OpenID-Connect-PHP

OpenID-Connect-PHP copied to clipboard

Fixes #116 This adds functions that support back-channel logout. With this, an implementor can evaluate `verifyLogoutToken()` and if true, proceed with the developer's application-specific technique for ending the subject's session...

mig5

https://github.com/jumbojett/OpenID-Connect-PHP/blob/ca7429b218d5f043cc440dcd98fc27e4e0f1e418/src/OpenIDConnectClient.php#L640 So basically the current code base is only usable with php7.0+ - when using PKCE flows. We should either require php7 in composer.json or add https://github.com/paragonie/random_compat I vote for...

DeepDiver1975

## Add `client_secret_jwt` as supported method for Client Authentication [OpenID Connect Client Authentication](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication) ** Changes ** - [x] Added new token endpoint auth method supported - [x] Added a method...

andreipopa-who

`refresh_token_expires_in` is an attribute our Microsoft ADFS gives back during `authenticate` > `requestTokens`. Here's related doc from Microsoft: https://docs.microsoft.com/en-us/linkedin/shared/authentication/programmatic-refresh-tokens?view=li-lms-2022-07 It would be helpful to capture this value for extra transparency....

mcouillard

I raised the issue of phpseclib php-xml dependency with the maintainer of phpseclib because OpenID-Connect-PHP fails if php-xml isn't installed, but his answer is that it's such an obscure use...

mrvanes

The client MUST NOT use more than one authentication method in each

1

Hello everyone, I am using a private Identity Access Manager and I am able to complete the login process until I return to my application. This is the simple code:...

lellomaverick

jwks_uri shouldn't be a requirement for checking signatures

6

Since I receive no responses from my previous PR #150, here I describe the issues with `jwks_uri` in the code to see if anybody is interested. So basically, JWT supports...

xushangning

Added userInfo response type check to handle signed and encrypted res…

1

This pull request will add support for signed and/or encrypted UserInfo response. https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.3.2 Added response contentType field to hold value of the latest content type Added jweResponseHandler so the package...

ricklambrechts

Back-Channel Logout

5

Is back channel logout supported?

binary-sort

Magento 2.4.4 is not compatible with latest release 0.9.5

2

jumbojett/openid-connect-php v0.9.5 not compatible with latest Magento 2.4.4. Master branch is compatible but not latest release brunch because of this requirement ``` "require": { ... "phpseclib/phpseclib" : "~2.0", ... }...

MyroslavDobra