PHPackages larawizards/lara-oauth2-client - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. larawizards/lara-oauth2-client ActiveLibrary[Authentication & Authorization](/categories/authentication) larawizards/lara-oauth2-client ============================== Laravel OAuth2 client package for single sign-on (SSO) authentication with Fortify/Jetstream integration 1.0.0(3mo ago)01MITPHPPHP ^8.2 Since Jan 21Pushed 3mo agoCompare [ Source](https://github.com/harshchandra1984/lara-oauth2-client)[ Packagist](https://packagist.org/packages/larawizards/lara-oauth2-client)[ RSS](/packages/larawizards-lara-oauth2-client/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (8)Versions (2)Used By (0) Lara OAuth2 Client ================== [](#lara-oauth2-client) A Laravel package for OAuth2 client authentication with single sign-on (SSO) support, compatible with Laravel 10, 11, and 12. Includes seamless integration with Laravel Fortify and Jetstream. Features -------- [](#features) - ๐Ÿ” OAuth2 client implementation following industry best practices - ๐Ÿš€ Single Sign-On (SSO) login page - ๐Ÿ”— Laravel Fortify integration - ๐Ÿ”— Laravel Jetstream integration - ๐Ÿ“ฆ Laravel 10, 11, and 12 compatible - ๐Ÿ”’ Secure token storage with encryption - ๐Ÿ‘ค Automatic user creation/update - ๐ŸŽจ Beautiful, customizable SSO login page - ๐Ÿงช Well-tested with PHPUnit Installation ------------ [](#installation) You can install the package via Composer: ``` composer require larawizards/lara-oauth2-client ``` Configuration ------------- [](#configuration) ### Quick Setup [](#quick-setup) 1. **Install the package:** ``` composer require larawizards/lara-oauth2-client ``` 2. **Publish configuration:** ``` php artisan lara-oauth2-client:install ``` 3. **Configure your `.env` file:** ``` OAUTH2_CLIENT_ID=your-client-id OAUTH2_CLIENT_SECRET=your-client-secret OAUTH2_REDIRECT_URI=http://your-app.com/oauth2/callback OAUTH2_AUTHORIZATION_URL=https://your-provider.com/oauth/authorize OAUTH2_TOKEN_URL=https://your-provider.com/oauth/token OAUTH2_USER_INFO_URL=https://your-provider.com/oauth/userinfo OAUTH2_SCOPES=openid profile email ``` 4. **Run migrations:** ``` php artisan migrate ``` ### Detailed Configuration [](#detailed-configuration) For complete configuration instructions, including: - Step-by-step setup guide - Configuration examples for popular providers (Google, Microsoft, GitHub, Auth0, Okta) - Fortify/Jetstream integration setup - Custom user mapping - Advanced options See [CONFIGURATION.md](CONFIGURATION.md) for detailed instructions. Usage ----- [](#usage) ### Basic Usage [](#basic-usage) The package automatically registers routes for OAuth2 authentication: - `GET /oauth2/redirect` - Redirects to OAuth2 provider - `GET /oauth2/callback` - Handles OAuth2 callback - `POST /oauth2/logout` - Logout and optionally revoke tokens - `GET /login/sso` - SSO login page (if enabled) ### Using the SSO Login Page [](#using-the-sso-login-page) Simply redirect users to the SSO login route: ``` return redirect()->route('login.sso'); ``` Or use the OAuth2 redirect directly: ``` return redirect()->route('oauth2.redirect'); ``` ### Protecting Routes with Middleware [](#protecting-routes-with-middleware) Use the `oauth2.auth` middleware to protect routes: ``` Route::middleware(['oauth2.auth'])->group(function () { Route::get('/dashboard', function () { return view('dashboard'); }); }); ``` ### User Model Configuration [](#user-model-configuration) The package automatically maps OAuth2 user attributes to your user model. You can customize the mapping in `config/lara-oauth2-client.php`: ``` 'user_mapping' => [ 'id' => 'oauth2_id', 'email' => 'email', 'name' => 'name', 'first_name' => 'first_name', 'last_name' => 'last_name', 'avatar' => 'avatar', ], ``` Make sure your user model has the necessary columns. You may need to create a migration: ``` Schema::table('users', function (Blueprint $table) { $table->string('oauth2_id')->nullable()->unique(); $table->string('avatar')->nullable(); }); ``` ### Laravel Fortify Integration [](#laravel-fortify-integration) 1. Enable Fortify integration in your `.env`: ``` OAUTH2_FORTIFY_ENABLED=true ``` 2. The package will automatically integrate with Fortify's login views. ### Laravel Jetstream Integration [](#laravel-jetstream-integration) 1. Enable Jetstream integration in your `.env`: ``` OAUTH2_JETSTREAM_ENABLED=true ``` 2. Publish Jetstream views (if not already done): ``` php artisan jetstream:install livewire # or php artisan jetstream:install inertia ``` 3. The package will add an SSO login button to your Jetstream login page. ### Customizing Views [](#customizing-views) Publish the views to customize them: ``` php artisan vendor:publish --tag=lara-oauth2-client-views ``` Views will be published to `resources/views/vendor/lara-oauth2-client/`. ### Programmatic Usage [](#programmatic-usage) You can also use the OAuth2 client directly: ``` use Larawizards\LaraOAuth2Client\OAuth2Client; $client = app(OAuth2Client::class); // Get authorization URL $authUrl = $client->getAuthorizationUrl(); // Get access token (after receiving authorization code) $tokenData = $client->getAccessToken($code, $state); // Get user info $userInfo = $client->getUserInfo($tokenData['access_token']); // Refresh token $newTokenData = $client->refreshAccessToken($refreshToken); ``` Configuration Options --------------------- [](#configuration-options) All configuration options are available in `config/lara-oauth2-client.php`: OptionDescriptionDefault`client_id`OAuth2 client ID-`client_secret`OAuth2 client secret-`redirect_uri`OAuth2 redirect URI`/oauth2/callback``authorization_url`OAuth2 authorization endpoint-`token_url`OAuth2 token endpoint-`user_info_url`OAuth2 user info endpoint-`scopes`OAuth2 scopes`['openid', 'profile', 'email']``route_prefix`Route prefix for OAuth2 routes`oauth2``auto_create_users`Automatically create users if they don't exist`true``fortify_enabled`Enable Fortify integration`false``jetstream_enabled`Enable Jetstream integration`false``sso_login_enabled`Enable SSO login page`true`Testing ------- [](#testing) Run the test suite: ``` composer test ``` Or with PHPUnit: ``` vendor/bin/phpunit ``` For detailed testing instructions, see [TESTING.md](TESTING.md). Security Best Practices ----------------------- [](#security-best-practices) 1. **Always use HTTPS** in production for OAuth2 redirects 2. **Store client secrets securely** - never commit them to version control 3. **Use environment variables** for all sensitive configuration 4. **Enable CSRF protection** - the package uses Laravel's built-in CSRF protection 5. **Validate state parameters** - the package automatically validates state to prevent CSRF attacks 6. **Encrypt tokens** - access and refresh tokens are automatically encrypted in the database Requirements ------------ [](#requirements) - PHP >= 8.2 - Laravel >= 10.0 - Guzzle HTTP Client Changelog --------- [](#changelog) Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. Contributing ------------ [](#contributing) Contributions are welcome! Please feel free to submit a Pull Request. License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE) for more information. Support ------- [](#support) For support, please open an issue on GitHub or contact . ### Health Score 35 โ€” LowBetter than 80% of packages Maintenance79 Regular maintenance activity Popularity1 Limited adoption so far Community6 Small or concentrated contributor base Maturity46 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits โ€” single point of failure How is this calculated?**Maintenance (25%)** โ€” Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** โ€” Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** โ€” Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** โ€” Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 110d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/09015b8dbb3e0f4837212c214c77333225c993fd2a2a427117f24080a9aaf490?d=identicon)[harshchandra1984](/maintainers/harshchandra1984) --- Top Contributors [![harshchandra1984](https://avatars.githubusercontent.com/u/9965368?v=4)](https://github.com/harshchandra1984 "harshchandra1984 (3 commits)") --- Tags laravelAuthenticationSSOoauth2single sign onjetstreamfortify ### Code Quality TestsPHPUnit Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/larawizards-lara-oauth2-client/health.svg) ``` [![Health](https://phpackages.com/badges/larawizards-lara-oauth2-client/health.svg)](https://phpackages.com/packages/larawizards-lara-oauth2-client) ``` ### Alternatives [league/oauth2-client OAuth 2.0 Client Library 3.8k118.6M1.2k](/packages/league-oauth2-client)[laragear/two-factor On-premises 2FA Authentication for out-of-the-box. 339785.3k8](/packages/laragear-two-factor)[alajusticia/laravel-logins Session management in Laravel apps, user notifications on new access, support for multiple separate remember tokens, IP geolocation, User-Agent parser 2011.0k](/packages/alajusticia-laravel-logins) PHPackages ยฉ 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)