Auth0-PHP

Auth0Interface
in

Interface Auth0Interface.

Table of Contents

authentication()  : AuthenticationInterface
Create, configure, and return an instance of the Authentication class.
clear()  : self
Delete any persistent data and clear out all stored properties.
configuration()  : SdkConfiguration
Retrieve the SdkConfiguration instance.
decode()  : TokenInterface
Verifies and decodes an ID token using the properties in this class.
exchange()  : bool
Exchange authorization code for access, ID, and refresh tokens.
getAccessToken()  : string|null
Get access token from an active session.
getAccessTokenExpiration()  : int|null
Get token expiration from an active session.
getAccessTokenScope()  : array<string|int, string>
Get token scopes from an active session.
getBearerToken()  : TokenInterface|null
Get an available bearer token from a variety of input sources.
getCredentials()  : object|null
Return an object representing the current session credentials (including id token, access token, access token expiration, refresh token and user data) without triggering an authorization flow. Returns null when session data is not available.
getExchangeParameters()  : object|null
Get the code exchange details from the GET request.
getIdToken()  : string|null
Get ID token from an active session.
getInvitationParameters()  : array<string|int, mixed>|null
Get the invitation details from the GET request.
getRefreshToken()  : string|null
Get refresh token from an active session.
getRequestParameter()  : string|null
Get the specified parameter from POST or GET, depending on configured response mode.
getUser()  : array<string|int, mixed>|null
Get userinfo from an active session.
handleInvitation()  : string|null
If invitation parameters are present in the request, handle extraction and return a URL for redirection to Universal Login to accept. Returns null if no invitation parameters were found.
login()  : string
Return the url to the login page.
logout()  : string
Delete any persistent data and clear out all stored properties, and return the URI to Auth0 /logout endpoint for redirection.
management()  : ManagementInterface
Create, configure, and return an instance of the Management class.
renew()  : self
Renews the access token and ID token using an existing refresh token.
setAccessToken()  : self
Sets and persists the access token.
setAccessTokenExpiration()  : self
Sets and persists the access token expiration unix timestamp.
setAccessTokenScope()  : self
Sets and persists the access token scope.
setIdToken()  : self
Updates the active session's stored Id Token.
setRefreshToken()  : self
Sets and persists the refresh token.
setUser()  : self
Set the user property to a userinfo array and, if configured, persist.
signup()  : string
Return the url to the signup page when using the New Universal Login Experience.

Methods

clear()

Delete any persistent data and clear out all stored properties.

public clear([bool $transient = true ]) : self
Parameters
$transient : bool = true

when true, data in transient storage is also cleared

Return values
self

decode()

Verifies and decodes an ID token using the properties in this class.

public decode(string $token[, array<string|int, string> $tokenAudience = null ][, array<string|int, string>|null $tokenOrganization = null ][, string|null $tokenNonce = null ][, int|null $tokenMaxAge = null ][, int|null $tokenLeeway = null ][, int|null $tokenNow = null ][, int|null $tokenType = null ]) : TokenInterface
Parameters
$token : string

ID token to verify and decode

$tokenAudience : array<string|int, string> = null

Optional. An array of allowed values for the 'aud' claim. Successful if ANY match.

$tokenOrganization : array<string|int, string>|null = null

Optional. An array of allowed values for the 'org_id' claim. Successful if ANY match.

$tokenNonce : string|null = null

Optional. The value expected for the 'nonce' claim.

$tokenMaxAge : int|null = null

Optional. Maximum window of time in seconds since the 'auth_time' to accept the token.

$tokenLeeway : int|null = null

Optional. Leeway in seconds to allow during time calculations. Defaults to 60.

$tokenNow : int|null = null

Optional. Unix timestamp representing the current point in time to use for time calculations.

$tokenType : int|null = null
Tags
throws
InvalidTokenException

When token validation fails. See the exception message for further details.

Return values
TokenInterface

exchange()

Exchange authorization code for access, ID, and refresh tokens.

public exchange([string|null $redirectUri = null ][, string|null $code = null ][, string|null $state = null ]) : bool
Parameters
$redirectUri : string|null = null

Optional. Redirect URI sent with authorize request. Defaults to the SDK's configured redirectUri.

