Laravel Socialite

    In addition to typical, form based authentication, Laravel also provides a simple, convenient way to authenticate with OAuth providers using . Socialite currently supports authentication with Facebook, Twitter, LinkedIn, Google, GitHub, GitLab and Bitbucket.

    Upgrading Socialite

    When upgrading to a new major version of Socialite, it's important that you carefully review the upgrade guide.

    Installation

    To get started with Socialite, use Composer to add the package to your project's dependencies:

    1. 'github' => [
    2. 'client_id' => env('GITHUB_CLIENT_ID'),
    3. 'client_secret' => env('GITHUB_CLIENT_SECRET'),
    4. 'redirect' => 'http://your-callback-url',
    5. ],

    Routing

    Next, you are ready to authenticate users! You will need two routes: one for redirecting the user to the OAuth provider, and another for receiving the callback from the provider after authentication. We will access Socialite using the Socialite facade:

    1. <?php
    2. namespace App\Http\Controllers\Auth;
    3. use Socialite;
    4. class LoginController extends Controller
    5. {
    6. /**
    7. * Redirect the user to the GitHub authentication page.
    8. *
    9. * @return \Illuminate\Http\Response
    10. public function redirectToProvider()
    11. {
    12. return Socialite::driver('github')->redirect();
    13. }
    14. /**
    15. * Obtain the user information from GitHub.
    16. *
    17. * @return \Illuminate\Http\Response
    18. */
    19. public function handleProviderCallback()
    20. {
    21. $user = Socialite::driver('github')->user();
    22. // $user->token;
    23. }

    The redirect method takes care of sending the user to the OAuth provider, while the user method will read the incoming request and retrieve the user's information from the provider.

    You will need to define routes to your controller methods:

    Optional Parameters

    A number of OAuth providers support optional parameters in the redirect request. To include any optional parameters in the request, call the with method with an associative array:

    1. return Socialite::driver('google')
    2. ->with(['hd' => 'example.com'])
    3. ->redirect();

    Before redirecting the user, you may also add additional "scopes" on the request using the method. This method will merge all existing scopes with the ones you supply:

    1. return Socialite::driver('github')
    2. ->scopes(['read:user', 'public_repo'])
    3. ->redirect();

    You can overwrite all existing scopes using the setScopes method:

    Stateless Authentication

    The stateless method may be used to disable session state verification. This is useful when adding social authentication to an API:

    1. return Socialite::driver('google')->stateless()->user();

    Retrieving User Details

    Once you have a user instance, you can grab a few more details about the user:

    1. $user = Socialite::driver('github')->user();
    2. // OAuth Two Providers
    3. $token = $user->token;
    4. $refreshToken = $user->refreshToken; // not always provided
    5. $expiresIn = $user->expiresIn;
    6. // OAuth One Providers
    7. $token = $user->token;
    8. $tokenSecret = $user->tokenSecret;
    9. // All Providers
    10. $user->getId();
    11. $user->getNickname();
    12. $user->getName();
    13. $user->getEmail();
    14. $user->getAvatar();

    Retrieving User Details From A Token (OAuth2)

    Retrieving User Details From A Token And Secret (OAuth1)

    If you already have a valid pair of token / secret for a user, you can retrieve their details using the userFromTokenAndSecret method:

    1. $user = Socialite::driver('twitter')->userFromTokenAndSecret($token, $secret);