PHPackages ussoccerfederation/soccer-id-sdk-php - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. ussoccerfederation/soccer-id-sdk-php ActiveLibrary[Authentication & Authorization](/categories/authentication) ussoccerfederation/soccer-id-sdk-php ==================================== A minimalist SDK to connect a PHP app to USSF's Auth0 v1.0.3(9mo ago)04MITPHPPHP >=8.0CI failing Since Mar 18Pushed 5mo ago7 watchersCompare [ Source](https://github.com/USSoccerFederation/soccer-id-sdk-php)[ Packagist](https://packagist.org/packages/ussoccerfederation/soccer-id-sdk-php)[ RSS](/packages/ussoccerfederation-soccer-id-sdk-php/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (4)Dependencies (8)Versions (8)Used By (0) Soccer ID - U.S. Soccer Federation Partner Authentication SDK ============================================================= [](#soccer-id---us-soccer-federation-partner-authentication-sdk) [![Packagist License](https://camo.githubusercontent.com/d96d0839587c780d7fd4d6addb9fb475629d73bebebb96ba50b50ebbec84c2cb/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f5553536f6363657246656465726174696f6e2f736f636365722d69642d73646b2d7068703f6c6162656c3d4c6963656e7365)](https://camo.githubusercontent.com/d96d0839587c780d7fd4d6addb9fb475629d73bebebb96ba50b50ebbec84c2cb/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f5553536f6363657246656465726174696f6e2f736f636365722d69642d73646b2d7068703f6c6162656c3d4c6963656e7365)[![Unit tests](https://camo.githubusercontent.com/45057be35c4c4af96319881f3ee13a30f911b9da72a792c655e21e58cfc7ff31/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f636865636b2d72756e732f5553536f6363657246656465726174696f6e2f736f636365722d69642d73646b2d7068702f6d61696e3f6c6162656c3d5465737473)](https://camo.githubusercontent.com/45057be35c4c4af96319881f3ee13a30f911b9da72a792c655e21e58cfc7ff31/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f636865636b2d72756e732f5553536f6363657246656465726174696f6e2f736f636365722d69642d73646b2d7068702f6d61696e3f6c6162656c3d5465737473)[![Packagist Version](https://camo.githubusercontent.com/647663742fb7ee003712ff6a977cb0b5f06141454e7c179721eef7a66b9c83c2/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f5553536f6363657246656465726174696f6e2f736f636365722d69642d73646b2d7068703f6c6162656c3d56657273696f6e)](https://camo.githubusercontent.com/647663742fb7ee003712ff6a977cb0b5f06141454e7c179721eef7a66b9c83c2/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f5553536f6363657246656465726174696f6e2f736f636365722d69642d73646b2d7068703f6c6162656c3d56657273696f6e) Requirements ------------ [](#requirements) - PHP 8+ - Any PSR-18 compatible HTTP client, such as Guzzle - Client ID & Secret from U.S. Soccer - An agreed-upon callback URL About ----- [](#about) Soccer ID is an initiative by the U.S. Soccer Federation to empower partner applications. This SDK simplifies the integration of third-party applications with U.S. Soccer's identity provider (IdP), enabling seamless user authentication via U.S. Soccer’s user pool. With this SDK, developers can quickly implement secure login functionality, allowing users of their applications to authenticate using their U.S. Soccer credentials. It abstracts the complexities of identity federation, handling authentication flows, token validation, and user session management with minimal configuration. Whether you're building a membership portal, a fan engagement platform, or an internal team tool, this SDK streamlines the authentication process, ensuring a secure and consistent login experience. How it works ------------ [](#how-it-works) Your application will complete the expected Auth0 login flow, then will interact with U.S. Soccer's Identity Service to get or update information about the user. Afterward, you finalize the user's session, logging them into your app. For a detailed view on all the pieces involved in this flow, see the sequence diagram below: ``` sequenceDiagram autonumber actor User participant Webserver as Webserver User ->> Webserver: Visit login page, choose U.S. Soccer Auth create participant Auth0 Webserver ->> Auth0: Forward user to Universal Login Portal activate Auth0 User Auth0: Credential exchange Auth0 -->> User: Auth success, set cookie Auth0 ->> Webserver: Redirect user back to callback endpoint deactivate Auth0 activate Webserver destroy Auth0 Webserver Auth0: Handshake, code exchange create participant IdService as U.S. Soccer Identity Service Webserver -->> IdService: Get profile Note over Webserver: Create or update user in database destroy IdService Webserver -->> IdService: POST amendments to profile Note over Webserver: Any additional login steps Webserver ->> User: Set cookies, render app dashboard deactivate Webserver ``` Loading 1. On your application's login page, provide the user with the option to "Login with U.S. Soccer." 2. Direct the user to U.S. Soccer's Auth0 Universal Login page. 3. The user will then be prompted to enter their credentials (email and password) if they are not already logged into U.S. Soccer 4. Auth0 will set cookies on the user's browser, and then... 5. Redirect the user to the partner app's configured "callback URL" 6. The partner app will need to perform a "code exchange" with Auth0. On success, the user can be considered authenticated 7. Send a GET request to U.S. Soccer's Identity Service to get the user's profile. This contains additional information about the user. Use info from the Auth0 session + profile to upsert the user into your app's database. 8. You *may* provide updates/changes to the user's profile if needed. 9. Do any additional steps needed to log the user into your application and set their cookie(s). Quick setup ----------- [](#quick-setup) Install the SDK: ``` composer require ussoccerfederation/soccer-id-sdk-php ``` Install a PSR-18 HTTP client *if you don't already have one*: ``` composer require guzzlehttp/guzzle guzzlehttp/psr7 http-interop/http-factory-guzzle ``` Configure your environment variables, or use `.env`. See `.env.example` for a good starting point. ``` # Get these from U.S. Soccer: USSF_AUTH0_CLIENT_ID=example-client-id-from-ussoccer USSF_AUTH0_CLIENT_SECRET=example-client-secret-from-ussoccer USSF_AUTH0_DOMAIN=auth-dev.ussoccer.com # Create your own cookie secret. This is used to encrypt the auth0 cookie. # This can be generated using `openssl rand -hex 32` from your shell. USSF_AUTH0_COOKIE_SECRET=dd60d4b06b73480172f08741cb00f0c3b70d559965669a808edb1b89c0d30dd5 # Specify the schema (HTTP/HTTPS) and domain for your app. # If blank, UssfAuth will make its best guess. # Example: http://my-app.fakeorganization.org APP_URL= # This should be the route to the "callback" endpoint. # This is where users will be directed to in your app in order to complete # the Auth0 exchange. USSF_AUTH0_CALLBACK_ROUTE=ussf_callback.php ``` If you are using Laravel, please jump forward to [Laravel Integration](#Laravel-Integration) If you'd like to use `.env` files with your application and have not already included `phpdotenv`, do so now: ``` composer require vlucas/phpdotenv ``` Now in your application, create an instance of the `UssfAuth` client. For example: ```