Authman allows a Drupal site to act as an OAuth 2 Client.

The goal of this project is to make the act of dealing with OAuth endpoints seamless from a developer and site builder aspect.

Featuring

  • Plugin implementations of providers.
  • Secure storage of client credentials and access tokens, with pluggable backends via Key.
  • Auto renewal of limited lifetime access tokens
  • Resource owner and endpoint connectivity test.
  • Test coverage

Feature roadmap

Dependencies

  • Authman makes use of The PHP League OAuth 2.0 Client project for internals.
  • Latest dev version of Key is required.
  • The project is designed to be used with Composer, support is not guaranteed to projects without Composer.
  • PHP 7.2

Plugins and Integrations

This project does not have any bundled plugins. You will need to develop a plugin or choose from contributed plugins here.

Existing plugins include:

Sample API usage

See also README.

/** @var \Drupal\authman\AuthmanInstance\AuthmanOauthFactoryInterface $oauthFactory */
$oauthFactory = \Drupal::service('authman.oauth');
try {
  $authmanInstance = $oauthFactory->get('ID_OF_authman_auth_CONFIG');
  $response = $authmanInstance
    ->authenticatedRequest('GET', 'https://sample.api.example.com/v2/data?p=2');
  $successResponse = (string) $response->getBody();
}
catch (\GuzzleHttp\Exception\GuzzleException $e) {
  $failureResponse = (string) $e->getResponse()->getBody();
}
catch (\Exception $e) {
  // Plugin or configuration failure.
}

Similar projects

  • OAuth2 Client - a different design philosophy, no support for pluggable secrets. Client ID/secret are stored on plugin definition rather than config (or similar). Access tokens are stored in state, so moving between environments/copying databases is more difficult.
  • OpenID Connect
  • Social Auth (via Social API)
Supporting organizations: 
Initial development and ongoing maintenance.

Project information

Releases