blog.hamels.be

Laravel 5.1 and socialite oauth

Pieter

Having the need to create a Laravel web application that uses oauth to authenticate users, I thought I would share my experiences on how to accomplish this.
I will be using Laravel 5.1 and Socialite to accomplish this.

Skipping through the basics of creating a Laravel app, assuming you all know how to do this, you will need to tell composer to install laravel/socialite.
This can be done by editing your composter.json file and adding the following requirement:

"require": {
        "laravel/framework": "5.1.*",
        "laravel/socialite": "~2.0",

After that you need to run “composer update

Once composer has downloaded socialite, we need to register the provider and alias for socialite in the config/app.php file:

/* Application Service Provider */
Laravel\Socialite\SocialiteServiceProvider::class,

/* Class Aliases */
'Socialite' => Laravel\Socialite\Facades\Socialite::class,

Next you will need to configure your oauth parameters in the config/services.php file
At the bottom of this file, add the following (example for twitter, this can be facebook, google, github or any other supported service)

'twitter' => [
    'client_id' => 'your-client-id',
    'client_secret' => 'your-client-secret',
    'redirect' => 'http://myawesomeproject.local/login/callback/twitter',
],

Don’t forgot to change the callback URL to reflect the service you wish to authenticate against.

You will be needing some routes to do the authentication next, so in your routes.php file, add the following:

Route::get('auth/{provider?}', 'Auth\AuthController@getSocialAuth');
Route::get('/login/callback/{provider?}', 'Auth\AuthController@getSocialAuthCallback');

NOTE: You also might want to add the Laravel default routes for authentication if you wish to use these (logout is quite useful for example)

// Authentication routes...
Route::get('auth/login', 'Auth\AuthController@getLogin');
Route::post('auth/login', 'Auth\AuthController@postLogin');
Route::get('auth/logout', 'Auth\AuthController@getLogout');

// Registration routes...
Route::get('auth/register', 'Auth\AuthController@getRegister');
Route::post('auth/register', 'Auth\AuthController@postRegister');

I will be using the default AuthController that comes with Laravel in this case, so the next step is to modify that a bit so we can use socialite here:
App\Http\Controllers\Auth\AuthController.php:

First, in the __construct function, add the following:

public function __construct(Socialite $socialite)
{
    $this->middleware('guest', ['except' => 'getLogout']);
    $this->socialite = $socialite;
}

Then add two functions to do the authentication and the callback of the authentication:

public function getSocialAuth($provider=null)
{
    if(!config("services.$provider")) abort('404'); //just to handle providers that doesn't exist
    return $this->socialite->with($provider)->redirect();
}


public function getSocialAuthCallback($provider=null)
{
    if ($user = $this->socialite->with($provider)->user()) {
        dd($user);
    } else {
        return 'something went wrong';
    }
}

Don’t forget to add

use Laravel\Socialite\Contracts\Factory as Socialite;

at the top of the file to include Socialite.

The next step will be to create the AuthenticateUser.php class in the App\Http\Controllers\Auth location:

<?php
namespace App\Http\Controllers\Auth;

use Illuminate\Contracts\Auth\Guard;
use Laravel\Socialite\Contracts\Factory as Socialite;
use App\Repositories\UserRepository; use Request;

class AuthenticateUser {

    private $socialite;
    private $auth;
    private $users;

    public function __construct(Socialite $socialite, Guard $auth, UserRepository $users) {
        $this->socialite = $socialite;
        $this->users = $users;
        $this->auth = $auth;
    }

    public function execute($request, $listener, $provider) {
        if (!$request) return $this->getAuthorizationFirst($provider);
        $user = $this->users->findByUserNameOrCreate($this->getSocialUser($provider));

        $this->auth->login($user, true);

        return $listener->userHasLoggedIn($user);
    }

    private function getAuthorizationFirst($provider) {
        return $this->socialite->driver($provider)->redirect();
    }

    private function getSocialUser($provider) {
        return $this->socialite->driver($provider)->user();
    }
}

And now you should have a working oauth system!
You can try it out by visiting the route to auth with twitter as in this example: http://myawesomeproject.local/auth/twitter
It will just dump the user information as you may have noticed in the code “dd($user);” so you can do whatever you like with the information after that (like store it in your user database, …)

Hope this was helpful!