Opauth is a multi-provider authentication framework for PHP, inspired by OmniAuth for Ruby.
Opauth enables PHP applications to do user authentication with ease.
Try out Opauth for yourself at http://opauth.org
What is Opauth?
Opauth provides a standardized method for PHP applications to interface with authentication providers.
Opauth as a framework provides a set of API that allows developers to create strategies that work in a predictable manner across PHP frameworks and applications.
Opauth works well with other PHP applications & frameworks. It is currently supported on:
- vanilla (plain) PHP applications
- CakePHP (maintained by uzyn)
- CodeIgniter (maintained by destinomultimedia)
- CodeIgniter (maintained by mcatm)
- FuelPHP (maintained by andreoav)
- Laravel (maintained by FakeHeal)
- PrestaShop (maintained by Onasusweb)
- Silex (maintained by icehero)
- SilverStripe (maintained by Better Brief)
- Zend Framework 2 (maintained by lorenzoferrarajr)
- and more to come.
If your PHP framework of choice is not yet listed, you can still use Opauth like you would a normal PHP component (class).
Quick start
Guide on how to run the bundled example.
-
Set
DocumentRoot
of your web server toexample/
. (Opauth can be instantiated in your own PHP app, but we will leave that out of this quick start guide) -
Configure Opauth.
First, make a copy of opauth config's file by copying or renaming
opauth.conf.php.default
toopauth.conf.php
.Open up
opauth.conf.php
and make the necessary changes. -
Install some Opauth strategies. Place the strategy files in
lib/Opauth/Strategy/
.For this example, we recommend that you start with Opauth-Facebook:
i. Download the strategy files and place them at
lib/Opauth/Strategy/Facebook/
.ii. Follow the steps at Opauth-Facebook's README to set up your Faceobok app.
iii. Add the following at
opauth.conf.php
underStrategy
as such:
<?php
'Strategy' => array(
// Define strategies here.
'Facebook' => array(
'app_id' => 'YOUR APP ID',
'app_secret' => 'YOUR APP SECRET'
),
);
Finally, send user to http://localhost/facebook
to authenticate.
Check out the wiki for more in-depth details, especially on how to use Opauth with your own PHP application.
Available strategies
A strategy is a set of instructions that interfaces with respective authentication providers and relays it back to Opauth.
Provider-specific:
Strategy | Maintained by |
---|---|
Bitbucket | fancyguy |
Disqus | rasa |
Do | arbales |
uzyn | |
Flickr | pocket7878 |
Foursquare | pocket7878 |
GitHub | uzyn |
uzyn | |
muhdazrain | |
uzyn | |
(Windows) Live | uzyn |
mixi | ritou |
OpenID | uzyn |
PayPal | 24hours |
Sina Weibo (新浪微博) | dgrabla |
uzyn | |
Vimeo | LubosRemplik |
VKontakte | dgrabla |
Yahoo! Japan (YConnect) | ritou |
LINE | Yuzuru Suzuki |
Generic strategy: OAuth
See wiki's list of strategies for an updated list of Opauth strategies or to make requests. Refer also to strategy contribution guide if you would like to contribute a strategy.
Requirements
PHP 5 (>= 5.2) with allow_url_fopen
enabled
Contribute
Opauth needs your contributions, especially the following:
-
More strategies Refer to wiki for contribution guide and inform us when your work is ready.
-
Plugins for more PHP frameworks and CMSes eg. Symfony, Laravel, WordPress, Drupal, etc.
-
Guides & tutorials On how to implement Opauth on CakePHP app, etc.
Issues & questions
- Discussion group: Google Groups Primary channel for support, especially usage questions.
- Issues: Github Issues
- Twitter: @uzyn
- Email me: [email protected]
- IRC: #opauth on Freenode
Used Opauth in your project? Let us know!
Changelog
####v0.4.5 (25 Feb 2018)
- Fixed a Security Incident for unsafe serialize/unserialize. (thanks @YuzuruS #124)
####v0.4.4 (10 May 2013)
- Added HTTP User-Agent header. (thanks @rkaldung #41)
####v0.4.3 (10 January 2013)
- Fixed a
serverPost()
bug where user-supplied options were not applied correctly. (thanks @ritou #26)
####v0.4.2 (28 August 2012)
- Fix session to check for
session_id()
instead of$_SESSION
(thanks @sirikkoster #20)
####v0.4.1 (22 July 2012)
- Not starting session if session is already started. (thanks @Claymm)
- Fixed incorrect error message. (thanks @Claymm)
- Removed
@
forfile_get_contents
. (thanks @Takehiro-Adachi)
####v0.4.0 (10 June 2012)
mapProfile()
andclientGet()
for OpauthStrategy class.
####v0.3.0 (30 May 2012)
- Some unit testing
- More consistent naming of Strategy's internal properties
- Smarter loading of strategy, able to make a few guesses on where the class file might be at.
####v0.2.0 (23 May 2012)
- Opauth is now Composer compatible and listed on Packagist
- Opauth now supports autoloaders
- If a strategy is not autoloaded, Opauth falls back and searches for it at
strategy_dir
defined in config.
- Class name for strategy Foo should now be FooStrategy instead of Foo.
- This is to reduce the likelihood of class name collision due to Opauth not requiring the use of namespace.
- v0.1.0-type class name, ie. Foo, still works, but is now deprecated.
####v0.1.0 (22 May 2012)
- Initial release
License
The MIT License Copyright © 2012-2013 U-Zyn Chua (http://uzyn.com)
Consultation
U-Zyn Chua is a Principal Consultant at Zynesis Consulting.