Laravel Socialite (Social OAuth Login)
Categories:
Introduction
Install
composer require laravel/socialite
Default support oauth service provider
- github
- gitlab
- bitbucket
You can install other oauth service provider from here
Laravel Socialite cheet sheet
vendor/laravel/socialite/src/Two/AbstractProvider.php
vendor/laravel/socialite/src/Two/User.php
Callback url socialite auth user
$SocialiteUser = Socialite::driver('github')->user();
Function | Description |
---|---|
$SocialiteUser->getId() | Get user id |
$SocialiteUser->getNickname() | Get user nickname |
$SocialiteUser->getName() | Get user name |
$SocialiteUser->getEmail() | Get user email |
$SocialiteUser->getAvatar() | Get user avatar |
$SocialiteUser->attributes | Get all socialite user attributes |
$SocialiteUser->getRaw() | Get raw data from the oauth service provider |
Session State Oauth
You have to put your route in the session
middleware to generate the session to protect against cross-site request forgery attacks (CSRF)
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('github')->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$GitlabUser = Socialite::driver('github')->user();
});
API Stateless OAuth
The stateless method is used to disable the state parameter
in the OAuth flow, which is used to protect against cross-site request forgery attacks (CSRF)
. If you do not need to use the state parameter, you can disable it to simplify the flow. However, if you are using the state parameter for any reason, you should NOT disable it.
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('github')->stateless()->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$GitlabUser = Socialite::driver('github')->stateless()->user();
});
Google Laravel Socialite
vendor/laravel/socialite/src/Two/GoogleProvider.php
Get your google oauth client key
Go to the Google API Console then go to the Enabled APIs & services
page.
Click the CREATE PROJECT
botton on the right side
Go to the OAuth consent screen
page and setup you oauth User Type
to the External
Add the Top domain to the Authorize domain
if you want that every request from the same domain is permitted.
Hint: You still can leave this field
blank
and setup on every Oauth client.
Hint:
Top domain
means that domain without any subdomain. e.g.kejyun.com
,example.com
Go to the Credentials
page, and click the + CREATE CREDENTIALS
button on the top. Then click the OAuth client ID
item on the dropdown menu to create your OAuth Client Application
to get the cliend id & client secret
Test Google Oauth on the development environment
Google let us have to provide the real top domain
NOT the fake top domain
.
If you want to test on your development environment. You still can provide the real domain
to Google. Then add the real domain
to your /etc/hosts
file to make the fake request to your development environment
# /etc/hosts
# Local
127.0.0.1 kejyun.com
# Remote
3.3.3.3 kejyun.com
Setting the config/services.php
file
Add the following google oauth information to your config/services.php
and .env
file
// config/services.php
'google' => [
'client_id' => env('GOOGLE_OAUTH_CLIENT_ID'),
'client_secret' => env('GOOGLE_OAUTH_CLIENT_SECRET'),
'redirect' => env('GOOGLE_OAUTH_CALLBACK_URL'),
],
# .env
GOOGLE_OAUTH_CLIENT_ID=google_oauth_client_id
GOOGLE_OAUTH_CLIENT_SECRET=google_oauth_client_secret
GOOGLE_OAUTH_CALLBACK_URL=google_oauth_callback_url
Add google oauth controller
Session State OAuth
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('google')->stateless()->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$GoogleUser = Socialite::driver('google')->stateless()->user();
dump($GoogleUser->getId());
dump($GoogleUser->getNickname());
dump($GoogleUser->getName());
dump($GoogleUser->getEmail());
dump($GoogleUser->getAvatar());
dump($GoogleUser->attributes);
dump($GoogleUser->getRaw());
});
Google oauth response
$GoogleUser->attributes
// $GoogleUser->attributes
{
"id": "11111111111111",
"nickname": null,
"name": "Kay Jay",
"email": "[email protected]",
"avatar": "https://lh3.googleusercontent.com/a/xxxxx=s96-c",
"avatar_original": "https://lh3.googleusercontent.com/a/xxxxx=s96-c"
}
$GoogleUser->getRaw()
// $GoogleUser->getRaw()
{
"sub": "11111111111111",
"name": "Kay Jay",
"given_name": "Kay",
"family_name": "Jay",
"picture": "https://lh3.googleusercontent.com/a/xxxxxxxx=s96-c",
"email": "[email protected]",
"email_verified": true,
"locale": "en",
"id": "111111111111",
"verified_email": true,
"link": null
}
Facebook Laravel Socialite
vendor/laravel/socialite/src/Two/FacebookProvider.php
Get Your Facebook Oauth Client Key
Go to the Meta for Developers page and Create your oauth app
After creating your facebook OAuth app then click the Facebook Login / Settings
on the left side menu, then fill in the redirect uri to finish your OAuth settings.