$code : string|null = null

Optional. The value of the code parameter. One will be extracted from $_GET if not specified.

$state : string|null = null

Optional. The value of the state parameter. One will be extracted from $_GET if not specified.

Tags
throws
StateException

if the code value is missing from the request parameters

throws
StateException

if the state value is missing from the request parameters, or otherwise invalid

throws
StateException

if access token is missing from the response

throws
NetworkException

when the API request fails due to a network error

see
https://auth0.com/docs/authorization/flows/call-your-api-using-the-authorization-code-flow
Return values
bool

getAccessToken()

Get access token from an active session.

public getAccessToken() : string|null
Return values
string|null

getAccessTokenExpiration()

Get token expiration from an active session.

public getAccessTokenExpiration() : int|null
Return values
int|null

getAccessTokenScope()

Get token scopes from an active session.

public getAccessTokenScope() : array<string|int, string>
Return values
array<string|int, string>

getBearerToken()

Get an available bearer token from a variety of input sources.

public getBearerToken([array<string|int, string>|null $get = null ][, array<string|int, string>|null $post = null ][, array<string|int, string>|null $server = null ][, array<string, string>|null $haystack = null ][, array<string|int, string>|null $needles = null ]) : TokenInterface|null
Parameters
$get : array<string|int, string>|null = null

Optional. An array of viable parameter names to search against $_GET as a token candidate.

$post : array<string|int, string>|null = null

Optional. An array of viable parameter names to search against $_POST as a token candidate.

$server : array<string|int, string>|null = null

Optional. An array of viable parameter names to search against $_SERVER as a token candidate.

$haystack : array<string, string>|null = null

Optional. A key-value array in which to search for $needles as token candidates.

$needles : array<string|int, string>|null = null

Optional. An array of viable keys to search against $haystack as token candidates.

Return values
TokenInterface|null

getCredentials()

Return an object representing the current session credentials (including id token, access token, access token expiration, refresh token and user data) without triggering an authorization flow. Returns null when session data is not available.

public getCredentials() : object|null
Return values
object|null

getExchangeParameters()

Get the code exchange details from the GET request.

public getExchangeParameters() : object|null
Return values
object|null

getIdToken()

Get ID token from an active session.

public getIdToken() : string|null
Return values
string|null

getInvitationParameters()

Get the invitation details from the GET request.

public getInvitationParameters() : array<string|int, mixed>|null
Return values
array<string|int, mixed>|null

getRefreshToken()

Get refresh token from an active session.

public getRefreshToken() : string|null
Return values
string|null

getRequestParameter()

Get the specified parameter from POST or GET, depending on configured response mode.

public getRequestParameter(string $parameterName[, int $filter = FILTER_SANITIZE_FULL_SPECIAL_CHARS ][, array<string|int, int> $filterOptions = [] ]) : string|null
Parameters
$parameterName : string

name of the parameter to pull from the request

$filter : int = FILTER_SANITIZE_FULL_SPECIAL_CHARS

Defaults to \FILTER_SANITIZE_FULL_SPECIAL_CHARS. The type of PHP filter_var() filter to apply.

$filterOptions : array<string|int, int> = []

Optional. Any additional filter_var() sanitization filters to pass. See: https://www.php.net/manual/en/filter.filters.sanitize.php

Return values
string|null

getUser()

Get userinfo from an active session.

public getUser() : array<string|int, mixed>|null
Return values
array<string|int, mixed>|null

handleInvitation()

If invitation parameters are present in the request, handle extraction and return a URL for redirection to Universal Login to accept. Returns null if no invitation parameters were found.

public handleInvitation([string|null $redirectUrl = null ][, array<string|int, int|string|null>|null $params = null ]) : string|null
Parameters
$redirectUrl : string|null = null

Optional. URI to return to after logging out. Defaults to the SDK's configured redirectUri.

