PHPackages                             kaizencore/laravel-oauth-client - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. kaizencore/laravel-oauth-client

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

kaizencore/laravel-oauth-client
===============================

Laravel Socialite provider for Kaizen OAuth authentication

016PHP

Since Dec 27Pushed 4mo agoCompare

[ Source](https://github.com/KaizenCore/Kaizen-oauth-client-laravel)[ Packagist](https://packagist.org/packages/kaizencore/laravel-oauth-client)[ RSS](/packages/kaizencore-laravel-oauth-client/feed)WikiDiscussions main Synced 1mo ago

READMEChangelogDependenciesVersions (1)Used By (0)

Kaizen Laravel OAuth Client
===========================

[](#kaizen-laravel-oauth-client)

Laravel Socialite provider for Kaizen OAuth authentication.

Installation
------------

[](#installation)

```
composer require kaizencore/laravel-oauth-client
```

The package will automatically register itself via Laravel's package auto-discovery.

Configuration
-------------

[](#configuration)

Add these variables to your `.env` file:

```
KAIZEN_CLIENT_ID=your-client-id
KAIZEN_CLIENT_SECRET=your-client-secret
```

That's it! The package is ready to use.

### Optional Configuration

[](#optional-configuration)

```
# Custom redirect URI (default: /auth/kaizen/callback)
KAIZEN_REDIRECT_URI=/custom/callback

# Custom base URL (default: https://kaizencore.tech)
KAIZEN_BASE_URL=https://kaizencore.tech

# Custom scopes (default: user:read,user:email)
KAIZEN_SCOPES=user:read,user:email,user:profile
```

To publish the config file:

```
php artisan vendor:publish --tag=kaizen-config
```

Usage
-----

[](#usage)

### Basic Authentication Flow

[](#basic-authentication-flow)

```
use Laravel\Socialite\Facades\Socialite;

// routes/web.php
Route::get('/auth/kaizen', function () {
    return Socialite::driver('kaizen')->redirect();
})->name('kaizen.redirect');

Route::get('/auth/kaizen/callback', function () {
    $user = Socialite::driver('kaizen')->user();

    // $user->getId()
    // $user->getName()
    // $user->getEmail()
    // $user->getAvatar()
    // $user->getMinecraftUuid()
    // $user->getMinecraftUsername()

    // Store tokens in session
    session([
        'kaizen_access_token' => $user->token,
        'kaizen_refresh_token' => $user->refreshToken,
        'kaizen_expires_at' => now()->addSeconds($user->expiresIn),
        'kaizen_user' => [
            'id' => $user->getId(),
            'name' => $user->getName(),
            'email' => $user->getEmail(),
            'avatar' => $user->getAvatar(),
        ],
    ]);

    return redirect('/dashboard');
})->name('kaizen.callback');
```

### Custom Scopes

[](#custom-scopes)

```
return Socialite::driver('kaizen')
    ->scopes(['user:read', 'user:email', 'api:keys'])
    ->redirect();
```

### Using Default Scopes from Config

[](#using-default-scopes-from-config)

```
return Socialite::driver('kaizen')
    ->withDefaultScopes()
    ->redirect();
```

### Refreshing Tokens

[](#refreshing-tokens)

```
use Laravel\Socialite\Facades\Socialite;

$provider = Socialite::driver('kaizen');
$newTokens = $provider->refreshToken(session('kaizen_refresh_token'));

session([
    'kaizen_access_token' => $newTokens['access_token'],
    'kaizen_refresh_token' => $newTokens['refresh_token'],
    'kaizen_expires_at' => now()->addSeconds($newTokens['expires_in']),
]);
```

### Revoking Tokens

[](#revoking-tokens)

```
$provider = Socialite::driver('kaizen');
$provider->revokeToken(session('kaizen_access_token'));

session()->forget(['kaizen_access_token', 'kaizen_refresh_token', 'kaizen_expires_at', 'kaizen_user']);
```

### Getting User Profile

[](#getting-user-profile)

```
$provider = Socialite::driver('kaizen');
$profile = $provider->getUserProfile(session('kaizen_access_token'));
```

Middleware
----------

[](#middleware)

The package includes middleware for both web session-based and API token-based authentication.

### Web Session Authentication

[](#web-session-authentication)

For traditional web applications that store tokens in sessions:

```
// routes/web.php
Route::middleware('kaizen.auth')->group(function () {
    Route::get('/dashboard', DashboardController::class);
});
```

The `kaizen.auth` middleware will:

- Check for a valid Kaizen token in the session
- Automatically refresh expired tokens using the refresh token
- Redirect to the login route if no valid token exists

### API Token Authentication

[](#api-token-authentication)

For API endpoints that receive Bearer tokens in the Authorization header:

```
// routes/api.php

// Basic authentication - validates the token
Route::middleware('kaizen.api')->group(function () {
    Route::get('/user', fn(Request $request) => $request->attributes->get('kaizen_user'));
});

// With required scopes - user must have ALL specified scopes
Route::middleware('kaizen.api:skins:read,skins:create')->group(function () {
    Route::get('/skins', [SkinController::class, 'index']);
    Route::post('/skins', [SkinController::class, 'store']);
});

// Check for ANY scope - user needs at least one
Route::middleware(['kaizen.api', 'kaizen.scopes.any:skins:read,skins:manage'])->group(function () {
    Route::get('/my-skins', [SkinController::class, 'mySkins']);
});
```

