility)

curio/sdclient
==============

Client for sdlogin

v5.0.0(1mo ago)1173CC-BY-NC-SA-4.0PHPCI passing

Since Mar 1Pushed 1mo agoCompare

[ Source](https://github.com/curio-team/sdclient)[ Packagist](https://packagist.org/packages/curio/sdclient)[ RSS](/packages/curio-sdclient/feed)WikiDiscussions main Synced 1mo ago

READMEChangelog (8)Dependencies (9)Versions (10)Used By (0)

🔑 SD Client
===========

[](#-sd-client)

A Laravel package for use with the [🔐 sdlogin OpenID connect server](https://github.com/curio-team/sdlogin).

🚀 Using this package
--------------------

[](#-using-this-package)

Warning

Please make sure your app is using *https*, to prevent unwanted exposure of token, secrets, etc.

To use `sdclient` in your project:

1. In your laravel project run: `composer require curio/sdclient`
2. Set these keys in your .env file:

    - `SD_CLIENT_ID`
    - `SD_CLIENT_SECRET`
    - `SD_API_LOG` *(optional)*
        - *Default:* `no`
        - Set to `yes` to make SdClient log all usage of access\_tokens and refresh\_tokens to the default log-channel.
    - `SD_APP_FOR` *(optional)*
        - *Default:* `teachers`
        - This key determines if students can login to your application.
        - May be one of:
    - `all`: everyone can login, you may restrict access using guards or middleware.
    - `teachers`: a student will be completely blocked and no user will be created when they try to login.
    - `SD_USE_MIGRATION` *(optional)*
        - *Default:* `yes`
        - Set to no if you want to use your own migration instead of the users migration this package provides
    - `SD_SSL_VERIFYPEER` *(optional)*
        - *Default:* `yes`
        - Set to `no` if you want to disable SSL verification. This is only recommended for during development and only on trusted networks.
3. Alter your User model and add the lines: `public $incrementing = false;` and `protected $keyType = 'string';`
4. *(Recommended)* Remove any default users-migration from your app, because SdClient will conflict with it. Do *not* remove the user-model. If you want to keep using your own migration, in your .env file set: `SD_USE_MIGRATION=no`.

    *Note that (unlike default user migrations) SD users have a string as their primary key. Any foreign keys pointing to the users table should also be of type string.*
5. Lastly, run `php artisan migrate`.

Read the required implementations below to see how to redirect your users to the login-server and how to catch the after-login redirect.

🔨 Required implementations
--------------------------

[](#-required-implementations)

Note

SdClient is not compatible in combination with Laravel's `make:auth` command.

### 1️⃣ Letting your users login

[](#1️⃣-letting-your-users-login)

Redirect your users to `http://yoursite/sdclient/redirect`. From here `sdclient` will send your user to *sdlogin* for authentication.

> **Example:**
>
> Implement a named route that will serve your users with a button or direct redirect to `/sdclient/redirect.`:
>
> ```
> Route::get('/login', function() {
>   return redirect('/sdclient/redirect');
> })->name('login');
> ```

### 2️⃣ Catch the after-login redirect

[](#2️⃣-catch-the-after-login-redirect)

The *sdlogin* server will ask the user if they want to allow your application to access their data. After the user has made their choice, they will be redirected to the `/sdclient/ready` or `/sdclient/error` route in your application.

#### Handling success (`/sdclient/ready`)

[](#handling-success-sdclientready)

After confirming a successful login with *sdlogin*, the `sdclient` package will redirect you to `/sdclient/ready`.

> **Example:**
>
> Define a route in your applications `routes/web.php` file to handle this:
>
> ```
> Route::get('/sdclient/ready', function() {
>   return redirect('/educations');
> });
> ```

#### Handling errors (`/sdclient/error`)

[](#handling-errors-sdclienterror)

If the user denies access to your application, or if something else goes wrong, the user will be redirected to `/sdclient/error`. The error and error\_description will be stored in the session (as `sdclient.error` and `sdclient.error_description` respectively).

