A league/oauth2-client provider for GOV.UK Account
Supports autoconfiguration for most settings using the discovery endpoint.
For identity assurance (when verifying the JWT in , you will need to define the
expected_core_identity_issuerfor the short interim until the key and issuer is published on the discovery endpoint.
The recommended way to install is through Composer.
composer require dvsa/php-govuk-account
You may want to refer to the documentation provided at PHP League OAuth2-Client as this package is a provider for that abstract package.
When instantiating the provider, the constructor accepts additional attributes defined in
array $options =  which are specific for this provider; in addition to the default options provided by the AbstractProvider (PHP League OAuth2-Client).
'discovery_endpoint' => 'https://oidc.integration.account.gov.uk/.well-known/openid-configuration', // Endpoint for OIDC discovery 'client_id' => '', // Client ID issued by GOV.UK Account 'keys' => [ 'algorithm' => '', // Algorithm for private_key 'private_key' => '', // Private key used to encode assertion when obtaining access token (public key must be shared with GOV.UK Account) 'identity_assurance_public_key' => , // THe public key used to verify the JWTCoreIdentity token from UserDetails endpoint (if initial flow included identity assurance) ], 'redirect_uri' => [ 'logged_in' => '', // The url used for redirection back to the service ], 'expected_core_identity_issuer' => 'identity.integration.account.gov.uk', // Issuer for JWTCoreIdentity token