php issueshttps://gitlab.lakedrops.com/sqrl/php/-/issues2019-06-26T07:55:35Zhttps://gitlab.lakedrops.com/sqrl/php/-/issues/1Define API2019-06-26T07:55:35ZJürgen Haasjuergen.haas@lakedrops.comDefine APIWe should get started by defining the API that will be used by PHP frameworks that embed this library. Once we have that nailed we will have a perfect interface that just requires some meet to fill the gaps.
# Pre-requisites
- PHP ...We should get started by defining the API that will be used by PHP frameworks that embed this library. Once we have that nailed we will have a perfect interface that just requires some meet to fill the gaps.
# Pre-requisites
- PHP 5.6+ or 7.0+
- Support https only
- PSR compliance
- [PSR-0](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-0.md): deprecated, use PSR-4 instead
- [PSR-1](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-1-basic-coding-standard.md): Basic Coding Standard
- [PSR-2](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md): Coding Style Guide
- [PSR-4](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-4-autoloader.md): Autoloader
- Composer compatible but usable without composer as well
# Glossary
**SQRL ID**: the ID managed by the SQRL client
**SQRL**: class representing the nonce with all its details
**Client**: class that implements all methods that interact with the SQRL client
**Account**: class that represents a user account.
**Operation**: things that can be done with SQRL and need application specific implementation, examples are registration, login, etc. but should be extensible.
# Settings
- Mode: SQRL is optional or required
- Multiple sessions support
- Multiple account support
- Multiple SQRL IDs per account support
- Poll interval
- initial
- subsequent
- SQRL logo size
- QR code size
- Account name pattern (when they need to be auto generated), including the length of some random parts in the name
- Domain migration
- Request client-generated secret
- Server Friendly Name (default to domain name?)
# Routing
- Markup: request to provide the markup for a SQRL in the browser
- Response for JavaScript support enabled (with polling)
- Response for non-JavaScript support
- Image: SQRL QR code representing the nut
- Polling: while the image is displayed, poll if the SQRL client has authenticated this identity
- Submit endpoint for the form of non-JS-support
- Form to create new account
- Form to select account if multiple available
- Form to link SQRL ID to existing account
- Form to confirm unlink operation
- SQRL QR code with old domain name for domain migration
# Boilerplate
Images (logo, etc.) and strings should be provided by the library so that they are consistent across platforms. But that also requires a localisation interface such that not the platform is responsible for it but the library provides the strings for all supported languages.
# Callbacks
## Messaging
## Logging
## Debugging
## Access Control
- For each operation
## Operations
- Register
- Login
- Link: link an existing account to your SQRL ID
- Unlink
- Lock/Unlock/Rekey
- Disable non-SQRL login
- Negotiate client-generated secret key
- Generate token for shared access
- Associate SQRL ID with token to account
- Verify associated token for shared access to account
## Account management
- Create new account
- Block and unblock account
- Manage shared IDs
- Delete account