Can we integrate Gluu with PHP

By: Vipul Kumar user 06 May 2020 at 12:18 p.m. CDT

3 Responses
Vipul Kumar gravatar
I have one question regarding Gluu server, I have already CMS developed in PHP. Can we integrate Gluu server with PHP? Is it possible to save user's data on our server and connect to Gluu for authorization? If possible then please share some documents. Thanks.
Ubuntu 18.1
closed

Answers

By Michael Schwartz Account Admin 06 May 2020 at 1:37 p.m. CDT

Copy
Michael Schwartz gravatar
You're CMS should use the Gluu Server OpenID Connect interface. There are several OpenID Connect client libraries that will enable you to redirect the user to the Gluu Server for authentication, and then to obtain user information (from the Userinfo endpoint) by presenting a valid access token. Once you have user info, you can map that to an existing user in your database, or create a new user on the fly. You might want to read my book [Securing the Perimeter](https://www.apress.com/us/book/9781484226001) for an introduction about federated identity. All [Gluu Server Docs](https://gluu.org/docs) are all public. You can also do a web search on "OpenID Connect PhP" and probably turn up a ton of howto's. With regard to authorization, you can base authorization on user claims returned from the Gluu Server. For example, if the person has `role: Manager`, then map that to the right permissions in your application. That's the easiest way to implement central control. You could also look at the Gluu Gateway product. Check out the recent webinar on how to implement RBAC with Gluu Gateway.

By shiv kumar user 28 Jun 2022 at 9:44 a.m. CDT

Copy
shiv kumar gravatar
Hi @Michael.Schwartz, I tried this command "composer require "gluufederation/oxd-php-api" it is asking token and i have attached the error code below. please let me know how to resolve this issue - Syncing gluufederation/oxd-php-api (3.1.2) into cache Cloning failed using an ssh key for authentication, enter your GitHub credentials to access private repos When working with _public_ GitHub repositories only, head to https://github.com/settings/tokens/new?scopes=&description=Composer+on+Shivkumar+2022-06-28+1322 to retrieve a token. This token will have read-only permission for public information only. When you need to access _private_ GitHub repositories as well, go to https://github.com/settings/tokens/new?scopes=repo&description=Composer+on+Shivkumar+2022-06-28+1322 Note that such tokens have broad read/write permissions on your behalf, even if not needed by Composer. Tokens will be stored in plain text in "C:/Users/91626/AppData/Roaming/Composer/auth.json" for future use by Composer. For additional information, check https://getcomposer.org/doc/articles/authentication-for-private-packages.md#github-oauth Token (hidden):

By Michael Schwartz Account Admin 28 Jun 2022 at 10:36 a.m. CDT

Copy
Michael Schwartz gravatar
`gluufederation/oxd-php-api` is not supported anymore. Please switch to a standard php openid connect library.

Post an answer