PHPackages giberti/ext-oauth-shim - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. giberti/ext-oauth-shim ActiveLibrary[Authentication & Authorization](/categories/authentication) giberti/ext-oauth-shim ====================== An implementation of the pecl OAuth extension in PHP for shared hosts that don't provide it 2.1.0(3mo ago)336.9k↓40%1MITPHPPHP ^7.3|^8.0CI passing Since Feb 10Pushed 3mo ago1 watchersCompare [ Source](https://github.com/giberti/ext-oauth-shim)[ Packagist](https://packagist.org/packages/giberti/ext-oauth-shim)[ RSS](/packages/giberti-ext-oauth-shim/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (7)Dependencies (2)Versions (9)Used By (0) OAuth Extension Shim ==================== [](#oauth-extension-shim) Aims to provides support for `OAuth`, `OAuthException`, and `OAuthProvider` and satisfy the `ext-oauth` requirement for composer packages that require it. This is a work in progress. **WARNING:** If possible, use the [`PECL` extension](https://pecl.php.net/package/oauth). It's faster! Quality ------- [](#quality) [![Build and Test](https://github.com/giberti/ext-oauth-shim/actions/workflows/test-php.yml/badge.svg)](https://github.com/giberti/ext-oauth-shim/actions/workflows/test-php.yml) Contributing ------------ [](#contributing) This is a work in progress, but the `OAuthClient` is usable as an alternative on systems that lack support. In some cases it may be preferred as it will not fatal in some edge cases where the PECL client will. `OAuthProvider` is not yet complete. Please consider helping flesh out the `OAuthProvider` class or tests or both. This guide to [testing with docker](https://github.com/giberti/ext-oauth-shim/wiki/Testing-with-Docker) can be helpful when trying to contribute. Pull requests are welcome! ### Installing [](#installing) This library requires PHP 7.3 or newer to use, including 8.x up to version 8.5. ``` composer require giberti/ext-oauth-shim ``` Usage ----- [](#usage) ### Client [](#client) Most of the time, you'll be using this an OAuth client to request data. You'll start by creating an instance of the client and passing in your access token and secret. ``` // Replace with your values $consumer = 'consumer'; $consumerSecret = 'secret'; $token = 'token'; $tokenSecret = 'secret'; // Create the client $client = new OAuth($consumer, $consumerSecret); // Set the access credentials $client->setToken($token, $tokenSecret); ``` Now that you have a configured client, you can start making requests. To issue a simple GET request for a URI you can call `fetch()` with the url. ``` // GET a protected resource $response = $client->fetch('https://example.com/user/me'); ``` Another common use case is to POST data, for example, posting a Tweet. ``` // POST data to a protected resource $postData = [ 'status' => 'Hello Twitter!' ]; $response = $client->fetch('https://api.twitter.com/1.1/statuses/update.json', $postData, 'POST'); ``` This can also be used for more complicated payloads such JSON. #### JSON Body [](#json-body) ``` $data = [ 'Name' => 'Jane Doe', 'Age' => '30', ]; $json = json_encode($data); $headers = [ 'Content-type' => 'application/json', ]; $response = $client->fetch('https://example.com/user/janedoe', $json, 'POST', $headers); ``` #### Binary Body [](#binary-body) An example of posting a GIF to an endpoint that accepts the binary image data. ``` $image = file_get_contents('funny.gif'); $headers = [ 'Content-type' => 'image/gif', ]; $response = $client->fetch('https://example.com/image/', $image, 'POST', $headers); ``` ### Obtaining an Access Token [](#obtaining-an-access-token) Some providers do not automatically issue Access Tokens, if the API you are interacting with doesn't give you this token, you will need to create one. ``` // Replace with your values $consumer = 'consumer'; $consumerSecret = 'secret'; // Create the client $client = new OAuth($consumer, $consumerSecret); // Set this to the callback page on your site $callbackUrl = 'https://yoursite.com/oauth/finish'; // These two Urls are provided to you by the API provider $requestTokenUrl = 'https://example.com/oauth/request-token'; $authorizationUrl = 'https://example.com/oauth/authorize'; // Fetch a request token and store it in the session $requestToken = $client->getRequestToken(); // Store the request token and secret for later $_SESSION['requestToken'] = $requestToken; // Redirect the browser to the authorization page header('Location: ' . $authorizationUrl . '?' . urlencode($requestToken['oauth_token])); ``` The user's browser will be redirected to the service where they will grant permission to the application. Once they have completed this step, the browser will be redirected back to the callback url you provided in the first code sample. ``` // Replace with your values $consumer = 'consumer'; $consumerSecret = 'secret'; $requestToken = $_SESSION['requestToken']; // Create the client $client = new OAuth($consumer, $consumerSecret); $client->setToken($requestToken['oauth_token'], $requestToken['oauth_token_secret']); $accessTokenUrl = 'https://example.com/oauth/access-token'; // Exchange the request token for a permanent access token $accessToken = $client->getAccessToken($accessTokenUrl, null, $_REQUEST['oauth_verifier']); $_SESSION['accessToken'] = $accessToken; unset($_SESSION['requestToken']); ``` For all future requests, you'll use the access token to interact with the API. ``` // Replace with your values $consumer = 'consumer'; $consumerSecret = 'secret'; $accessToken = $_SESSION['accessToken']; // Create the client $client = new OAuth($consumer, $consumerSecret); $client->setToken($accessToken['oauth_token'], $accessToken['oauth_token_secret']); // Fetch a resource $response = $client->fetch('https://example.com/user/friends'); ``` ### Health Score 52 — FairBetter than 96% of packages Maintenance79 Regular maintenance activity Popularity31 Limited adoption so far Community8 Small or concentrated contributor base Maturity73 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~485 days Recently: every ~451 days Total 7 Last Release 108d ago Major Versions 0.1 → v1.0.02019-08-03 v1.1 → v2.0.02022-05-01 PHP version history (4 changes)0.1PHP >=7.0 v1.1PHP ^7.2 || ^8.0 v2.0.0PHP ^7.3 || ^8.0 2.1.0PHP ^7.3|^8.0 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/771060?v=4)[Erik Giberti](/maintainers/giberti)[@giberti](https://github.com/giberti) --- Top Contributors [![giberti](https://avatars.githubusercontent.com/u/771060?v=4)](https://github.com/giberti "giberti (143 commits)") --- Tags oauthphp7php8 ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/giberti-ext-oauth-shim/health.svg) ``` [![Health](https://phpackages.com/badges/giberti-ext-oauth-shim/health.svg)](https://phpackages.com/packages/giberti-ext-oauth-shim) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth)[beatswitch/lock A flexible, driver based Acl package for PHP 5.4+ 870304.7k2](/packages/beatswitch-lock)[amocrm/amocrm-api-library amoCRM API Client 182728.5k6](/packages/amocrm-amocrm-api-library)[vonage/jwt A standalone package for creating JWTs for Vonage APIs 424.1M4](/packages/vonage-jwt) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)