Setting the config/services.php
file
Add the following facebook oauth information to your config/services.php
and .env
file
// config/services.php
'facebook' => [
'client_id' => env('FACEBOOK_OAUTH_CLIENT_ID'),
'client_secret' => env('FACEBOOK_OAUTH_CLIENT_SECRET'),
'redirect' => env('FACEBOOK_OAUTH_CALLBACK_URL'),
],
# .env
FACEBOOK_OAUTH_CLIENT_ID=facebook_oauth_client_id
FACEBOOK_OAUTH_CLIENT_SECRET=facebook_oauth_client_secret
FACEBOOK_OAUTH_CALLBACK_URL=facebook_oauth_callback_url
Add Facebook Oauth Controller
Session State OAuth
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('facebook')->stateless()->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$FacebookUser = Socialite::driver('facebook')->stateless()->user();
dump($FacebookUser->getId());
dump($FacebookUser->getNickname());
dump($FacebookUser->getName());
dump($FacebookUser->getEmail());
dump($FacebookUser->getAvatar());
dump($FacebookUser->attributes);
dump($FacebookUser->getRaw());
});
Facebook oauth response
$FacebookUser->attributes
// $FacebookUser->attributes
{
"id": "1111111111",
"nickname": null,
"name": "KJ",
"email": "[email protected]",
"avatar": "https://graph.facebook.com/v3.3/100000052171353/picture?type=normal",
"avatar_original": "https://graph.facebook.com/v3.3/100000052171353/picture?width=1920",
"profileUrl": null
}
$FacebookUser->getRaw()
// $FacebookUser->getRaw()
{
"name": "KJ",
"email": "[email protected]",
"id": "1111111111"
}
Twitter Laravel Socialite
vendor/laravel/socialite/src/Two/TwitterProvider.php
Get your Twitter oauth client key
Go to the Twitter Developers page and click the Projects & Apps
on the left side. Then click the Create app
button to create your oauth app.
After create your twitter oauth app then click the Set up
button to setup your client id & client secret
Set your permission on the Read
and allow Request email from users
, then choose your type of the app.
Hint: [2023-01-03] The twitter doesn’t return the email for me even I allow
Request email from users
Setting the config/services.php
file
Add the following twitter oauth information to your config/services.php
and .env
file
// config/services.php
'twitter-oauth-2' => [
'client_id' => env('TWITTER_OAUTH_CLIENT_ID'),
'client_secret' => env('TWITTER_OAUTH_CLIENT_SECRET'),
'redirect' => env('TWITTER_OAUTH_CALLBACK_URL'),
],
# .env
TWITTER_OAUTH_CLIENT_ID=twitter_oauth_client_id
TWITTER_OAUTH_CLIENT_SECRET=twitter_oauth_client_secret
TWITTER_OAUTH_CALLBACK_URL=twitter_oauth_callback_url
Add twitter oauth controller
Session State OAuth
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('twitter-oauth-2')->stateless()->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$TwitterUser = Socialite::driver('twitter-oauth-2')->stateless()->user();
dump($TwitterUser->getId());
dump($TwitterUser->getNickname());
dump($TwitterUser->getName());
dump($TwitterUser->getEmail());
dump($TwitterUser->getAvatar());
dump($TwitterUser->attributes);
dump($TwitterUser->getRaw());
});
twitter oauth response
$TwitterUser->attributes
// $TwitterUser->attributes
{
"id": "111111111111",
"nickname": "kj",
"name": "KJ",
"avatar": "https://pbs.twimg.com/profile_images/111111111111/xxxxxxxx.jpg"
}
$TwitterUser->getRaw()
// $TwitterUser->getRaw()
{
"name": "KJ",
"profile_image_url": "https://pbs.twimg.com/profile_images/111111111111/xxxxxxx.jpg",
"username": "kj",
"id": "111111111111"
}
Linkedin Laravel Socialite
vendor/laravel/socialite/src/Two/LinkedInProvider.php
Get your linkedin oauth client key
Go to the LinkedIn Developer Solutions page and click the Create app
button
After setup your oauth app then you can see your client id & client secret
on the Auth Page
Setting the config/services.php
file
Add the following linkedin oauth information to your config/services.php
and .env
file
// config/services.php
'linkedin' => [
'client_id' => env('LINKEDIN_OAUTH_CLIENT_ID'),
'client_secret' => env('LINKEDIN_OAUTH_CLIENT_SECRET'),
'redirect' => env('LINKEDIN_OAUTH_CALLBACK_URL'),
],
# .env
LINKEDIN_OAUTH_CLIENT_ID=linkedin_oauth_client_id