The `kaizen.api` middleware supports two authentication methods:

1. **Bearer Token** (primary): Extract token from `Authorization: Bearer ` header
2. **Session Fallback** (for SPAs): Use session-stored tokens when no Bearer token is present

This makes it perfect for:

- External API consumers (use Bearer tokens)
- Same-domain SPAs/dashboards (use session auth automatically)

Features:

- Validates tokens against the Kaizen OAuth server
- Caches validation results (configurable TTL, default 5 minutes)
- Auto-refreshes expired session tokens
- Attaches the authenticated user to the request
- Optionally checks for required scopes

### Accessing the Authenticated User

[](#accessing-the-authenticated-user)

```
// In your controller
public function index(Request $request)
{
    $user = $request->attributes->get('kaizen_user');

    // Access user properties
    $user->getId();
    $user->getName();
    $user->getEmail();
    $user->getMinecraftUuid();
    $user->isAdmin();  // Check if user is admin

    // Check scopes
    $scopes = $user->getRaw()['scopes'] ?? [];

    return response()->json([
        'user' => $user->getId(),
        'scopes' => $scopes,
    ]);
}
```

### Available Middleware Aliases

[](#available-middleware-aliases)

AliasClassDescription`kaizen.auth``EnsureKaizenToken`Web session-based auth with auto-refresh`kaizen.api``ValidateKaizenToken`API Bearer token validation`kaizen.scopes``CheckKaizenScopes`Require ALL specified scopes`kaizen.scopes.any``CheckKaizenScopesAny`Require ANY of specified scopesKaizenUser Object
-----------------

[](#kaizenuser-object)

The `KaizenUser` object extends the standard Socialite User with additional methods:

```
$user = Socialite::driver('kaizen')->user();

// Standard Socialite methods
$user->getId();
$user->getName();
$user->getEmail();
$user->getAvatar();
$user->token;
$user->refreshToken;
$user->expiresIn;

// Kaizen-specific methods
$user->getMinecraftUuid();        // Minecraft UUID if linked
$user->getMinecraftUsername();    // Minecraft username if linked
$user->hasMinecraftAccount();     // Check if Minecraft is linked
$user->hasRole('admin');          // Check user role
$user->isAdmin();                 // Shortcut for admin check
$user->getLocale();               // User's locale preference (en/fr)
$user->getAttribute('key');       // Get any raw attribute
$user->getAttributes();           // Get all raw attributes
```

Available Scopes
----------------

[](#available-scopes)

### User Scopes

[](#user-scopes)

ScopeDescription`user:read`Basic user information (id, name, avatar)`user:email`User's email address`user:profile`Full profile including Minecraft account info### Minecraft Scopes

[](#minecraft-scopes)

ScopeDescription`minecraft:read`Read linked Minecraft account (UUID, username)`minecraft:verify`Verify Minecraft account ownership### Skins API Scopes

[](#skins-api-scopes)

ScopeDescription`skins:read`View user's Minecraft skins`skins:create`Upload new skins`skins:delete`Delete skins`skins:manage`Full access to skins (view, create, edit, delete)### API Keys Scopes

[](#api-keys-scopes)

ScopeDescription`api-keys:read`View API keys`api-keys:create`Create new API keys`api-keys:delete`Delete API keys`api-keys:manage`Full access to API keys### Other Scopes

[](#other-scopes)

ScopeDescription`plugins:favorites`Manage plugin favoritesGetting OAuth Credentials
-------------------------

[](#getting-oauth-credentials)

1. Go to your Kaizen dashboard:
2. Create a new OAuth client
3. Set the redirect URI to match your application
4. Copy the Client ID and Client Secret to your `.env` file

License
-------

[](#license)

MIT

###  Health Score

19

—

LowBetter than 10% of packages

Maintenance51

Moderate activity, may be stable

Popularity6

Limited adoption so far

Community6

Small or concentrated contributor base

Maturity12

Early-stage or recently created project

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://www.gravatar.com/avatar/850145fe061709a47534cf7f1ad7ddf488200ee9508e247161344e06990442b4?d=identicon)[timiliris](/maintainers/timiliris)

---

Top Contributors

[![timiliris](https://avatars.githubusercontent.com/u/103514954?v=4)](https://github.com/timiliris "timiliris (12 commits)")

### Embed Badge

![Health badge](/badges/kaizencore-laravel-oauth-client/health.svg)

```
[![Health](https://phpackages.com/badges/kaizencore-laravel-oauth-client/health.svg)](https://phpackages.com/packages/kaizencore-laravel-oauth-client)
```

###  Alternatives

[namshi/jose

JSON Object Signing and Encryption library for PHP.

1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client

OAuth 1.0 Client Library

99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle

Implements a refresh token system over Json Web Tokens in Symfony

70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google

Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client

41721.2M118](/packages/league-oauth2-google)[illuminate/auth

The Illuminate Auth package.

9327.3M1.0k](/packages/illuminate-auth)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)