PHPackages andersbjorkland/facebook-oauth-extension - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. andersbjorkland/facebook-oauth-extension ActiveBolt-extension[Authentication & Authorization](/categories/authentication) andersbjorkland/facebook-oauth-extension ======================================== 👍 The Facebook Oauth Extension allows you to login to your admin interface with Facebook. 1.1(5y ago)114MITPHP Since May 23Pushed 5y ago1 watchersCompare [ Source](https://github.com/andersbjorkland/facebook-oauth-extension)[ Packagist](https://packagist.org/packages/andersbjorkland/facebook-oauth-extension)[ RSS](/packages/andersbjorkland-facebook-oauth-extension/feed)WikiDiscussions master Synced 3w ago READMEChangelog (2)Dependencies (4)Versions (3)Used By (0) AndersBjorkland Facebook Oauth Extension ======================================== [](#andersbjorkland-facebook-oauth-extension) Author: Anders Björkland Contact: A Bolt CMS extension, the Facebook Oauth Extension allows your admin users to login to the backend with the use of Facebook login. This extension is **not** a plug-and-play solution. You are required to do some configurations with Facebook Developer interface, as well as in the security configurations `config/packages/security.yaml` and adding environment variables. It also requires you to use same email on your user profile as you have registered with Facebook to be able to log in with this service. On you will have to register an account and create a new app with the **Facebook Login**product. Having added this product, go into Facebook Login/Settings. Add *Valid OAuth Redirect URIs* on the form: - - During development, you can have the following entries: , Similarly, you can add in **Facebook Login** *Deauthorization Callback URL* to Screenshot ---------- [](#screenshot) [![Screenshot](images/screenshot.png)](images/screenshot.png) Installation: ------------- [](#installation) ``` composer require andersbjorkland/facebook-oauth-extension ``` ### Configure security [](#configure-security) Configure authentication parameters by adding this authenticator in config/packages/security.yaml. Do not replace the Bolt configuration. ``` security: firewalls: main: guard: authenticators: - AndersBjorkland\FacebookOauthExtension\Security\FacebookAuthenticator entry_point: AndersBjorkland\FacebookOauthExtension\Security\FacebookAuthenticator ``` **Optionally** have Bolt\\Security\\LoginFormAuthenticator as entry point if you don't want Facebook oauth to be triggered automatically when you try to reach the admin interface: `entry_point: Bolt\Security\LoginFormAuthenticator` The full security config: ``` security: role_hierarchy: ROLE_ADMIN: [ROLE_EDITOR, ROLE_USER] ROLE_EDITOR: [ROLE_USER] ROLE_USER: [] encoders: Bolt\Entity\User: auto providers: database_users: entity: class: Bolt\Entity\User property: username firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: pattern: ^/ anonymous: true user_checker: Bolt\Security\UserChecker guard: authenticators: - Bolt\Security\LoginFormAuthenticator - AndersBjorkland\FacebookOauthExtension\Security\FacebookAuthenticator entry_point: AndersBjorkland\FacebookOauthExtension\Security\FacebookAuthenticator logout: handler: Bolt\Security\LogoutListener path: bolt_logout target: bolt_login remember_me: secret: '%kernel.secret%' lifetime: 2592000 access_control: # this is a catch-all for the admin area # additional security lives in the controllers - { path: '^%bolt.backend_url%/(login|resetpassword)$', roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: '^%bolt.backend_url%', roles: ROLE_ADMIN } - { path: '^/(%app_locales%)%bolt.backend_url%', roles: ROLE_ADMIN } ``` ### Adding environment variables [](#adding-environment-variables) By default, this extension will look for the environment variables *FACEBOOK\_APP\_ID* and *FACEBOOK\_APP\_SECRET*. Add these where you have your other sensitive variables. You can look up the variables for these in your app at under *settings/basic*, as listed under *App ID* and *App Secret*. The authentication flow ----------------------- [](#the-authentication-flow) The user goes to the URL `/extensions/facebook-oauth`. This will trigger the method *index* in the Controller class at *AndersBjorkland\\FacebookOauthExtension\\Controller*. The method will redirect the user to Facebook's oauth-endpoint at . If the user is not currently authenticated by Facebook it will open a dialog for the user to login with facebook and approve the extension to access their user profile. When the user approves access, or if the user is already authenticated with Facebook, Facebook will redirect the user back to the controller. When the controller is hit with the redirect from Facebook, the received Request object will contain a code-parameter. To be sure that the code is valid and is not simply an added query parameter to the url a second request will go to Facebook to switch it out for an access-token. When the access-token is received, the controller will send the response to the route */extensions/facebook-oauth/check*. If you have configured *config/packages/security.yaml* according to the instructions above, this will trigger the *FacebookAuthenticator* guard. The *FacebookAuthenticator* guard will look up the email for a Facebook user with the access-token received in the previous step. This email is then used to fetch a User from your database. If your user has registered with same email as is used for their Facebook account, then the guard will authenticate the user and log them in to the Bolt backend. Contributing ------------ [](#contributing) I'm looking at expanding the functionality of this extension. If you have suggestions for improvement you are free to contact me at . ### Health Score 24 — LowBetter than 31% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity7 Limited adoption so far Community4 Small or concentrated contributor base Maturity53 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~11 days Total 2 Last Release 1849d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/70691314?v=4)[Anders Björkland](/maintainers/AndersBjorkland)[@andersbjorkland](https://github.com/andersbjorkland) ### Code Quality Code StyleECS ### Embed Badge ![Health badge](/badges/andersbjorkland-facebook-oauth-extension/health.svg) ``` [![Health](https://phpackages.com/badges/andersbjorkland-facebook-oauth-extension/health.svg)](https://phpackages.com/packages/andersbjorkland-facebook-oauth-extension) ``` ### Alternatives [craftcms/cms Craft CMS 3.6k3.6M2.9k](/packages/craftcms-cms)[shopware/core Shopware platform is the core for all Shopware ecommerce products. 585.4M519](/packages/shopware-core)[mati365/ckeditor5-symfony CKEditor 5 integration for Symfony 261.9k](/packages/mati365-ckeditor5-symfony) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)