daggerhart
commented
6 years ago @drzraf Thanks for this. I agree, and will add this consideration to the 4.x roadmap
Open drzraf opened 6 years ago
daggerhart
commented
6 years ago @drzraf Thanks for this. I agree, and will add this consideration to the 4.x roadmap
spikyjt
commented
5 years ago I would second this in principal, but would hardly consider php-openid "maintained" - last release in 2015, last commit over a year ago!
The jumbojett client looks promising, but is not compliant with the standard yet.
OpenId Connect clients for PHP seem to be woefully lacking!
drzraf
commented
5 years ago This is way better https://github.com/thephpleague/oauth2-client
spikyjt
commented
5 years ago That's a very mature library, but important to note that it is OAuth2, not specifically OpenId Connect.
yrammos
commented
5 years ago @spikyjt @drzraf generic OAuth2 support would be doubly good to have.
spikyjt
commented
5 years ago @yrammos is generic OAuth2 a good idea for this plugin? It's title suggests it is specifically OpenId Connect. I think there a plenty of OAuth2 libs and plugins, but OpenId Connect has very specific requirements and is distinctly about authentication, when OAuth2 is just authorization.
@daggerhart would be good to know your thoughts
yrammos
commented
5 years ago @spikyjt I'm sorry for my elliptical comment, which warrants your question. You see, there is no open-source or even reasonably-priced OAuth2 client for WordPress right now and this is the closest project that I was able to locate. If it is outside your purview, of course, I'll have to rest my case… Thanks.
spikyjt
commented
5 years ago @yrammos no apology needed! I wasn't aware Wordpress was lacking this, as there are so many PHP libs for OAuth2, I assumed there must be a plugin. Anyway, the question is really for @daggerhart who owns this project and can decide what his intentions for it are/were.
timnolte
commented
4 years ago https://github.com/openid/php-openid has been updated in the last 4-5 months so it does seem to still be maintained.
timnolte
commented
1 year ago Unfortunately, the openid/php-openid package appears to be no longer maintained. It still seems like https://packagist.org/packages/jumbojett/openid-connect-php is probably the best solution so long as it continues to get updates.
timnolte
commented
1 year ago Doing some general Packagist searching it's possible that this Yii package might be able to be leveraged.
https://github.com/yiisoft/yii2-authclient
It has way more functionality in it beyond what this plugin is intended to provide so I'm not sure it's the right fit or not.
drzraf
commented
1 year ago timnolte
commented
1 year ago This may be a partial functionality solution but it doesn't provide any strictly OpenID Connect functionality. I'm sort of partial to perhaps the Yii library as it also provides OpenID Connect functionality along with the required oAuth functionality. There is a part of me that is tempted to fork the official certified PHP library and bring it up to modern PHP standards but I don't have unlimited time and that would take away from the time I do have to get through all of the items in the Issues and PRs.
There is a part of me that would love to get this plugin in a state where it could get certified by the OpenID Connect standards group. That might be wishful thinking.
timnolte
commented
6 months ago A new search has turned up https://packagist.org/packages/facile-it/php-openid-client as what seems to be an even more complete library that is relatively well maintained. My main concern with https://packagist.org/packages/jumbojett/openid-connect-php is that it is essentially all a single Class and there appears to be some missing functionality that might limit how far the plugin can expand with implementing the OpenID Connect features.
timnolte
commented
6 months ago So, documenting here another possible candidate for a library that seems to be well maintained. https://packagist.org/packages/oidc/core
timnolte
commented
6 months ago I am noting that there are a number of other Composer packages that also utilize the https://packagist.org/packages/jumbojett/openid-connect-php package so that still may ultimately be the package to choose.
OpenID provides pointers to existing implementations:
It may be worth considering whether client code advantageously replace the OpenID-aspects of current one (session refresh, endpoint autodetection, ...)