LINKEDIN_OAUTH_CLIENT_SECRET=linkedin_oauth_client_secret
LINKEDIN_OAUTH_CALLBACK_URL=linkedin_oauth_callback_url
Add linkedin oauth controller
Session State OAuth
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('linkedin')->stateless()->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$LinkedinUser = Socialite::driver('linkedin')->stateless()->user();
dump($LinkedinUser->getId());
dump($LinkedinUser->getNickname());
dump($LinkedinUser->getName());
dump($LinkedinUser->getEmail());
dump($LinkedinUser->getAvatar());
dump($LinkedinUser->attributes);
dump($LinkedinUser->getRaw());
});
Linkedin oauth response
$LinkedinUser->attributes
// $LinkedinUser->attributes
{
"id": "1111111111",
"nickname": null,
"name": "Kay Jay",
"first_name": "Kay",
"last_name": "Jay",
"email": "[email protected]",
"avatar": null,
"avatar_original": null
}
$LinkedinUser->getRaw()
// $LinkedinUser->getRaw()
{
"firstName": {
"localized": {
"en_US": "Kay"
},
"preferredLocale": {
"country": "US",
"language": "en"
}
},
"lastName": {
"localized": {
"en_US": "Jay"
},
"preferredLocale": {
"country": "US",
"language": "en"
}
},
"id": "1111111111",
"emailAddress": "[email protected]"
}
Github Laravel Socialite
vendor/laravel/socialite/src/Two/GithubProvider.php
Get your github oauth client key
Click your account icon
and click the Sittings
Click the Developer settings
on the left side menu.
Click the OAuth Apps
and then click the New Oauth App
button to create your github oauth app
Setting the config/services.php
file
Add the following github oauth information to your config/services.php
and .env
file
// config/services.php
'github' => [
'client_id' => env('GITHUB_OAUTH_CLIENT_ID'),
'client_secret' => env('GITHUB_OAUTH_CLIENT_SECRET'),
'redirect' => env('GITHUB_OAUTH_CALLBACK_URL'),
],
# .env
GITHUB_OAUTH_CLIENT_ID=github_oauth_client_id
GITHUB_OAUTH_CLIENT_SECRET=github_oauth_client_secret
GITHUB_OAUTH_CALLBACK_URL=github_callback_url
Add github oauth controller
Session State OAuth
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('github')->stateless()->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$GithubUser = Socialite::driver('github')->stateless()->user();
dump($GithubUser->getId());
dump($GithubUser->getNickname());
dump($GithubUser->getName());
dump($GithubUser->getEmail());
dump($GithubUser->getAvatar());
dump($GithubUser->attributes);
dump($GithubUser->getRaw());
});
Github oauth response
$GithubUser->attributes
// $GithubUser->attributes
{
"id": 120456914,
"nickname": "KJ",
"name": null,
"email": "[email protected]",
"avatar": "https://avatars.githubusercontent.com/u/XXXXXXXX"
}
$GithubUser->getRaw()
// $GithubUser->getRaw()
{
"login": "kj",
"id": 11111111,
"node_id": "qwertyuiop",
"avatar_url": "https://avatars.githubusercontent.com/u/1586089?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/kejyun",
"html_url": "https://github.com/kejyun",
"followers_url": "https://api.github.com/users/kejyun/followers",
"following_url": "https://api.github.com/users/kejyun/following{/other_user}",
"gists_url": "https://api.github.com/users/kejyun/gists{/gist_id}",
"starred_url": "https://api.github.com/users/kejyun/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/kejyun/subscriptions",
"organizations_url": "https://api.github.com/users/kejyun/orgs",
"repos_url": "https://api.github.com/users/kejyun/repos",
"events_url": "https://api.github.com/users/kejyun/events{/privacy}",
"received_events_url": "https://api.github.com/users/kejyun/received_events",
"type": "User",
"site_admin": false,
"name": "KJ",
"company": null,
"blog": "",
"location": null,
"email": "[email protected]",
"hireable": true,
"bio": null,
"twitter_username": null,
"public_repos": 108,
"public_gists": 92,
"followers": 120,
"following": 0,
"created_at": "2012-03-29T06:50:35Z",
"updated_at": "2022-05-05T00:09:51Z"
}
Gitlab Laravel Socialite
vendor/laravel/socialite/src/Two/GitlabProvider.php
Get your Gitlab oauth client key
Click the account icon
, then click the Preferences
item on the dropdown menu.
