PHPackages hengkianggia/sso-helper - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. hengkianggia/sso-helper ActiveLibrary[Authentication & Authorization](/categories/authentication) hengkianggia/sso-helper ======================= PHP Package for SSO Authentication with PKCE 00PHP Since Apr 20Pushed 1mo agoCompare [ Source](https://github.com/hengkianggia/php-package)[ Packagist](https://packagist.org/packages/hengkianggia/sso-helper)[ RSS](/packages/hengkianggia-sso-helper/feed)WikiDiscussions master Synced 1w ago READMEChangelogDependenciesVersions (1)Used By (0) Solutest SSO Helper (PHP) ========================= [](#solutest-sso-helper-php) This package makes it easy to integrate SSO Authentication with PKCE (Proof Key for Code Exchange) into your PHP frameworks (such as Laravel or CodeIgniter 4). Installation ------------ [](#installation) You can install this package via composer (once published to Packagist): ``` composer require solutest/sso-helper ``` Requirements ------------ [](#requirements) - PHP 7.4 or 8.x - `ext-curl` - `ext-json` Usage ----- [](#usage) Unlike Javascript environments where the `code_verifier` can be implicitly stored in `localStorage`, PHP operates on the server-side. **You are responsible for saving the `code_verifier` into your session** when generating the Login URL, and retrieving it when exchanging the token. ### 1. Generating Login URL (Redirecting User) [](#1-generating-login-url-redirecting-user) First, construct the config array and generate the login URL and code verifier: ``` use Solutest\SsoHelper\SsoClient; $config = [ 'clientId' => 'YOUR_CLIENT_ID', 'redirectUri' => 'http://your-app.test/callback', 'ssoBaseUrl' => 'https://sso.your-mainsite.com' ]; $result = SsoClient::generateSSOLoginUrl($config); $authUrl = $result['url']; $codeVerifier = $result['codeVerifier']; // ===== FRAMEWORK SPECIFIC SESSION HANDLING ===== // // In Laravel: // session(['sso_code_verifier' => $codeVerifier]); // return redirect($authUrl); // In CodeIgniter 4: // session()->set('sso_code_verifier', $codeVerifier); // return redirect()->to($authUrl); ``` ### 2. Exchanging the Code for a Token (Callback) [](#2-exchanging-the-code-for-a-token-callback) On your `/callback` route, handle the incoming `code` parameter and retrieve your stored `code_verifier`: ``` use Solutest\SsoHelper\SsoClient; use Solutest\SsoHelper\SSOException; $code = $_GET['code'] ?? null; // Adjust based on your framework (e.g. $request->query('code')) // Retrieve the code_verifier from your session // In Laravel: $codeVerifier = session('sso_code_verifier'); // In CodeIgniter 4: $codeVerifier = session()->get('sso_code_verifier'); try { $tokenResponse = SsoClient::exchangeSSOToken($config, $code, $codeVerifier); // Success! // $tokenResponse['access_token'] will be available here $accessToken = $tokenResponse['access_token']; // You can parse the payload using the built-in helper $payload = SsoClient::getSSOTokenPayload($accessToken); print_r($payload); } catch (SSOException $e) { // Handle error during token exchange echo "SSO Failed: " . $e->getMessage(); } ``` Security -------- [](#security) This package inherently relies on cryptographically secure random routines (`random_int`) and SHA-256 for PKCE. License ------- [](#license) The MIT License (MIT). ### Health Score 19 — LowBetter than 10% of packages Maintenance59 Moderate activity, may be stable Popularity0 Limited adoption so far Community6 Small or concentrated contributor base Maturity11 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/b0ab7e71b5a687292956c047c7c440b5031be763d2a6e3321bffed0f0f27ab13?d=identicon)[hengkianggia](/maintainers/hengkianggia) --- Top Contributors [![hengkianggia](https://avatars.githubusercontent.com/u/108007824?v=4)](https://github.com/hengkianggia "hengkianggia (2 commits)") ### Embed Badge ![Health badge](/badges/hengkianggia-sso-helper/health.svg) ``` [![Health](https://phpackages.com/badges/hengkianggia-sso-helper/health.svg)](https://phpackages.com/packages/hengkianggia-sso-helper) ``` ### Alternatives [kartik-v/yii2-password Useful password strength validation utilities for Yii Framework 2.0 761.2M17](/packages/kartik-v-yii2-password) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)