PHP package supporting EVE Online SSO v2 (flow for web based applications) including JWT signature verification.
To install the library via Composer, execute:
composer require tkhamez/eve-sso// Initiate provider object
// (if you do not provide all optional URLs this will make a request to the metadata URL to
// get them).
try {
$provider = new Eve\Sso\AuthenticationProvider(
[
// required
'clientId' => 'your-EVE-app-client-ID',
'clientSecret' => 'your-EVE-app-secret-key',
'redirectUri' => 'https://your-callback.url',
// optional
'urlAuthorize' => 'https://login.eveonline.com/v2/oauth/authorize',
'urlAccessToken' => 'https://login.eveonline.com/v2/oauth/token',
'urlRevoke' => 'https://login.eveonline.com/v2/oauth/revoke',
'urlKeySet' => 'https://login.eveonline.com/oauth/jwks',
'issuer' => 'https://login.eveonline.com',
'urlMetadata' => 'https://login.eveonline.com/.well-known/oauth-authorization-server',
],
// Add all required scopes.
['esi-mail.read_mail.v1', 'esi-skills.read_skills.v1'],
// Optionally use your own HTTP client.
httpClient: new GuzzleHttp\Client(),
// Optionally add a logger to log exception that are caught from libraries
// (any class implementing Psr\Log\LoggerInterface, the example uses monolog/monolog
// which is not included in this package).
logger: new Monolog\Logger('SSO', [new Monolog\Handler\StreamHandler('/path/to/logfile')])
);
} catch (Exception $e) {
echo $e->getMessage();
}
// Optionally disable signature verification.
$provider->setSignatureVerification(false);// Login URL
session_start();
$_SESSION['state'] = $provider->generateState();
$loginUrl = $provider->buildLoginUrl($_SESSION['state']);
header("Location: $loginUrl");// Callback URL
session_start();
try {
$auth = $provider->validateAuthenticationV2($_GET['state'], $_SESSION['state'], $_GET['code']);
} catch (Exception $e) {
echo $e->getMessage();
}
// Store the token data somewhere
$refreshToken = $auth->getToken()->getRefreshToken();
$accessToken = $auth->getToken()->getToken();
$expires = $auth->getToken()->getExpires();
// ...// Refreshes access token, if necessary.
$existingToken = new League\OAuth2\Client\Token\AccessToken([
'refresh_token' => $refreshToken,
'access_token' => $accessToken,
'expires' => $expires,
]);
try {
$token = $provider->refreshAccessToken($existingToken);
} catch (Exception $e) {
echo $e->getMessage();
}docker build --tag eve-sso .
docker run -it --mount type=bind,source="$(pwd)",target=/app --workdir /app eve-sso /bin/sh