Opauth is a multi-provider authentication framework for PHP, inspired by OmniAuth for Ruby.

Opauth enables PHP applications to do user authentication with ease.

Try out Opauth for yourself at http://opauth.org

What is Opauth?

Opauth provides a standardized method for PHP applications to interface with authentication providers.

Opauth as a framework provides a set of API that allows developers to create strategies that work in a predictable manner across PHP frameworks and applications.

Opauth works well with other PHP applications & frameworks. It is currently supported on:

• vanilla (plain) PHP applications
• CakePHP (maintained by uzyn)
• CodeIgniter (maintained by destinomultimedia)
• CodeIgniter (maintained by mcatm)
• FuelPHP (maintained by andreoav)
• Laravel (maintained by FakeHeal)
• PrestaShop (maintained by Onasusweb)
• Silex (maintained by icehero)
• SilverStripe (maintained by Better Brief)
• Zend Framework 2 (maintained by lorenzoferrarajr)
• and more to come.

If your PHP framework of choice is not yet listed, you can still use Opauth like you would a normal PHP component (class).

Quick start

Guide on how to run the bundled example.

1. Set DocumentRoot of your web server to example/. (Opauth can be instantiated in your own PHP app, but we will leave that out of this quick start guide)

2. Configure Opauth.

   First, make a copy of opauth config's file by copying or renaming opauth.conf.php.default to opauth.conf.php.

   Open up opauth.conf.php and make the necessary changes.

3. Install some Opauth strategies. Place the strategy files in lib/Opauth/Strategy/.

   For this example, we recommend that you start with Opauth-Facebook:

   i. Download the strategy files and place them at lib/Opauth/Strategy/Facebook/.

   ii. Follow the steps at Opauth-Facebook's README to set up your Faceobok app.

   iii. Add the following at opauth.conf.php under Strategy as such:

<?php
'Strategy' => array(
    // Define strategies here.

    'Facebook' => array(
        'app_id' => 'YOUR APP ID',
        'app_secret' => 'YOUR APP SECRET'
    ),
);

Finally, send user to http://localhost/facebook to authenticate.

Check out the wiki for more in-depth details, especially on how to use Opauth with your own PHP application.

Available strategies

A strategy is a set of instructions that interfaces with respective authentication providers and relays it back to Opauth.

Provider-specific:

<table> <tr> <th>Strategy</th> <th>Maintained by</th> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=bitbucket.org" alt="Bitbucket" width="16">&nbsp;&nbsp; <a href="http://github.com/fancyguy/opauth-bitbucket">Bitbucket</a></td> <td>fancyguy</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=disqus.com" alt="Disqus" width="16">&nbsp;&nbsp; <a href="https://github.com/rasa/opauth-disqus">Disqus</a></td> <td>rasa</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=do.com" alt="Do" width="16">&nbsp;&nbsp; <a href="https://github.com/arbales/opauth-do">Do</a></td> <td>arbales</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=facebook.com" alt="Facebook">&nbsp;&nbsp; <a href="https://github.com/opauth/facebook"><strong>Facebook</strong></a></td> <td>uzyn</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=www.flickr.com" alt="Flickr" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/pocket7878/opauth-flickr">Flickr</a></td> <td>pocket7878</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=www.foursquare.com" alt="Foursquare" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/pocket7878/opauth-foursquare">Foursquare</a></td> <td>pocket7878</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=github.com" alt="GitHub" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/opauth/github">GitHub</a></td> <td>uzyn</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=google.com" alt="Google" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/opauth/google"><strong>Google</strong></a></td> <td>uzyn</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=instagram.com" alt="Instagram" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/muhdazrain/opauth-instagram">Instagram</a></td> <td>muhdazrain</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=linkedin.com" alt="LinkedIn" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/opauth/linkedin">LinkedIn</a></td> <td>uzyn</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=live.com" alt="Live Connect" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/opauth/live">(Windows) Live</a></td> <td>uzyn</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=mixi.co.jp" alt="mixi" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/ritou/opauth-mixi">mixi</a></td> <td>ritou</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=openid.net" alt="OpenID" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/opauth/openid">OpenID</a></td> <td>uzyn</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=paypal.com" alt="PayPal" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/24hours/opauth-paypal">PayPal</a></td> <td>24hours</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=weibo.com" alt="Sina Weibo" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/dgrabla/opauth-sinaweibo">Sina Weibo (新浪微博)</a></td> <td>dgrabla</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=twitter.com" alt="Twitter" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/opauth/twitter"><strong>Twitter</strong></a></td> <td>uzyn</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=vimeo.com" alt="Vimeo" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/LubosRemplik/opauth-vimeo">Vimeo</a></td> <td>LubosRemplik</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=vk.com" alt="VK" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/dgrabla/opauth-vkontakte">VKontakte</a></td> <td>dgrabla</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=developer.yahoo.co.jp" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/ritou/opauth-yahoojp">Yahoo! Japan (YConnect)</a></td> <td>ritou</td> </tr> <tr> <td><img src="http://www.google.com/s2/favicons?domain=business.line.me" width="16" height="16">&nbsp;&nbsp; <a href="https://github.com/opauth/line">LINE</a></td> <td>Yuzuru Suzuki</td> </tr> </table>

Generic strategy: OAuth

See wiki's list of strategies for an updated list of Opauth strategies or to make requests. Refer also to strategy contribution guide if you would like to contribute a strategy.

Requirements

PHP 5 (>= 5.2) with allow_url_fopen enabled

Contribute

Opauth needs your contributions, especially the following:

• More strategies Refer to wiki for contribution guide and inform us when your work is ready.

• Plugins for more PHP frameworks and CMSes eg. Symfony, Laravel, WordPress, Drupal, etc.

• Guides & tutorials On how to implement Opauth on CakePHP app, etc.

Issues & questions

• Discussion group: Google Groups Primary channel for support, especially usage questions.
• Issues: Github Issues
• Twitter: @uzyn
• Email me: chua@uzyn.com
• IRC: #opauth on Freenode

<p>Used Opauth in your project? Let us know!</p>

Changelog

####v0.4.5 (25 Feb 2018)

• Fixed a Security Incident for unsafe serialize/unserialize. (thanks @YuzuruS #124)

####v0.4.4 (10 May 2013)

• Added HTTP User-Agent header. (thanks @rkaldung #41)

####v0.4.3 (10 January 2013)

• Fixed a serverPost() bug where user-supplied options were not applied correctly. _(thanks @ritou