Application configuration example:
'components' => [ 'authClientCollection' => [ 'class' => 'yii\authclient\Collection', 'clients' => [ 'google' => [ 'class' => 'yii\authclient\OpenIdConnect', 'issuerUrl' => 'https://accounts.google.com', 'clientId' => 'google_client_id', 'clientSecret' => 'google_client_secret', 'name' => 'google', 'title' => 'Google OpenID Connect', ], ], ] // ... ]
Authentication workflow is exactly the same as for OAuth2.
Heads up! 'OpenID Connect' protocol uses JWS verification
for the authentication process securing. You will need to install
spomky-labs/jose library, which is not required by this
extension by default, in order to use such verification. This can be done via composer:
composer require --prefer-dist "spomky-labs/jose:~5.0.6"
require section of your composer.json.
Note: if you are using well-trusted 'OpenID Connect' provider, you may disable yii\authclient\OpenIdConnect::$validateJws, making installation of
spomky-labs/joselibrary redundant, however it is not recommended as it violates the protocol specification.