Opauth configuration

Instantiation of Opauth class expects a configuration array as input.

Configuration array

• $config = array(

  • path - (string) Path where Opauth is accessed.

    • Begins and ends with '/'
      eg. if Opauth is reached via http://example.org/auth/, path should be set to '/auth/'
      if Opauth is reached via http://auth.example.org/, path is '/'
    • Default: '/'

  • debug - (boolean) Whether debug messages are to be displayed

    • Default: false

  • callback_url - string URL where Opauth sends auth response to, successful or otherwise

    • Default: '{path}callback.php'

  • callback_transport - string HTTP transport type, for sending of Auth response

    • The only allowed values are 'session', 'post' or 'get'.
    • 'session': Default. Works best unless callback_url is on a different domain than Opauth. Cookie, and as a result, session, does not work cross-domain.
    • 'post': Works cross-domain, but relies on availability of client-side JavaScript, which is very common, even on mobile browsers, but not guaranteed.
    • 'get': Works cross-domain, but may be limited or corrupted by browser URL length limit (eg. IE8/IE9 has 2083-char limit)
    • Default: 'session'

  • security_salt - string A random string used for signing of auth response.

    • Default: 'LDFmiilYf8Fyw5W10rx4W1KsVrieQCnpBzzpTBWA5vJidQKDx8pMJbmw28R1C4m' (using of default values will trigger a E_USER_NOTICE prompting user to change to another value)

  • security_iteration - integer The number of times hashing is done to sign auth response.

    • Higher value, better security, slower hashing.
    • Lower value, lower security, faster hashing.
    • Default: 300

  • security_timeout - string Time limit allowed for an auth response to be considered valid. Starting from auth response generation (ie. the time when callback is first requested) to the time when auth response is received and attempts validation.

    • Expects time value parsable by strtotime().
    • Default: '2 minutes'
    • Default value is set pretty high for the case of HTTP-based callbacks, if you use session for callback_transport, you can set the value to be as low as '1 second'.

  • strategy_dir - string Directory where strategies are located

    • This is not needed if you install Opauth via Composer.
    • Default: {lib_dir}Strategy/

  • Strategy - array Respective configurations for individual strategies

    • Refer to individual strategy's documentation on configuration requirements.
    • No default is set.
    • Example:

      <?php
      'Strategy' => array(
          
          'Facebook' => array(
              'app_id' => 'APP ID',
              'app_secret' => 'APP_SECRET'
          ),
      
      );

• );

Opauth config, $config can then be passed to Opauth during instantiation as follows:

<?php
require 'path_to_opauth/Opauth.php';
$Opauth = new Opauth( $config );

Note:
{placeholder} can be used for string-based parameters for it to be replaced by similarly-named config values.
Eg., {path} would be replaced to '/' (if path value is set to that)

Samples

• Quickstart configuration

• Advanced configuration

Guide to multiple configurations for a single strategy

For the purpose of illustration, let's assume that you have 2 separate Facebook apps, and you would like to define 2 different configurations (app_id, app_secret, etc) for Facebook strategy.

Firstly, you will only need to have a single installation of Facebook strategy.

Next, explicitly set strategy_class and strategy_url_name for one or both of the configurations.

strategy_class tells Opauth which Strategy to use;
strategy_url_name tells Opauth the URL that points to each of them

For this case, your Strategy configuration may look like:

<?php
'Facebook' => array(
  'app_id' => '000000000001',
  'app_secret' => '7e7cad2cc7eebab581643c12bf7e50f8'
),

// Note that the name is different
'SecondFacebookApp' => array(
  'app_id' => '000000000002',
  'app_secret' => '2c7ccb6ca6c763e211fda2f5372feac2',
	
  // Explicitly set these
  'strategy_class' => 'Facebook',     // Opauth Strategy to use
  'strategy_url_name' => 'second-app'    // URL-friendly name
)

To authenticate user for the first app (app_id = 000000000001), direct user to http://path_to_opauth/facebook.
To authenticate user for the second app (app_id = 000000000002), direct user to http://path_to_opauth/second-app.