OpenID Connect

[davidsteinsland]

Any plans to support OpenID Connect on top of OAuth?

[alexbilbie]

It's certainly something I want to look into. I don't have anything more to say about it at the moment though.

[davidsteinsland]

It would, in my mind, be a good addition of the OAuth library. You're then able to provide authentication and authorization in one go, and also providing a secure implicit flow grant.

[alexbilbie]

Can you point me in the direction of any large services who are providing a standards complaint implementation of OpenID Connect?

[davidsteinsland]

Here's a list of certified OpenID Connect issuers: https://openid.net/certification/

My best tip is pointing you to the specification, though. Cumbersome reading material, but it's where it all is :)

[alexbilbie]

I had a look through the specs a few years back when they were ratified. Once I've got v5 finished I will certainly take a look again.

[bobmulder]

Any specific plans on integrating OpenID Connect? I would love to use it ;)

[alexbilbie]

Yes; OpenID Connect will be in v5.1.0

[bobmulder]

Thank you very much @alexbilbie, looking forward to the new release! Good luck!

[alexbilbie]

Just a quick update to say that I have started working on this feature; I created https://github.com/thephpleague/openid-connect-claims last week to implement the ID token claim set.

There's still some more work to do yet but I will keep this ticket updated.

[bobmulder]

Thanks @alexbilbie!

[pounard]

I am actually using the https://github.com/thephpleague/openid-connect-claims component in custom code, it's working fine considering it doesn't do much yet, nevertheless it did saved me some time, thanks.

[strietzel]

@alexbilbie, first of all thanks for your great enthusiasm. Is there any progress on OpenID Connect implementation you can report?

[qrazi]

Also curious about this... Any progress? Any roadblocks? Any specific help needed? (just started reading up on OpenID Connect yesterday though... )

[steverhoades]

I added support for OpenID Connect on top of this server here: https://github.com/steverhoades/oauth2-openid-connect-server. If there is any interest I would be happy to help adding this functionality to the library proper.

[dimvic]

@alexbilbie, thanks for a very nice OAuth2 implementation :) do you have any plans & time for OpenID Connect?

[wdalmut]

:+1:

[janzankowski]

+1 for this feature

[nicolassing]

Hello @Sephster, Have you started to work on this ? I'd like to start working on it :)

[Sephster]

Hi @nicolassing - I haven't yet but @alexbilbie had started on something so I'd planned on using that as a start at some point. I can't say when though as my timing predictions are usually wrong :)

[filips123]

Is there any progress? When will OpenID Connect be implemented?

[linuxd3v]

Currently PHP ecosystem has no thought through and maintained OIDC library. To the point that I seriously have to consider using python|node for my current work task which is very sad.

[duchnoun]

+1 for this feature , any news ?

[mav2287]

+1 the previous post said V5, but it doesn't look like OpenID Connect ever got added. Where are things at with this?

[HVStechnik]

+1

[wapacro]

+1

[sykezz]

+1

[kgrosvenor]

Need this

[arietimmerman]

I've just published the source code of the OpenID Connect Server as used by idaas.nl. You can find it here https://github.com/arietimmerman/openid-server

It has currently one dependency, being league/oauth2-server. It extends a set of classes in order to provide support for the OpenID Connect authorization grant and implicit grant.

[johnwc]

@Sephster @alexbilbie Has there been anymore work on Open ID? What's particularly useful that we are needing is the OpenID Connect Discovery spec, which would allow a remote API be able to verify a token quickly without much manual configuration.

[Sephster]

No work yet. There is a Symfony bundle now using the package which is also interested in getting this introduced so I expect it to be pushed forwards this year. In the meantime you can use @steverhoades's repo if you are needing this quicker.

[kgrosvenor]

@Sephster, Great news and for all involved - thanks for all the work this really is a flexible and awesome library! I've implemented it using Doctrine classes and Slim, @steverhoades repo for OpenID Connect works great, one of the extra features I was interested in was OpenID Introspection.