PHPackages                             joseayram/oauth2-lichess - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. joseayram/oauth2-lichess

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

joseayram/oauth2-lichess
========================

Lichess OAuth 2.0 support for the PHP League's OAuth 2.0 Client

0.1.1(4y ago)026MITPHPPHP ^7.4|^8.0

Since Apr 9Pushed 4y ago1 watchersCompare

[ Source](https://github.com/joseayram/oauth2-lichess)[ Packagist](https://packagist.org/packages/joseayram/oauth2-lichess)[ RSS](/packages/joseayram-oauth2-lichess/feed)WikiDiscussions main Synced yesterday

READMEChangelogDependencies (4)Versions (3)Used By (0)

Lichess OAuth 2.0 provider for the PHP League's OAuth 2.0 Client
================================================================

[](#lichess-oauth-20-provider-for-the-php-leagues-oauth-20-client)

[![Codacy Badge](https://camo.githubusercontent.com/c4717b1e128a2c90e89e0e67fa8b2954a51997a2db2426ccf01f0079310d0e62/68747470733a2f2f6170702e636f646163792e636f6d2f70726f6a6563742f62616467652f47726164652f3434626335383639326130353464616662653537303233343430633938383832)](https://www.codacy.com/gh/joseayram/oauth2-lichess/dashboard?utm_source=github.com&utm_medium=referral&utm_content=joseayram/oauth2-lichess&utm_campaign=Badge_Grade)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/08f8f9632ef8cd939944697ff538abb4984e93b2ea8e5390e7a617d02ad2043a/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f6a6f7365617972616d2f6f61757468322d6c6963686573732f6261646765732f7175616c6974792d73636f72652e706e673f623d6d61696e)](https://scrutinizer-ci.com/g/joseayram/oauth2-lichess/?branch=main)[![Code Coverage](https://camo.githubusercontent.com/ddc068469232543b45af90b09ce12151de0db7e9d351fc4467b48e8e89ec1142/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f6a6f7365617972616d2f6f61757468322d6c6963686573732f6261646765732f636f7665726167652e706e673f623d6d61696e)](https://scrutinizer-ci.com/g/joseayram/oauth2-lichess/?branch=main)[![Build Status](https://camo.githubusercontent.com/b73edd79da64c3a199ca9da8f9a305206e30e42ce0708880e1365524917d9b97/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f6a6f7365617972616d2f6f61757468322d6c6963686573732f6261646765732f6275696c642e706e673f623d6d61696e)](https://scrutinizer-ci.com/g/joseayram/oauth2-lichess/build-status/main)[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE)

This package provides [Lichess](https://lichess.org/) OAuth 2.0 support for the PHP League's [OAuth 2.0 Client](https://github.com/thephpleague/oauth2-client).

Installation
------------

[](#installation)

To install, use composer:

```
$ composer require joseayram/oauth2-lichess
```

Usage
-----

[](#usage)

Usage is just the same as The League's OAuth client, using `\CrudSys\OAuth2\Client\Provider\Lichess` as the provider.