Then click the Applications
item on the left side menu at the user setting page
Add the read_user
scope to your gitlab oauth app
Setting the config/services.php
file
Add the following gitlab oauth information to your config/services.php
and .env
file
// config/services.php
'gitlab' => [
'client_id' => env('GITLAB_OAUTH_CLIENT_ID'),
'client_secret' => env('GITLAB_OAUTH_CLIENT_SECRET'),
'redirect' => env('GITLAB_OAUTH_CALLBACK_URL'),
],
# .env
GITLAB_OAUTH_CLIENT_ID=gitlab_oauth_client_id
GITLAB_OAUTH_CLIENT_SECRET=gitlab_oauth_client_secret
GITLAB_OAUTH_CALLBACK_URL=gitlab_oauth_callback_url
Add gitlab oauth controller
Session State OAuth
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('gitlab')->stateless()->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$GitlabUser = Socialite::driver('gitlab')->stateless()->user();
dump($GitlabUser->getId());
dump($GitlabUser->getNickname());
dump($GitlabUser->getName());
dump($GitlabUser->getEmail());
dump($GitlabUser->getAvatar());
dump($GitlabUser->attributes);
dump($GitlabUser->getRaw());
});
Gitlab oauth response
$GitlabUser->attributes
// $GitlabUser->attributes
{
"id": 4180752,
"nickname": "kejyun",
"name": "KJ",
"email": "[email protected]",
"avatar": "https://secure.gravatar.com/avatar/xxxxxxx"
}
$GitlabUser->getRaw()
// $GitlabUser->getRaw()
{
"id": 111111111,
"username": "kejyun",
"name": "KJ",
"state": "active",
"avatar_url": "https://secure.gravatar.com/avatar/xxxxxx",
"web_url": "https://gitlab.com/kejyun",
"created_at": "2019-06-21T09:33:53.141Z",
"bio": "",
"location": null,
"public_email": "",
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": "",
"organization": null,
"job_title": "",
"pronouns": null,
"bot": false,
"work_information": null,
"followers": 0,
"following": 0,
"is_followed": false,
"local_time": "2:45 PM",
"last_sign_in_at": "2022-12-28T09:36:45.354Z",
"confirmed_at": "2019-06-21T09:34:24.211Z",
"last_activity_on": "2023-01-02",
"email": "[email protected]",
"theme_id": 11,
"color_scheme_id": 2,
"projects_limit": 100000,
"current_sign_in_at": "2022-12-29T04:13:36.649Z",
"identities": [],
"can_create_group": true,
"can_create_project": true,
"two_factor_enabled": true,
"external": false,
"private_profile": false,
"commit_email": "[email protected]",
"shared_runners_minutes_limit": null,
"extra_shared_runners_minutes_limit": null
}
Socialite Providers
Install
Composer
composer require socialiteproviders/zoho
Add service provider
Remove Laravel\Socialite\SocialiteServiceProvider
from your providers[]
array in config\app.php
if you have added it already.
Add \SocialiteProviders\Manager\ServiceProvider::class
to your providers[]
array in config\app.php
.
'providers' => [
// a whole bunch of providers
// remove 'Laravel\Socialite\SocialiteServiceProvider',
\SocialiteProviders\Manager\ServiceProvider::class, // add
];
Add Event Listener
Add other socialite provider to the listener
protected $listen = [
\SocialiteProviders\Manager\SocialiteWasCalled::class => [
// add your listeners (aka providers) here
'SocialiteProviders\\Zoho\\ZohoExtendSocialite@handle',
],
];
Instagram Laravel Socialite
vendor/socialiteproviders/instagram/Provider.php
Get Your Instagram Oauth Client Key
Go to the Meta for Developers oauth app and click the Set up
button for the Instagram Basic Display
on the Dashboard
page
After finish setup the Instagram Basic Display
then click the Instagram Basic Display / Basic Display
item on the left side menu. And click the Create New App
to create your instagram oauth app
Install Instagram Socialite Service Provider
composer require socialiteproviders/instagram-basic
Add the instagram socialite provider event to the app/Providers/EventServiceProvider.php
// app/Providers/EventServiceProvider.php
protected $listen = [
\SocialiteProviders\Manager\SocialiteWasCalled::class => [
// ... other providers
\SocialiteProviders\InstagramBasic\InstagramBasicExtendSocialite::class.'@handle',
],
];
Setting the config/services.php
file
Add the following Instagram oauth information to your config/services.php