> **Example:**
>
> Define a route in your applications `routes/web.php` file to handle this:
>
> ```
> Route::get('/sdclient/error', function() {
>   $error = session('sdclient.error');
>   $error_description = session('sdclient.error_description');
>
>   return view('errors.sdclient', compact('error', 'error_description'));
>   // or simply:
>   // return 'There was an error signing in: ' . $error_description . ' (' . $error . ')Try again';
> });
> ```

### 3️⃣ Logging out

[](#3️⃣-logging-out)

Send your user to `/sdclient/logout`.

Note

A real logout cannot be accomplished at this time. If you log-out of your app, but are still logged-in to the *sdlogin*-server, this will have no effect. This is because the *sdlogin*-server is a single-sign-on server, and is designed to keep you logged in to all applications that use it.

📈 SdApi
-------

[](#-sdapi)

Apart from being the central login-server, *login.amo.rocks* also exposes an api. Please note this api is currently undocumented, although there are options to explore the api:

- Refer to *sdlogin*'s [routes/api.php](https://github.com/curio-team/sdlogin/blob/main/routes/api.php) file.
- Play around at [apitest.curio.codes](https://apitest.curio.codes/).

### SdClient API Interface

[](#sdclient-api-interface)

An example of calling the api through SdClient:

```
namespace App\Http\Controllers;

use \Curio\SdClient\Facades\SdApi;

class MyController extends Controller
{
  // This method should be protected by the auth-middleware
  public function index()
  {
    $users = SdApi::get('users');
    return view('users.index')->with(compact('users'));
  }
}
```

**Known 'bug':** Currently the SdApi class doesn't check if the token expired but just refreshes it anytime you use it.

### `SdApi::get($endpoint)`

[](#sdapigetendpoint)

- Performs an HTTP-request like `GET https://api.curio.codes/$endpoint`.
- This method relies on a user being authenticated through the `sdclient` first. Only call this method from routes and/or controllers protected by the *auth* middleware.
- Returns a Laravel-collection

👷‍♀️ Contributing
-----------------

[](#‍️-contributing)

We welcome contributions from the community. Please see the [contributing guide](CONTRIBUTING.md) for more information.

###  Health Score

43

—

FairBetter than 91% of packages

Maintenance88

Actively maintained with recent releases

Popularity17

Limited adoption so far

Community10

Small or concentrated contributor base

Maturity47

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 65.8% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~107 days

Recently: every ~187 days

Total

8

Last Release

59d ago

Major Versions

v4.3.0 → v5.0.02026-03-20

### Community

Maintainers

![](https://www.gravatar.com/avatar/0105d3d392dce162238ece3549b28eebc4576788ef4ca62d70b3f035a34385b0?d=identicon)[curio](/maintainers/curio)

---

Top Contributors

[![bartjroos](https://avatars.githubusercontent.com/u/28384433?v=4)](https://github.com/bartjroos "bartjroos (50 commits)")[![luttje](https://avatars.githubusercontent.com/u/2738114?v=4)](https://github.com/luttje "luttje (24 commits)")[![Feddman](https://avatars.githubusercontent.com/u/4361792?v=4)](https://github.com/Feddman "Feddman (1 commits)")[![StevenVanRosendaal](https://avatars.githubusercontent.com/u/6543127?v=4)](https://github.com/StevenVanRosendaal "StevenVanRosendaal (1 commits)")

###  Code Quality

TestsPHPUnit

Code StyleLaravel Pint

### Embed Badge

![Health badge](/badges/curio-sdclient/health.svg)

```
[![Health](https://phpackages.com/badges/curio-sdclient/health.svg)](https://phpackages.com/packages/curio-sdclient)
```

###  Alternatives

[maestroerror/laragent

Power of AI Agents in your Laravel project

630106.4k](/packages/maestroerror-laragent)[nativephp/mobile

NativePHP for Mobile

82724.0k43](/packages/nativephp-mobile)[bensampo/laravel-embed

Painless responsive embeds for videos, slideshows and more.

142146.8k](/packages/bensampo-laravel-embed)[flarum/core

Delightfully simple forum software.

211.3M1.9k](/packages/flarum-core)[spatie/laravel-rdap

Perform RDAP queries in a Laravel app

72108.3k2](/packages/spatie-laravel-rdap)[aedart/athenaeum

Athenaeum is a mono repository; a collection of various PHP packages

245.2k](/packages/aedart-athenaeum)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)