44°F

Aaron Parecki

  • Articles
  • Notes
  • Photos
  • IndieAuth-Client-PHP 0.3.1

    February 7, 2018

    This release includes two new methods for quickly developing an IndieAuth client.

    The library can now handle all the boilerplate work of generating a state parameter, URL canonicalization, and state management between the request and callback.

    Developing an IndieAuth client now requires just setting a few configuration variables and deciding how to show error messages in your application. See the code below for an example of using the new features!

    index.php

    <form action="/login.php" method="post">
      <input type="url" name="url">
      <input type="submit" value="Log In">
    </form>
    

    login.php

    <?php
    require('vendor/autoload.php');
    if(!isset($_POST['url'])) {
      die('Missing URL');
    }
    
    // Start a session for the library to be able to save state between requests.
    session_start();
    
    // You'll need to set up two pieces of information before you can use the client,
    // the client ID and and the redirect URL.
    // The client ID should be the home page of your app.
    IndieAuth\Client::$clientID = 'https://example.com/client/';
    
    // The redirect URL is where the user will be returned to after they approve the request.
    IndieAuth\Client::$redirectURL = 'https://example.com/client/redirect.php';
    
    // Pass the user's URL and your requested scope to the client.
    // If you are writing a Micropub client, you should include at least the "create" scope.
    // If you are just trying to log the user in, you can omit the second parameter.
    list($authorizationURL, $error) = IndieAuth\Client::begin($_POST['url']);
    // or list($authorizationURL, $error) = IndieAuth\Client::begin($_POST['url']);
    
    // Check whether the library was able to discover the necessary endpoints
    if($error) {
      echo "<p>Error: ".$error['error']."</p>";
      echo "<p>".$error['error_description']."</p>";
    } else {
      // Redirect the user to their authorization endpoint
      header('Location: '.$authorizationURL);
    }
    

    redirect.php

    <?php
    require('vendor/autoload.php');
    
    session_start();
    IndieAuth\Client::$clientID = 'https://example.com/client/';
    IndieAuth\Client::$redirectURL = 'https://example.com/client/redirect.php';
    
    list($user, $error) = IndieAuth\Client::complete($_GET);
    
    if($error) {
      echo "<p>Error: ".$error['error']."</p>";
      echo "<p>".$error['error_description']."</p>";
    } else {
      // Login succeeded!
      // If you requested a scope, then there will be an access token in the response.
      // Otherwise there will just be the user's URL.
      echo "URL: ".$user['me']."<br>";
      if(isset($user['access_token'])) {
        echo "Access Token: ".$user['access_token']."<br>";
        echo "Scope: ".$user['scope']."<br>";
      }
    }
    
    Portland, Oregon • 55°F
    Wed, Feb 7, 2018 11:30am -08:00 #indieauth #indieweb
    2 replies 1 mention
    • dgold micro.blog/dgold

      @aaronpk great work Aaron. 👍

      Wed, Feb 7, 2018 2:18pm -08:00
    • eli micro.blog/eli

      @aaronpk 🙌💯🧚‍♀️🙏

      Wed, Feb 7, 2018 2:34pm -08:00

    Other Mentions

    • Aaron Parecki aaronparecki.com
      First Quarter 2018 in Review
      Sun, Apr 1, 2018 4:42pm -07:00
Posted in /articles using quill.p3k.io

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv