PHP Integration

PiPA login may be integrated with any PHP server. A compose package is provided which handles the bulk of the work of setup; the correct paths need to be set up but the rest is handled by the package.

The most up-to-date source of documentation for the package is directly on the PiPA OpenID Connect Library packagist package page.

Composer

If you are unfamiliar with composer, it is a depencency manager for PHP which makes it easy to install packages from various sources, packagist.org being the primary one. For more information, visit getcomposer.org.

While using composer is the recommended way of getting PiPA OpenID Connect for PHP, if that is not an option contact us and we can facilitate the installation of all necessary dependencies without using composer.

Setup

There are three processes involved in the setup of PiPA for logging in with a PHP library.

Obtain credentials

Before obtaining credentials, you need to make a decision - where do you want your users redirected back to once they've completed a login? Generally, we recommend setting a URL seperate from the main usage of your site (i.e. https://youpage.com/authredirect) as this way you can avoid complicated if/else logic in your code, and still have the ability to redirect to whichever page you want the users to see once they have been authenticated.

You now need to install the PiPA App if you haven't already, and complete the registration process.

Get it on Google Play Download on the App Store

Next, head to the PiPA Console and follow the instructions to pair your browser with the PiPA App if needed. Once this is complete, you have to set up an organization within the console - fill in as much information as you can.

Once you're in the console, click on "Manage Connections" and then scroll down to find PHP in the list of integration types. This takes you to a page where you can set up an integration with wordpress. Fill in the information here, being careful that the redirect URL is set as intended. Once you've completed this, you will be given an ID and Secret which are used to authenticate your server.

Set up a mechanism for secured credentials

Your server needs access to the ID and Secret you have just created. It is highly recommended that you do not save these in code, as if someone were to view your source code they could then at least partially compromise the security of your website. The Secret in particular should be saved ideally in a key management system, or at the least an environment variable.

Handle endpoints & request tokens

The last step involves setting up the code of your site to handle initiation of an authorization attempt, receive an acccess token at the redirect endpoint, and request tokens from the PiPA server. This should be done as described on the PiPA OpenID Connect Library packagist package page as it is kept up to date with the releases of the package.