$params : array<string|int, int|string|null>|null = null

additional parameters to include with the request

Tags
throws
ConfigurationException

when a Client ID is not configured

throws
ConfigurationException

when redirectUri is not specified, and supplied SdkConfiguration does not have a default redirectUri configured

see
https://auth0.com/docs/universal-login/new-experience
see
https://auth0.com/docs/api/authentication#login
Return values
string|null

login()

Return the url to the login page.

public login([string|null $redirectUrl = null ][, array<string|int, int|string|null>|null $params = null ]) : string
Parameters
$redirectUrl : string|null = null

Optional. URI to return to after logging out. Defaults to the SDK's configured redirectUri.

$params : array<string|int, int|string|null>|null = null

additional parameters to include with the request

Tags
throws
ConfigurationException

when a Client ID is not configured

throws
ConfigurationException

when redirectUri is not specified, and supplied SdkConfiguration does not have a default redirectUri configured

see
https://auth0.com/docs/api/authentication#login
Return values
string

logout()

Delete any persistent data and clear out all stored properties, and return the URI to Auth0 /logout endpoint for redirection.

public logout([string|null $returnUri = null ][, array<string|int, int|string|null>|null $params = null ]) : string
Parameters
$returnUri : string|null = null

Optional. URI to return to after logging out. Defaults to the SDK's configured redirectUri.

$params : array<string|int, int|string|null>|null = null

Optional. Additional parameters to include with the request.

Tags
throws
ConfigurationException

when a Client ID is not configured

throws
ConfigurationException

when returnUri is not specified, and supplied SdkConfiguration does not have a default redirectUri configured

see
https://auth0.com/docs/api/authentication#logout
Return values
string

renew()

Renews the access token and ID token using an existing refresh token.

public renew([array<string|int, int|string|null>|null $params = null ]) : self

Scope "offline_access" must be declared in order to obtain refresh token for later token renewal.

Parameters
$params : array<string|int, int|string|null>|null = null

Optional. Additional parameters to include with the request.

Tags
throws
StateException

if the Auth0 object does not have access token and refresh token, or the API did not renew tokens properly

throws
ConfigurationException

when a Client ID is not configured

throws
ConfigurationException

when a Client Secret is not configured

throws
NetworkException

when the API request fails due to a network error

see
https://auth0.com/docs/tokens/refresh-token/current
Return values
self

setAccessToken()

Sets and persists the access token.

public setAccessToken(string $accessToken) : self
Parameters
$accessToken : string

access token returned from the code exchange

Return values
self

setAccessTokenExpiration()

Sets and persists the access token expiration unix timestamp.

public setAccessTokenExpiration(int $accessTokenExpiration) : self
Parameters
$accessTokenExpiration : int

unix timestamp representing the expiration time on the access token

Return values
self

setAccessTokenScope()

Sets and persists the access token scope.

public setAccessTokenScope(array<string|int, string> $accessTokenScope) : self
Parameters
$accessTokenScope : array<string|int, string>

an array of scopes for the access token

Return values
self

setIdToken()

Updates the active session's stored Id Token.

public setIdToken(string $idToken) : self
Parameters
$idToken : string

id token returned from the code exchange

Return values
self

setRefreshToken()

Sets and persists the refresh token.

public setRefreshToken(string $refreshToken) : self
Parameters
$refreshToken : string

refresh token returned from the code exchange

Return values
self

setUser()

Set the user property to a userinfo array and, if configured, persist.

public setUser(array<string|int, array|int|string> $user) : self
Parameters
$user : array<string|int, array|int|string>

user data to store

Return values
self

signup()

Return the url to the signup page when using the New Universal Login Experience.

public signup([string|null $redirectUrl = null ][, array<string|int, int|string|null>|null $params = null ]) : string
Parameters
$redirectUrl : string|null = null

Optional. URI to return to after logging out. Defaults to the SDK's configured redirectUri.

$params : array<string|int, int|string|null>|null = null

additional parameters to include with the request

Tags
throws
ConfigurationException

when a Client ID is not configured

throws
ConfigurationException

when redirectUri is not specified, and supplied SdkConfiguration does not have a default redirectUri configured

see
https://auth0.com/docs/universal-login/new-experience
see
https://auth0.com/docs/api/authentication#login
Return values
string

Search results