Opauth is a multi-provider authentication framework for PHP, inspired by OmniAuth for Ruby.
Opauth enables PHP applications to do user authentication with ease.
Try out Opauth for yourself at http://opauth.org
What is Opauth?
Opauth provides a standardized method for PHP applications to interface with authentication providers.
Opauth as a framework provides a set of API that allows developers to create strategies that work in a predictable manner across PHP frameworks and applications.
Opauth works well with other PHP applications & frameworks. It is currently supported on:
- vanilla (plain) PHP applications
- CakePHP (maintained by uzyn)
- CodeIgniter (maintained by destinomultimedia)
- CodeIgniter (maintained by mcatm)
- FuelPHP (maintained by andreoav)
- Laravel (maintained by FakeHeal)
- PrestaShop (maintained by Onasusweb)
- Silex (maintained by icehero)
- SilverStripe (maintained by Better Brief)
- Zend Framework 2 (maintained by lorenzoferrarajr)
- and more to come.
If your PHP framework of choice is not yet listed, you can still use Opauth like you would a normal PHP component (class).
Quick start
Guide on how to run the bundled example.
-
Set
DocumentRootof your web server toexample/.
(Opauth can be instantiated in your own PHP app, but we will leave that out of this quick start guide) -
Configure Opauth.
First, make a copy of opauth config's file by copying or renaming
opauth.conf.php.defaulttoopauth.conf.php.Open up
opauth.conf.phpand make the necessary changes. -
Install some Opauth strategies.
Place the strategy files inlib/Opauth/Strategy/.For this example, we recommend that you start with Opauth-Facebook:
i. Download the strategy files and place them at
lib/Opauth/Strategy/Facebook/.ii. Follow the steps at Opauth-Facebook's README to set up your Faceobok app.
iii. Add the following at
opauth.conf.phpunderStrategyas such:
<?php
'Strategy' => array(
// Define strategies here.
'Facebook' => array(
'app_id' => 'YOUR APP ID',
'app_secret' => 'YOUR APP SECRET'
),
);
Finally, send user to http://localhost/facebook to authenticate.
Check out the wiki for more in-depth details, especially on how to use Opauth with your own PHP application.
Available strategies
A strategy is a set of instructions that interfaces with respective authentication providers and relays it back to Opauth.
Provider-specific:
Generic strategy: OAuth
See wiki's list of strategies for an updated list of Opauth strategies or to make requests.
Refer also to strategy contribution guide if you would like to contribute a strategy.
Requirements
PHP 5 (>= 5.2)
with allow_url_fopen enabled
Contribute
Opauth needs your contributions, especially the following:
-
More strategies
Refer to wiki for contribution guide and inform us when your work is ready. -
Plugins for more PHP frameworks and CMSes
eg. Symfony, Laravel, WordPress, Drupal, etc. -
Guides & tutorials
On how to implement Opauth on CakePHP app, etc.
Issues & questions
- Discussion group: Google Groups
Primary channel for support, especially usage questions. - Issues: Github Issues
- Twitter: @uzyn
- Email me: chua@uzyn.com
- IRC: #opauth on Freenode
Changelog
####v0.4.5 (25 Feb 2018)
- Fixed a Security Incident for unsafe serialize/unserialize. (thanks @YuzuruS #124)
####v0.4.4 (10 May 2013)
- Added HTTP User-Agent header. (thanks @rkaldung #41)
####v0.4.3 (10 January 2013)
- Fixed a
serverPost()bug where user-supplied options were not applied correctly. (thanks @ritou #26)
####v0.4.2 (28 August 2012)
- Fix session to check for
session_id()instead of$_SESSION(thanks @sirikkoster #20)
####v0.4.1 (22 July 2012)
- Not starting session if session is already started. (thanks @Claymm)
- Fixed incorrect error message. (thanks @Claymm)
- Removed
@forfile_get_contents. (thanks @Takehiro-Adachi)
####v0.4.0 (10 June 2012)
mapProfile()andclientGet()for OpauthStrategy class.
####v0.3.0 (30 May 2012)
- Some unit testing
- More consistent naming of Strategy's internal properties
- Smarter loading of strategy, able to make a few guesses on where the class file might be at.
####v0.2.0 (23 May 2012)
- Opauth is now Composer compatible and listed on Packagist
- Opauth now supports autoloaders
- If a strategy is not autoloaded, Opauth falls back and searches for it at
strategy_dirdefined in config.
- Class name for strategy Foo should now be FooStrategy instead of Foo.
- This is to reduce the likelihood of class name collision due to Opauth not requiring the use of namespace.
- v0.1.0-type class name, ie. Foo, still works, but is now deprecated.
####v0.1.0 (22 May 2012)
- Initial release
License
The MIT License
Copyright © 2012-2013 U-Zyn Chua (http://uzyn.com)
Consultation
U-Zyn Chua is a Principal Consultant at Zynesis Consulting.