PHPackages                             netsoftholdings/public-api-demo - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [API Development](/categories/api)
4. /
5. netsoftholdings/public-api-demo

ActiveProject[API Development](/categories/api)

netsoftholdings/public-api-demo
===============================

Hubstaff Public API

038PHP

Since Dec 15Pushed 4y agoCompare

[ Source](https://github.com/serg-php/public-api-php-demo)[ Packagist](https://packagist.org/packages/netsoftholdings/public-api-demo)[ RSS](/packages/netsoftholdings-public-api-demo/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependenciesVersions (1)Used By (0)

Public API PHP Demo
===================

[](#public-api-php-demo)

This repository contains a simple sample cli tool that shows off how to access the Hubstaff public api via PHP.

The core access is all done via the php-openid-client package.

Open ID Discovery
-----------------

[](#open-id-discovery)

The Hubstaff account system uses the Open ID Connect discovery protocol to allow an application to easily query what the token endpoint, authorization endpoints, etc. are. Thus you only need to know the authentication domain () and the API endpoint url ()

The example code in client.php fetches and caches this discovery data for 1 week. This way it does not need to be constantly fetched.

Token persistence
-----------------

[](#token-persistence)

This demo has a simple way of managing the API token. It simply stores it in json file that is read from on startup and written when tokens are refreshed.

A proper storage should have locking around read and write. And also the code should lock and re-read the state file when refreshing in case another process already refreshed the token. e.g. a proper refresh token flow should be

1. lock
2. re-read state and load the token
3. if the token is no longer expired or near expiring use the new token (another process refreshed)
4. otherwise refresh the token
5. save
6. release lock

Client app vs Personal access token
-----------------------------------

[](#client-app-vs-personal-access-token)

The Hubstaff account system's personal access token is designed to work very similarly to our client apps in that they both produce short-lived access tokens that must be refreshed periodically.

The code in client.php is an example on how to accomplish this task using disk access as the permanent token storage. If you have other mechanisms for storage you can implement that in the saveState and loadState methods.

Personal access token use
-------------------------

[](#personal-access-token-use)

The default setup in api.js is to use a personal access token. To use create/edit the configState.json so that it contains the following entry.

```
{
    "token": {
        "refresh_token": "personal access refresh token goes here"
    }
}
```

Then when the api.js makes a request it will automatically refresh to acquire an access token as needed and persist it to the configState.json between executions.

Setup the configState.json as defined above Then run the cli\_tool sample like this

```
php client.php
```

And this will dump out the "v2/users/me" endpoint

###  Health Score

17

—

LowBetter than 6% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity7

Limited adoption so far

Community9

Small or concentrated contributor base

Maturity27

Early-stage or recently created project

 Bus Factor1

Top contributor holds 55.6% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://www.gravatar.com/avatar/e61d4919408a8ca06668271270d5c2035e72ef3c99ad1aa2425f268090abc1aa?d=identicon)[serg-php](/maintainers/serg-php)

---

Top Contributors

[![urkle](https://avatars.githubusercontent.com/u/101123?v=4)](https://github.com/urkle "urkle (10 commits)")[![serg-php](https://avatars.githubusercontent.com/u/10445674?v=4)](https://github.com/serg-php "serg-php (6 commits)")[![Mehonoshin](https://avatars.githubusercontent.com/u/525961?v=4)](https://github.com/Mehonoshin "Mehonoshin (2 commits)")

### Embed Badge

![Health badge](/badges/netsoftholdings-public-api-demo/health.svg)

```
[![Health](https://phpackages.com/badges/netsoftholdings-public-api-demo/health.svg)](https://phpackages.com/packages/netsoftholdings-public-api-demo)
```

###  Alternatives

[stripe/stripe-php

Stripe PHP Library

4.0k143.3M478](/packages/stripe-stripe-php)[twilio/sdk

A PHP wrapper for Twilio's API

1.6k92.9M271](/packages/twilio-sdk)[knplabs/github-api

GitHub API v3 client

2.2k15.8M187](/packages/knplabs-github-api)[facebook/php-business-sdk

PHP SDK for Facebook Business

90121.9M34](/packages/facebook-php-business-sdk)[meilisearch/meilisearch-php

PHP wrapper for the Meilisearch API

73813.7M114](/packages/meilisearch-meilisearch-php)[google/gax

Google API Core for PHP

263103.1M454](/packages/google-gax)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)