A simplified PHP client for Unified WeGovNow User Management (UWUM) oAuth2.0
The following versions of PHP are supported.
- PHP >= 5.5
1) Availability of application via IPv4
The client application is available via a defined URL using IPv4.
2) Availability of application via IPv6
The client application is also available using IPv6.
You can validate your URL with the following service
http://ipv6-test.com/validate.php?url=https://<your domain>
For example: http://ipv6-test.com/validate.php?url=https://wegovnow.infalia.com/
3) Serving via HTTPS
The client application service is encrypted via HTTPS.
Note
DO NOT confuse the SSL certificate for HTTPS with the X.509 certificate needed for the communication of UWUM-Clients with UWUM (see 4)
4) X.509 certificate for client identification
i) Create a certificate signing request (CSR) with your details
CN of the certificate signing request (CSR) should be like "wegovnow.infalia.com" (change accordingly)
To create a CSR (given that you are using openssl):
openssl req -out wegovnow.infalia.com-uwum.csr -new -newkey rsa:2048 -nodes -keyout wegovnow.infalia.com-uwum.key
ii) Submit CSR to the UWUM Certificate Authority to be signed
Please send only the .csr file, the .key file should stay your secret
iii) UWUM Certificate Authority will then create an application record in the UWUM testing system for your application and verify your client_id.
Your client_id is actually the CN declared in the CSR
iv) UWUM Certificate Authority will send over the signed CRT (.crt) file
You need to create a combined .pem file out of the certificate .key file and the certificate .crt file using the following command (as an example):
cat wegovnow.infalia.com-uwum.crt wegovnow.infalia.com-uwum.key > wegovnow.infalia.com-uwum.pem
Note
Please ensure to place the .pem file outside the web directory, so it is not exposed to the public
5) Inform UWUM Certificate Authority of your callback URL
e.g. https://wegovnow.infalia.com/oauth2_callback.php
Note
Setting a priori the callback URL should change in the next UWUM update. Callback URL should be set by client on demand
Clone this repo and install dependencies
Via Composer
$ composer require league/oauth2-client
The MIT License (MIT). Please see License File for more information.