Authenticate multiple Composer packages from the same host using different credentials.
composer multi-auth:config laragear/web-checkout license ABC-123Composer natively associates authentication credentials (like HTTP Basic, Bearer tokens, GitHub OAuth) with a single domain inside the auth.json file. If you have a private package registry serving multiple packages under the same domain (e.g. keygen.sh or github.com), you cannot easily use different credentials for different packages.
This plugin allows you to define authentication credentials per-package, overriding the default domain-based authentication, plus two useful authentication mechanisms:
{
"http-basic": {
"...": "..."
},
"laragear/web-checkout": {
"license": "$WEBCHECKOUT_LICENSE"
}
}
Your support allows me to keep this package free, up-to-date, and maintainable. Alternatively, you can spread the word!
- PHP 8.3 or later.
- Composer 2.0 or later.
Require this package globally or into your project using Composer:
composer require global laragear/multi-authImportant
If you require this in your project, the plugin will be active only for a single Composer project.
Instead of manually editing your auth.json file, use the provided multi-auth:config command. The command accepts the package name, the authentication type, and the required credentials:
The following authentication types are supported:
Standard HTTP Basic authentication.
composer multi-auth:config vendor/package http-basic username passwordStandard Authorization Bearer token.
composer multi-auth:config vendor/package bearer my-secret-tokenToken-based authentication for GitHub or Gitlab.
composer multi-auth:config vendor/package github-oauth my-github-token
composer multi-auth:config vendor/package gitlab-oauth my-gitlab-token
composer multi-auth:config vendor/package gitlab-token my-gitlab-private-tokenAdds a custom Authentication: License <KEY> header.
composer multi-auth:config vendor/package license ABC-123-XYZYou can append custom query parameters to the package download URL. This is especially useful for passing tokens as URL parameters.
composer multi-auth:config vendor/package query auth "license:\$TOKEN"This will automatically append ?auth=license:{TOKEN} to the URL when Composer downloads vendor/package, where {TOKEN} is automatically resolved from your environment variables.
If you want to apply the configuration globally across all your Composer projects, append the --global (or -g) flag.
composer multi-auth:config vendor/package license ABC-123 --globalNote
This will only work if Multiauth was installed globally.
You can use environment variables in any of your credentials too! Prefix the variable name with a $ sign. Append \ to avoid the shell replacing the variable name with an environment value.
composer multi-auth:config vendor/package bearer \$MY_SECRET_TOKENWhen Composer downloads the package, the plugin will automatically resolve $MY_SECRET_TOKEN from your current environment.
If you discover any security-related issues, please email darkghosthunter@gmail.com instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.