kronthto / laravel-oauth2-login by kronthto

Provides a middleware to protect resources requiring an OAuth2 login
13,110
22
1
Package Data
Maintainer Username: kronthto
Maintainer Contact: kronthto@gmail.com (Tobias Kronthaler)
Package Create Date: 2017-05-21
Package Last Update: 2023-02-27
Language: PHP
License: MIT
Last Refreshed: 2024-03-25 03:03:38
Package Statistics
Total Downloads: 13,110
Monthly Downloads: 316
Daily Downloads: 9
Total Stars: 22
Total Watchers: 1
Total Forks: 9
Total Open Issues: 1

Laravel OAuth2 Login

Software License Latest Stable Version Build Status

This is a Laravel5 package that provides a middleware to protect routes requiring an OAuth2 login.

You could describe it as a bridge between Laravel and league/oauth2-client.

Features

  • OAuth2 client middleware
  • Keeps token in session
  • Refreshes expired tokens
  • (Cached) resource owner info
  • Driver to allow use of Auth facade

Install

  • Using composer: $ composer require kronthto/laravel-oauth2-login
  • Register the service provider (Auto-Discovery enabled): Kronthto\LaravelOAuth2Login\ServiceProvider
  • Publish the config file: $ artisan vendor:publish --provider="Kronthto\LaravelOAuth2Login\ServiceProvider"
  • Put the credentials of your OAuth Provider in the published config

Usage

Add the Kronthto\LaravelOAuth2Login\CheckOAuth2 middleware to the routes (-groups) you want to protect.

Bear in mind that this only ensures that some user is logged in, if you require further authorization checks those will still have to be implemented. This package stores the resource owner info as an Request-attribute to enable you to do so.

Auth guard

This is optional, as adding the middleware redirects the client anyways if not authenticated. If you want to utilize Policies however you will need to define a custom guard. A driver for it is provided by this package.

In your auth config, add the new guard like this:

  'oauth2' => [
    'driver' => 'oauth2', // Config: oauth2login.auth_driver_key
  ]

You will need to assign a higher priority to CheckOAuth2 than \Illuminate\Auth\Middleware\Authenticate, do this by overriding $middlewarePriority in your Http-Kernel.

Changelog

Please see the CHANGELOG for more information on what has changed recently.

Credits

License

The MIT License (MIT). Please see the License File for more information.