OpenID-Connect-PHP
OpenID-Connect-PHP copied to clipboard
jumbojett
Minimalist OpenID Connect client
Here in the code you can see the client_secret getting unset: https://github.com/jumbojett/OpenID-Connect-PHP/blob/master/src/OpenIDConnectClient.php#L706 ``` $token_params = array( 'grant_type' => $grant_type, 'code' => $code, 'redirect_uri' => $this->getRedirectURL(), 'client_id' => $this->clientID, 'client_secret' =>...
signOut
When I call signOut method, I'm redirected to an url like this: http://localhost:8080/auth/realms/myrealm/protocol/openid-connect/logout?id_token_hint=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJYNHE5OGt4ejBzeHp4QUs3cDZ4eUZvYzN4dDJrUU5zcEhWLUxjaUc2LWlRIn0.eyJleHAiOjE2MDU3MjY5NTcsImlhdCI6MTYwNTcyNjY1NywianRpIjoiY2Y1ZjJhNzUtNmJlNC00NGM0LWI2YzktNWI4NmM0NGE3YmFlIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL215cmVhbG0iLCJhdWQiOlsicmVhbG0tbWFuYWdlbWVudCIsImFjY291bnQiXSwic3ViIjoiMDk4MzUxZDEtYzk1MC00YTBjLTk3ZjItMGMxMWEzMTgyYjliIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoibXljbGllbnQiLCJzZXNzaW9uX3N0YXRlIjoiOTRjZDNjNTEtNTBkNy00MzA2LWEwMDUtNTMxZjlmMzdjYjZmIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwOi8vcHJvamVjdC1iLmxvY2FsIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsicmVhbG0tbWFuYWdlbWVudCI6eyJyb2xlcyI6WyJ2aWV3LWlkZW50aXR5LXByb3ZpZGVycyIsInZpZXctcmVhbG0iLCJtYW5hZ2UtaWRlbnRpdHktcHJvdmlkZXJzIiwiaW1wZXJzb25hdGlvbiIsInJlYWxtLWFkbWluIiwiY3JlYXRlLWNsaWVudCIsIm1hbmFnZS11c2VycyIsInF1ZXJ5LXJlYWxtcyIsInZpZXctYXV0a But I got the following return in browser:  .. and this appears on Keycloak log: ...
I use an Identity Provider that does not have the "end_session_endpoint" parameter in the .well-known/openid-configuration. This leads to an exception when calling signOut(). Is this expected behaviour? Is there a...
This PR added simple cache PSR-16, it need to use a cacheable fetch of the jwks keys and document openid-configuration Issue #194 **List of common tasks a pull request require...
Hi, i am trying to implement a third party connexion using this package and i am almost done but i can't get the access token. Here is my code :...
Hello Why is state hard coded to a random string? This prevents callers being able to pass this through or am I missing somthing? Paul
Hello, this pull request fixes how the at_hash is checked, to comply to OpenID Connect specification. See https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken > at_hash > OPTIONAL. Access Token hash value. Its value is the...
Hello. It seems there's a mistake in $tokenResponse type declaration (string instead of mixed): ```php /** * @var string stores the token response */ private $tokenResponse; ``` ... `$token_json =...
setState and unsetState methods modified to set / unset multiple states. setStateData and getStateData methods added.
In issue #151 the code was changed so that only JSON-responses are accepted. However at least one provider (https://www.governikus.de/) offers ONLY JWT-responses. Maybe the function requestUserInfo() could be changed so...
