A Laravel wrapper of jumbojett's OpenID Connect Client (jumbojett/openid-connect-php).
This package will set up a Middleware group that can be used to protect web routes with OpenID Connect verification and api routes with token verification.
A few things are necessary to make this library work:
- your IDP should support OpenID Connect with OAuth 2(.1)
- your IDP should have your client already registered
- the application this package is implemented in should have the same private key as your IDP
- this is needed to verify / parse the JWT
When this package is done verifying the token is legit an Event will be fired to be consumed by the target application.
This event should e.g. perform Auth::login($user) to fully let Laravel know this package has handled the authorization.
The UserAuthorizedEvent will broadcast a userUuid, userName and userEmail, your application should already know the user by one of these values (preferably the UUID).
Logging out (also the IDP) is not fully implemented yet. To do it "locally" the only thing needed is to kill the session.
You can set up an IDP with laravel/passport or set up your own with e.g. a Symfony application in combination with
steverhoades/oauth2-openid-connect-server
Or better yet use our IDP package which is a ready to use Symfony bundle with a clear and concise readme and with the above-mentioned library fully implemented. OpenIDConnect IDP Symfony bundle