PHPackages                             giberti/ext-oauth-shim - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. giberti/ext-oauth-shim

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

giberti/ext-oauth-shim
======================

An implementation of the pecl OAuth extension in PHP for shared hosts that don't provide it

2.1.0(5mo ago)337.5k↓63.6%1MITPHPPHP ^7.3|^8.0CI failing

Since Feb 10Pushed 5mo ago1 watchersCompare

[ Source](https://github.com/giberti/ext-oauth-shim)[ Packagist](https://packagist.org/packages/giberti/ext-oauth-shim)[ RSS](/packages/giberti-ext-oauth-shim/feed)WikiDiscussions main Synced 3d ago

READMEChangelog (7)Dependencies (2)Versions (9)Used By (0)

OAuth Extension Shim
====================

[](#oauth-extension-shim)

Aims to provides support for `OAuth`, `OAuthException`, and `OAuthProvider` and satisfy the `ext-oauth` requirement for composer packages that require it. This is a work in progress.

**WARNING:** If possible, use the [`PECL` extension](https://pecl.php.net/package/oauth). It's faster!

Quality
-------

[](#quality)

[![Build and Test](https://github.com/giberti/ext-oauth-shim/actions/workflows/test-php.yml/badge.svg)](https://github.com/giberti/ext-oauth-shim/actions/workflows/test-php.yml)

Contributing
------------

[](#contributing)

This is a work in progress, but the `OAuthClient` is usable as an alternative on systems that lack support. In some cases it may be preferred as it will not fatal in some edge cases where the PECL client will.

`OAuthProvider` is not yet complete. Please consider helping flesh out the `OAuthProvider` class or tests or both. This guide to [testing with docker](https://github.com/giberti/ext-oauth-shim/wiki/Testing-with-Docker) can be helpful when trying to contribute. Pull requests are welcome!

### Installing

[](#installing)

This library requires PHP 7.3 or newer to use, including 8.x up to version 8.5.

```
composer require giberti/ext-oauth-shim

```

Usage
-----

[](#usage)

### Client

[](#client)

Most of the time, you'll be using this an OAuth client to request data. You'll start by creating an instance of the client and passing in your access token and secret.

```
// Replace with your values
$consumer       = 'consumer';
$consumerSecret = 'secret';
$token          = 'token';
$tokenSecret    = 'secret';

// Create the client
$client = new OAuth($consumer, $consumerSecret);

// Set the access credentials
$client->setToken($token, $tokenSecret);
```

Now that you have a configured client, you can start making requests. To issue a simple GET request for a URI you can call `fetch()` with the url.

```
// GET a protected resource
$response = $client->fetch('https://example.com/user/me');
```

Another common use case is to POST data, for example, posting a Tweet.

```
// POST data to a protected resource
$postData = [
    'status' => 'Hello Twitter!'
];
$response = $client->fetch('https://api.twitter.com/1.1/statuses/update.json', $postData, 'POST');
```

This can also be used for more complicated payloads such JSON.

#### JSON Body

[](#json-body)

```
$data = [
    'Name' => 'Jane Doe',
    'Age'  => '30',
];
$json = json_encode($data);

$headers = [
    'Content-type' => 'application/json',
];

$response = $client->fetch('https://example.com/user/janedoe', $json, 'POST', $headers);
```

#### Binary Body

[](#binary-body)

An example of posting a GIF to an endpoint that accepts the binary image data.

```
$image = file_get_contents('funny.gif');
$headers = [
    'Content-type' => 'image/gif',
];

$response = $client->fetch('https://example.com/image/', $image, 'POST', $headers);
```

### Obtaining an Access Token

[](#obtaining-an-access-token)

Some providers do not automatically issue Access Tokens, if the API you are interacting with doesn't give you this token, you will need to create one.

```
// Replace with your values
$consumer       = 'consumer';
$consumerSecret = 'secret';

// Create the client
$client = new OAuth($consumer, $consumerSecret);

// Set this to the callback page on your site
$callbackUrl = 'https://yoursite.com/oauth/finish';

// These two Urls are provided to you by the API provider
$requestTokenUrl  = 'https://example.com/oauth/request-token';
$authorizationUrl = 'https://example.com/oauth/authorize';

// Fetch a request token and store it in the session
$requestToken = $client->getRequestToken();

// Store the request token and secret for later
$_SESSION['requestToken'] = $requestToken;

// Redirect the browser to the authorization page
header('Location: ' . $authorizationUrl . '?' . urlencode($requestToken['oauth_token]));
```

The user's browser will be redirected to the service where they will grant permission to the application. Once they have completed this step, the browser will be redirected back to the callback url you provided in the first code sample.

```
// Replace with your values
$consumer       = 'consumer';
$consumerSecret = 'secret';

$requestToken = $_SESSION['requestToken'];

// Create the client
$client = new OAuth($consumer, $consumerSecret);
$client->setToken($requestToken['oauth_token'], $requestToken['oauth_token_secret']);

$accessTokenUrl = 'https://example.com/oauth/access-token';

// Exchange the request token for a permanent access token
$accessToken = $client->getAccessToken($accessTokenUrl, null, $_REQUEST['oauth_verifier']);
$_SESSION['accessToken'] = $accessToken;
unset($_SESSION['requestToken']);
```

For all future requests, you'll use the access token to interact with the API.

```
// Replace with your values
$consumer       = 'consumer';
$consumerSecret = 'secret';

$accessToken = $_SESSION['accessToken'];

// Create the client
$client = new OAuth($consumer, $consumerSecret);
$client->setToken($accessToken['oauth_token'], $accessToken['oauth_token_secret']);

// Fetch a resource
$response = $client->fetch('https://example.com/user/friends');
```

###  Health Score

50

—

FairBetter than 95% of packages

Maintenance72

Regular maintenance activity

Popularity31

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity73

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~485 days

Recently: every ~451 days

Total

7

Last Release

155d ago

Major Versions

0.1 → v1.0.02019-08-03

v1.1 → v2.0.02022-05-01

PHP version history (4 changes)0.1PHP &gt;=7.0

v1.1PHP ^7.2 || ^8.0

v2.0.0PHP ^7.3 || ^8.0

2.1.0PHP ^7.3|^8.0

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/771060?v=4)[Erik Giberti](/maintainers/giberti)[@giberti](https://github.com/giberti)

---

Top Contributors

[![giberti](https://avatars.githubusercontent.com/u/771060?v=4)](https://github.com/giberti "giberti (143 commits)")

---

Tags

oauthphp7php8

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/giberti-ext-oauth-shim/health.svg)

```
[![Health](https://phpackages.com/badges/giberti-ext-oauth-shim/health.svg)](https://phpackages.com/packages/giberti-ext-oauth-shim)
```

###  Alternatives

[kartik-v/yii2-password

Useful password strength validation utilities for Yii Framework 2.0

761.3M17](/packages/kartik-v-yii2-password)[vitalybaev/laravel5-dkim

Laravel 5/6 package for signing outgoing messages with DKIM.

3163.1k](/packages/vitalybaev-laravel5-dkim)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