and .env
file
// config/services.php
'instagrambasic' => [
'client_id' => env('INSTAGRAM_OAUTH_CLIENT_ID'),
'client_secret' => env('INSTAGRAM_OAUTH_CLIENT_SECRET'),
'redirect' => env('INSTAGRAM_OAUTH_CALLBACK_URL'),
],
# .env
INSTAGRAM_OAUTH_CLIENT_ID=instagram_oauth_client_id
INSTAGRAM_OAUTH_CLIENT_SECRET=instagram_oauth_client_secret
INSTAGRAM_OAUTH_CALLBACK_URL=instagram_oauth_callback_url
Add Instagram Oauth Controller
Session State OAuth
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('instagrambasic')->stateless()->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$InstagramUser = Socialite::driver('instagrambasic')->stateless()->user();
dump($InstagramUser->getId());
dump($InstagramUser->getNickname());
dump($InstagramUser->getName());
dump($InstagramUser->getEmail());
dump($InstagramUser->getAvatar());
dump($InstagramUser->attributes);
dump($InstagramUser->getRaw());
});
Instagram oauth response
$InstagramUser->attributes
// $InstagramUser->attributes
{
"id": "11111111",
"nickname": "kj",
"name": null,
"email": null,
"avatar": null,
"account_type": "PERSONAL",
"media_count": null
}
$InstagramUser->getRaw()
// $InstagramUser->getRaw()
{
"account_type": "PERSONAL",
"id": "11111111",
"username": "kj"
}
Line Laravel Socialite
vendor/socialiteproviders/line/Provider.php
Get Your Line Oauth Client Key
Go to the LINE Login page and click the Products / LINE Login / Start now
to create your line oauth app
Install Line Socialite Service Provider
composer require socialiteproviders/line
Add the Line socialite provider event to the app/Providers/EventServiceProvider.php
// app/Providers/EventServiceProvider.php
protected $listen = [
\SocialiteProviders\Manager\SocialiteWasCalled::class => [
// ... other providers
\SocialiteProviders\Line\LineExtendSocialite::class.'@handle',
],
];
Setting the config/services.php
file
Add the following Line oauth information to your config/services.php
and .env
file
// config/services.php
'line' => [
'client_id' => env('LINE_OAUTH_CLIENT_ID'),
'client_secret' => env('LINE_OAUTH_CLIENT_SECRET'),
'redirect' => env('LINE_OAUTH_CALLBACK_URL'),
],
# .env
LINE_OAUTH_CLIENT_ID=line_oauth_client_id
LINE_OAUTH_CLIENT_SECRET=line_oauth_client_secret
LINE_OAUTH_CALLBACK_URL=line_oauth_callback_url
Add Line Oauth Controller
Session State OAuth
use Laravel\Socialite\Facades\Socialite;
Route::get('/auth/redirect', function () {
return Socialite::driver('line')->redirect();
});
Route::get('/auth/callback', function () {
// Laravel\Socialite\Two\User
// vendor/laravel/socialite/src/Two/User.php
$LineUser = Socialite::driver('line')->user();
dump($LineUser->getId());
dump($LineUser->getNickname());
dump($LineUser->getName());
dump($LineUser->getEmail());
dump($LineUser->getAvatar());
dump($LineUser->attributes);
dump($LineUser->getRaw());
});
Line oauth response
$LineUser->attributes
// $LineUser->attributes
{
"id": "111111111111",
"nickname": null,
"name": "KJ",
"avatar": "https://profile.line-scdn.net/xxxxxxx",
"email": null
}
$LineUser->getRaw()
// $LineUser->getRaw()
{
"iss": "https://access.line.me",
"sub": "111111",
"aud": "2222",
"exp": 11111,
"iat": 33333,
"amr": [
"linesso"
],
"name": "KJ",
"picture": "https://profile.line-scdn.net/xxxxxxx"
}
Reference
- Laravel Socialite (Social OAuth Login)
- Socialite Providers
- reddit.com: api documentation
- Instagram OAuth
- SocialiteProviders/Instagram: [READ ONLY] Subtree split of the SocialiteProviders/Instagram Provider (see SocialiteProviders/Providers)
- Use Cases, Tutorials, & Documentation | Twitter Developer Platform
- Authentication overview | Docs | Twitter Developer Platform
- OAuth 2.0 Authorization Code Flow with PKCE | Docs | Twitter Developer Platform
- Twitter Developers
- LinkedIn Developer Solutions
- Authenticating users with Sign in with Apple | Apple Developer Documentation
Apple
Github
Gitlab
Line
- LINE Developers
- LINE Login v2.1 API reference | LINE Developers
- LINE Login | LINE Developers
- LINE Socialite Providers