tkhamez/eve-sso

EVE Online - SSO

Maintainers

Details

github.com/tkhamez/eve-sso-php

Source

Issues

Installs: 3 884

Dependents: 0

Suggesters: 0

Security: 0

Stars: 4

Watchers: 1

Forks: 1

Open Issues: 0

6.0.0 2025-05-08 14:32 UTC

Requires

Requires (Dev)

MIT fd842f3b0efbcb3c32cc8b4d1b0afbf2e7913dfc

This package is auto-updated.

Last update: 2025-05-09 12:56:32 UTC

README

build Test Coverage Packagist Downloads

EVE Online SSO

PHP package supporting EVE Online SSO v2 for web applications including JWT signature verification.

Install

To install the library via Composer, execute:

composer require tkhamez/eve-sso

Example Usage

These examples do not include error handling. Most methods throw exceptions which should be caught.

// Initiate the provider object.
$provider = new Eve\Sso\AuthenticationProvider(
    [
        // Required.
        'clientId'       => 'your-EVE-app-client-ID',
        'clientSecret'   => 'your-EVE-app-secret-key',
        'redirectUri'    => 'https://your-callback.url',

        // Optional. If you do not provide all URLs, a request will be made
        // to the metadata URL to get them.
        'urlAuthorize'   => 'https://login.eveonline.com/v2/oauth/authorize',
        'urlAccessToken' => 'https://login.eveonline.com/v2/oauth/token',
        'urlRevoke'      => 'https://login.eveonline.com/v2/oauth/revoke',
        'urlKeySet'      => 'https://login.eveonline.com/oauth/jwks',
        'issuer'         => 'https://login.eveonline.com',
        'urlMetadata' => 'https://login.eveonline.com/.well-known/oauth-authorization-server',
    ],

    // Optionally, add all required scopes.
    ['esi-mail.read_mail.v1', 'esi-skills.read_skills.v1'],

    // Optionally, use your own HTTP client.
    httpClient: new GuzzleHttp\Client(),

    // Optionally add a logger to log exception that are caught from libraries
    // (any class implementing Psr\Log\LoggerInterface, the example uses monolog/monolog
    // which is not included in this package).
    logger: new Monolog\Logger('SSO', [new Monolog\Handler\StreamHandler('/path/to/logfile')])
);

// Optionally disable signature verification.
$provider->setSignatureVerification(false);
// Login URL
session_start();
$_SESSION['state'] = $provider->generateState();
$loginUrl = $provider->buildLoginUrl($_SESSION['state']);
header("Location: $loginUrl");
// Callback URL
session_start();
$eveAuthentication = $provider->validateAuthenticationV2(
    $_GET['state'] ?? '', 
    $_SESSION['state'] ?? '', 
    $_GET['code'] ?? '',
);
unset($_SESSION['state']);

$characterId = $eveAuthentication->getCharacterId();
$refreshToken = $eveAuthentication->getToken()->getRefreshToken();
$accessToken = $eveAuthentication->getToken()->getToken();
$expires = $eveAuthentication->getToken()->getExpires();
// ... store the token data somewhere together with the character ID.
// Refreshes access token, if necessary.
$existingToken = new League\OAuth2\Client\Token\AccessToken([
    'refresh_token' => $refreshToken,
    'access_token' => $accessToken,
    'expires' => $expires,
]);
$validToken = $provider->refreshAccessToken($existingToken);

Development Environment

docker build --tag eve-sso .
docker run -it --mount type=bind,source="$(pwd)",target=/app --workdir /app eve-sso /bin/sh