PHPackages                             esanj/auth-bridge - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. esanj/auth-bridge

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

esanj/auth-bridge
=================

OAuth 2.0 Bridge package for connecting to external authorization servers.

v0.1.9(3w ago)0982MITPHPPHP ^8.1|^8.2|^8.3|^8.4

Since Jul 9Pushed 5mo agoCompare

[ Source](https://github.com/eSanjDev/ms-package-accounting-bridge)[ Packagist](https://packagist.org/packages/esanj/auth-bridge)[ RSS](/packages/esanj-auth-bridge/feed)WikiDiscussions main Synced today

READMEChangelogDependencies (13)Versions (9)Used By (2)

AuthBridge
==========

[](#authbridge)

**AuthBridge** is a comprehensive Laravel package for OAuth 2.0 authentication integration. While originally designed for the Accounting microservice, it provides a flexible and secure bridge to any OAuth 2.0 authorization server, enabling seamless authentication flows including Authorization Code Grant and Client Credentials Grant.

Features
--------

[](#features)

- Full OAuth 2.0 support (Authorization Code &amp; Client Credentials flows)
- Secure state validation (CSRF protection)
- Event-driven architecture for flexible integration
- JWT token extraction and validation
- Token caching for Client Credentials flow
- Open Redirect protection via whitelisting
- Runtime configuration via query parameters
- Fully configurable via environment variables
- Laravel 10+ and 11+ support

Requirements
------------

[](#requirements)

- **PHP:** 8.1+
- **Laravel:** 10.x, 11.x, 12.x
- **OAuth Server:** Any OAuth 2.0 compliant server

Installation
------------

[](#installation)

```
composer require esanj/auth-bridge
```

Configuration
-------------

[](#configuration)

### 1. Publish the configuration file

[](#1-publish-the-configuration-file)

```
php artisan vendor:publish --provider="Esanj\\AuthBridge\\AuthBridgeServiceProvider" --tag="config"
```

### 2. Environment Variables

[](#2-environment-variables)

Add these to your `.env` file:

```
# OAuth Client Credentials (required)
ACCOUNTING_BRIDGE_CLIENT_ID=your-client-id
ACCOUNTING_BRIDGE_CLIENT_SECRET=your-client-secret

# OAuth Server (required)
ACCOUNTING_BRIDGE_BASE_URL=https://oauth-server.example.com

# OAuth Authorization Parameters
ACCOUNTING_BRIDGE_OAUTH_PROMPT=consent        # Options: none, consent, login

# Callback URL (optional - auto-generated if not set)
ACCOUNTING_BRIDGE_REDIRECT_URL=https://yourapp.com/accounting/callback

# Success Redirect (where to go after successful auth)
ACCOUNTING_BRIDGE_SUCCESS_REDIRECT=/dashboard

# Route Configuration
ACCOUNTING_BRIDGE_ROUTE_PREFIX=accounting     # Route prefix for auth endpoints
ACCOUNTING_BRIDGE_PATH_REDIRECT=login         # Path for redirect endpoint
ACCOUNTING_BRIDGE_PATH_CALLBACK=callback      # Path for callback endpoint
ACCOUNTING_BRIDGE_MIDDLEWARE=web              # Comma-separated middleware list

# JWT Public Key Path (for token verification)
ACCOUNTING_BRIDGE_KEY_PATH=/path/to/oauth-public.key
```

### 3. Configuration Options

[](#3-configuration-options)

The `config/esanj/auth_bridge.php` file provides:

OptionDescription`client_id`OAuth 2.0 Client ID from authorization server`client_secret`OAuth 2.0 Client Secret`base_url`Base URL of OAuth authorization server`redirect_url`Callback URL (auto-generated from APP\_URL if not set)`auth2_prompt`OAuth prompt parameter: `none`, `consent`, or `login``success_redirect`Where to redirect after successful authentication`routes.prefix`Route prefix for package endpoints`routes.middleware`Middleware applied to package routes`route_path.redirect`Path for authorization redirect endpoint`route_path.callback`Path for OAuth callback endpoint`public_key_path`Path to OAuth server's public key for JWT verificationRoutes
------

[](#routes)

The package registers these routes (customizable via config):

MethodPathNameDescriptionGET`/{prefix}/{redirect}``auth-bridge.redirect`Initiates OAuth flowGET`/{prefix}/{callback}``auth-bridge.callback`Handles OAuth callback**Default URLs:**

- Redirect: `https://yourapp.com/accounting/login`
- Callback: `https://yourapp.com/accounting/callback`

Usage
-----

[](#usage)

### Basic Authentication Flow

[](#basic-authentication-flow)

#### 1. Redirect User to OAuth Server

[](#1-redirect-user-to-oauth-server)

In your login view or controller:

```
// Simple redirect
return redirect()->route('auth-bridge.redirect');

// With custom success redirect
return redirect()->route('auth-bridge.redirect', [
    'success_redirect' => '/admin/dashboard'
]);

// With custom callback URL
return redirect()->route('auth-bridge.redirect', [
    'callback_url' => 'https://yourapp.com/custom-callback'
]);
```

#### 2. Listen to TokenReceived Event (IMPORTANT!)

[](#2-listen-to-tokenreceived-event-important)

This is the **recommended approach** for handling authentication. Create a listener for the `TokenReceived` event:

```
php artisan make:listener HandleTokenReceived
```

**app/Listeners/HandleTokenReceived.php:**

```