### Authorization Code Flow

[](#authorization-code-flow)

```
require_once 'oauth2-lichess/vendor/autoload.php';

session_start();

use CrudSys\OAuth2\Client\Provider\Lichess;

$clientId = 'api-lichess-test';
$clientSecret = '{your-secret-client}';
$redirectUri = '{your-redirect-uri}';

if (!isset($_SESSION['codeVerifier'])) {
    $verifier = createVerifier();
    $_SESSION['codeVerifier'] = $verifier;
} else {
    $verifier = $_SESSION['codeVerifier'];
}

$provider = new Lichess([
    'clientId'      => $clientId,
    'clientSecret'  => $clientSecret,
    'redirectUri'   => $redirectUri,
]);

if (!isset($_GET['code']) && !isset($_GET['error'])) {
    $challenge = createChallenge($verifier);

    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl([
        'code_challenge' => $challenge,
    ]);

    $_SESSION['oauth2state'] = $provider->getState();

    echo "Login with Lichess";
} elseif ((isset($_GET['error']) && !empty($_GET['error']) ) &&
        (isset($_GET['error_description']) && !empty($_GET['error_description']) )
) {
    unset($_SESSION['oauth2state']);
    exit($_GET['error'].': '.$_GET['error_description']);
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
    unset($_SESSION['oauth2state']);
    exit('Invalid state, make sure HTTP sessions are enabled.');
} else {
    // Try to get an access token (using the authorization code grant)
    try {
        $token = $provider->getAccessToken('authorization_code', [
            'code' => $_GET['code'],
            'code_verifier' => $_SESSION['codeVerifier'],
        ]);
    } catch (\Exception $e) {
        exit('Failed to get access token: '.$e->getMessage());
    }

    // Optional: Now you have a token you can look up a users profile data
    try {
        // We got an access token, let's now get the user's details
        $user = $provider->getResourceOwner($token);
        // Use these details to create a new profile
        printf('Hello %s!\n', $user->getUsername());
        echo "" . print_r($user, true) . "";
    } catch (\Exception $e) {
        exit('Failed to get resource owner: '.$e->getMessage());
    }

    // Use this to interact with an API on the users behalf
    echo $token->getToken();
}
```

### Managing Scopes

[](#managing-scopes)

You can add extra scopes by passing them to the `getAuthorizationUrl()` method

```
$options = [
    'scope' => [Lichess::SCOPE_EMAIL, Lichess::SCOPE_PREFERENCE_READ]
];

$authorizationUrl = $provider->getAuthorizationUrl($options);
```

If no scopes are passed, only `public` is used

At the time of authoring this documentation, the [following scopes are available](https://lichess.org/api#section/Authentication).

- `PREFERENCE_READ` Read your preferences.
- `PREFERENCE_WRITE` Write your preferences.
- `EMAIL` Read your email address.
- `CHALLENGE_READ` Read incoming challenges.
- `CHALLENGE_WRITE` Create, accept, decline challenges.
- `CHALLENGE_BULK` Create, delete, query bulk pairings.

Testing
-------

[](#testing)

```
$ ./vendor/bin/phpunit
```

Changelog
---------

[](#changelog)

Please see [our changelog file](https://github.com/joseayram/oauth2-lichess/blob/main/CHANGELOG.md) for details.

Credits
-------

[](#credits)

- [José Ayram](https://github.com/joseayram)
- [All Contributors](https://github.com/joseayram/oauth2-lichess/contributors)

Special thanks to all creators of the others [oauth2 client's third-party packages](https://oauth2-client.thephpleague.com/providers/thirdparty/) I learnt a lot of them.

Contributing
------------

[](#contributing)

Please see [our contributing guidelines](https://github.com/joseayram/oauth2-lichess/blob/main/CONTRIBUTING.md) for details.

License
-------

[](#license)

The MIT License (MIT). Please see [License File](https://github.com/joseayram/oauth2-lichess/blob/main/LICENSE) for more information.

###  Health Score

21

—

LowBetter than 19% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity6

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity44

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~1 days

Total

2

Last Release

1492d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/ab650a3df9c683a4081b4aefbca4afe020cd6de1984cef98207918a6ad5f853c?d=identicon)[joseayram](/maintainers/joseayram)

---

Top Contributors

[![joseayram](https://avatars.githubusercontent.com/u/1056297?v=4)](https://github.com/joseayram "joseayram (24 commits)")

---

Tags

Authenticationoauthoauth2authorizationlichess

###  Code Quality

TestsPHPUnit

Code StylePHP\_CodeSniffer

### Embed Badge

![Health badge](/badges/joseayram-oauth2-lichess/health.svg)

```
[![Health](https://phpackages.com/badges/joseayram-oauth2-lichess/health.svg)](https://phpackages.com/packages/joseayram-oauth2-lichess)
```

###  Alternatives

[league/oauth2-google

Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client

41721.2M118](/packages/league-oauth2-google)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)