PHPackages                             marcossaoleo/laravel-oauth2-login - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. marcossaoleo/laravel-oauth2-login

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

marcossaoleo/laravel-oauth2-login
=================================

Provides a middleware to protect resources requiring an OAuth2 login

1.0.2(2y ago)09MITPHPPHP ^8.2

Since Jun 26Pushed 2y agoCompare

[ Source](https://github.com/marcossaoleo/laravel-oauth2-login)[ Packagist](https://packagist.org/packages/marcossaoleo/laravel-oauth2-login)[ Docs](https://github.com/marcossaoleo/laravel-oauth2-login)[ RSS](/packages/marcossaoleo-laravel-oauth2-login/feed)WikiDiscussions master Synced 2d ago

READMEChangelog (1)Dependencies (5)Versions (4)Used By (0)

Laravel OAuth2 Login
====================

[](#laravel-oauth2-login)

[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md)[![Latest Stable Version](https://camo.githubusercontent.com/a616db07ed2f3b030310c1e3dfebe17204d17077ebd82fda4a6e6ad508c73761/68747470733a2f2f62616467652e667572792e696f2f67682f6d6172636f7373616f6c656f2532466c61726176656c2d6f61757468322d6c6f67696e2e737667)](https://github.com/marcossaoleo/laravel-oauth2-login/releases)[![Build Status](https://camo.githubusercontent.com/eafcce345e7da754b2de7d7fa8f1df5930dc06d77d06f447f6314cbe423c178a/68747470733a2f2f7472617669732d63692e6f72672f6d6172636f7373616f6c656f2f6c61726176656c2d6f61757468322d6c6f67696e2e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/marcossaoleo/laravel-oauth2-login)

This is a Laravel package that provides a middleware to protect routes requiring an OAuth2 login.

You could describe it as a bridge between Laravel and [league/oauth2-client](https://github.com/thephpleague/oauth2-client).

Features
--------

[](#features)

- OAuth2 client middleware
- Keeps token in session
- Refreshes expired tokens
- (Cached) resource owner info
- Driver to allow integration with `Auth/auth()`

Install
-------

[](#install)

- Using composer: `$ composer require marcossaoleo/laravel-oauth2-login`
- Register the service provider (Auto-Discovery enabled): `Marcossaoleo\LaravelOAuth2Login\ServiceProvider`
- Publish the config file: `$ artisan vendor:publish --provider="Marcossaoleo\LaravelOAuth2Login\ServiceProvider"`
- Put the credentials of your OAuth Provider in the published config

Usage
-----

[](#usage)

Add the `Marcossaoleo\LaravelOAuth2Login\CheckOAuth2` middleware to the routes (-groups) you want to protect.

**Bear in mind that this only ensures that some user is logged in**, if you require further authorization checks those will still have to be implemented. This package stores the resource owner info as an Request-attribute to enable you to do so.

This redirects unauthenticated users. If on some routes you only want to check whether a session by this package exists (for instance to display a login/logout button in your template) use `Marcossaoleo\LaravelOAuth2Login\OnlyCheckOAuth`. It will also refresh tokens and pull up to date resource owner data, but never redirect. On failure it just doesn't set the Request attribute.

### `Auth` guard

[](#auth-guard)

This is optional, as adding the middleware redirects the client anyways if not authenticated. If you want to utilize Policies however you will need to define a custom guard. A driver for it is provided by this package.

In your auth config, add the new guard like this:

```
  'oauth2' => [
    'driver' => 'oauth2', // Config: oauth2login.auth_driver_key
  ]
```

**You will need to assign a higher priority to `CheckOAuth2` than `\Illuminate\Auth\Middleware\Authenticate`**, do this by overriding `$middlewarePriority` in your Http-Kernel.

If you want to add the middleware globally, best do it as route-middleware, in `middlewareGroups.web`, rather than the very global middleware array.

Changelog
---------

[](#changelog)

Please see the [CHANGELOG](CHANGELOG.md) for more information on what has changed recently.

Credits
-------

[](#credits)

- [All Contributors](../../contributors)

License
-------

[](#license)

The MIT License (MIT). Please see the [License File](LICENSE.md) for more information.

###  Health Score

24

—

LowBetter than 31% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity4

Limited adoption so far

Community10

Small or concentrated contributor base

Maturity55

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 93.7% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~0 days

Total

3

Last Release

738d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/17593578?v=4)[marcossaoleo](/maintainers/marcossaoleo)[@marcossaoleo](https://github.com/marcossaoleo)

---

Top Contributors

[![kronthto](https://avatars.githubusercontent.com/u/17156142?v=4)](https://github.com/kronthto "kronthto (74 commits)")[![marcossaoleo](https://avatars.githubusercontent.com/u/17593578?v=4)](https://github.com/marcossaoleo "marcossaoleo (3 commits)")[![madagon](https://avatars.githubusercontent.com/u/2950285?v=4)](https://github.com/madagon "madagon (1 commits)")[![subtronic](https://avatars.githubusercontent.com/u/1489572?v=4)](https://github.com/subtronic "subtronic (1 commits)")

---

Tags

middlewarelaraveloauth2aclsessionlogin

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/marcossaoleo-laravel-oauth2-login/health.svg)

```
[![Health](https://phpackages.com/badges/marcossaoleo-laravel-oauth2-login/health.svg)](https://phpackages.com/packages/marcossaoleo-laravel-oauth2-login)
```

###  Alternatives

[kronthto/laravel-oauth2-login

Provides a middleware to protect resources requiring an OAuth2 login

2117.5k1](/packages/kronthto-laravel-oauth2-login)[directorytree/ldaprecord-laravel

LDAP Authentication &amp; Management for Laravel.

5752.3M18](/packages/directorytree-ldaprecord-laravel)[hasinhayder/tyro

Tyro - The ultimate Authentication, Authorization, and Role &amp; Privilege Management solution for Laravel 12 &amp; 13

6804.7k6](/packages/hasinhayder-tyro)[alajusticia/laravel-logins

Session management in Laravel apps, user notifications on new access, support for multiple separate remember tokens, IP geolocation, User-Agent parser

2014.5k](/packages/alajusticia-laravel-logins)[hosseinhezami/laravel-permission-manager

Advanced permission manager for Laravel.

383.3k](/packages/hosseinhezami-laravel-permission-manager)[amdadulhaq/guard-laravel

Guard is Role and Permission management system for Laravel

135.5k](/packages/amdadulhaq-guard-laravel)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
