Claude-PHP-SDK/examples/authentication_flexibility.php at main · claude-php/Claude-PHP-SDK · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
#!/usr/bin/env php
<?php
/**
 * Authentication Flexibility Examples
 *
 * Demonstrates the flexible authentication options available in the SDK,
 * including API keys, custom headers, Bearer tokens, and more.
 *
 * Based on Python SDK v0.76.0 auth header validation improvements.
 */

require_once __DIR__ . '/../vendor/autoload.php';

use ClaudePhp\ClaudePhp;

echo "=== Authentication Flexibility Examples ===\n\n";

// Example 1: Traditional API key authentication
echo "Example 1: Traditional API Key Authentication\n";
echo "----------------------------------------------\n\n";

try {
    $client = new ClaudePhp(
        apiKey: $_ENV['ANTHROPIC_API_KEY'] ?? 'sk-ant-your-key-here'
    );
    echo "✓ Client created with API key\n\n";
} catch (\Exception $e) {
    echo "✗ Error: {$e->getMessage()}\n\n";
}

echo str_repeat("=", 80) . "\n\n";

// Example 2: Custom x-api-key header (useful for proxies)
echo "Example 2: Custom x-api-key Header\n";
echo "------------------------------------\n\n";

echo "When using a proxy or middleware that handles authentication:\n\n";

echo "```php\n";
echo "\$client = new ClaudePhp(\n";
echo "    apiKey: null,  // No API key needed\n";
echo "    customHeaders: [\n";
echo "        'x-api-key' => 'your-proxy-api-key',\n";
echo "    ]\n";
echo ");\n";
echo "```\n\n";

echo "This is useful for:\n";
echo "  • API gateways that manage keys centrally\n";
echo "  • Development proxies with custom authentication\n";
echo "  • Multi-tenant systems with key rotation\n\n";

echo str_repeat("=", 80) . "\n\n";

// Example 3: Bearer token authentication
echo "Example 3: Bearer Token Authentication\n";
echo "---------------------------------------\n\n";

echo "For OAuth2 or service account scenarios:\n\n";

echo "```php\n";
echo "\$client = new ClaudePhp(\n";
echo "    apiKey: null,\n";
echo "    customHeaders: [\n";
echo "        'Authorization' => 'Bearer your-oauth-token',\n";
echo "    ]\n";
echo ");\n";
echo "```\n\n";

echo "Use cases:\n";
echo "  • Service-to-service authentication\n";
echo "  • Temporary access tokens\n";
echo "  • OAuth2-based integrations\n\n";

echo str_repeat("=", 80) . "\n\n";

// Example 4: Azure AD or other custom auth
echo "Example 4: Azure AD or Custom Authentication\n";
echo "---------------------------------------------\n\n";

echo "For enterprise authentication systems:\n\n";

echo "```php\n";
echo "// Get token from your auth provider\n";
echo "\$azureToken = getAzureAdToken();\n\n";
echo "\$client = new ClaudePhp(\n";
echo "    apiKey: null,\n";
echo "    customHeaders: [\n";
echo "        'Authorization' => \"Bearer {\$azureToken}\",\n";
echo "        'X-Tenant-ID' => 'your-tenant-id',\n";
echo "    ]\n";
echo ");\n";
echo "```\n\n";

echo "Perfect for:\n";
echo "  • Azure AD integration\n";
echo "  • SAML/SSO environments\n";
echo "  • Custom IAM solutions\n\n";

echo str_repeat("=", 80) . "\n\n";

// Example 5: Both API key and custom headers
echo "Example 5: Combined Authentication\n";
echo "-----------------------------------\n\n";

echo "You can combine API key with additional headers:\n\n";

echo "```php\n";
echo "\$client = new ClaudePhp(\n";
echo "    apiKey: 'sk-ant-your-key',\n";
echo "    customHeaders: [\n";
echo "        'X-Request-ID' => 'unique-request-id',\n";
echo "        'X-Organization-ID' => 'org-12345',\n";
echo "    ]\n";
echo ");\n";
echo "```\n\n";

echo "Useful for:\n";
echo "  • Multi-tenant applications\n";
echo "  • Request tracing and monitoring\n";
echo "  • Organization-level access control\n\n";

echo str_repeat("=", 80) . "\n\n";

// Example 6: Environment-based authentication
echo "Example 6: Environment-Based Configuration\n";
echo "-------------------------------------------\n\n";

echo "Configure authentication based on environment:\n\n";

echo "```php\n";
echo "\$isProduction = getenv('APP_ENV') === 'production';\n\n";
echo "\$client = new ClaudePhp(\n";
echo "    apiKey: \$isProduction ? getenv('ANTHROPIC_API_KEY') : null,\n";
echo "    customHeaders: \$isProduction ? [] : [\n";
echo "        'x-api-key' => getenv('DEV_PROXY_KEY'),\n";
echo "    ]\n";
echo ");\n";
echo "```\n\n";

echo "This pattern allows:\n";
echo "  • Different auth for dev/staging/prod\n";
echo "  • Easy local development with proxies\n";
echo "  • Secure credential management\n\n";

echo str_repeat("=", 80) . "\n\n";

// Example 7: Error handling
echo "Example 7: Authentication Error Handling\n";
echo "-----------------------------------------\n\n";

echo "The SDK validates that authentication is provided:\n\n";

try {
    // This will fail - no authentication provided
    $client = new ClaudePhp(
        apiKey: null,
        customHeaders: []
    );
} catch (\InvalidArgumentException $e) {
    echo "✓ Expected error caught:\n";
    echo "  {$e->getMessage()}\n\n";
}

echo "Always provide either:\n";
echo "  • An API key (via parameter or ANTHROPIC_API_KEY env var)\n";
echo "  • Custom authentication headers (x-api-key, Authorization, etc.)\n\n";

echo str_repeat("=", 80) . "\n\n";

echo "✓ Authentication flexibility examples completed!\n\n";

echo "Key Takeaways:\n";
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
echo "• API key authentication is still the default and recommended method\n";
echo "• Custom auth headers enable proxy, OAuth2, and enterprise scenarios\n";
echo "• Either API key OR custom auth headers must be provided\n";
echo "• Multiple authentication strategies can be combined\n";
echo "• Perfect for multi-tenant and enterprise deployments\n";
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";

echo "Related documentation:\n";
echo "  • README.md - Configuration section\n";
echo "  • CHANGELOG.md - v0.5.2 authentication changes\n";
echo "  • docs/authentication.md - Detailed auth guide\n";