PHPackages nickbeen/socialiteproviders-google-one-tap - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. nickbeen/socialiteproviders-google-one-tap ActiveLibrary[Authentication & Authorization](/categories/authentication) nickbeen/socialiteproviders-google-one-tap ========================================== Google One Tap provider for Laravel Socialite 1.0.1(2y ago)251.1k—3.7%MITPHPPHP ^8.1 Since Mar 15Pushed 2y ago1 watchersCompare [ Source](https://github.com/nickbeen/socialiteproviders-google-one-tap)[ Packagist](https://packagist.org/packages/nickbeen/socialiteproviders-google-one-tap)[ RSS](/packages/nickbeen-socialiteproviders-google-one-tap/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)Dependencies (4)Versions (4)Used By (0) Google One Tap provider for Laravel Socialite ============================================= [](#google-one-tap-provider-for-laravel-socialite) [![Latest version](https://camo.githubusercontent.com/8fcb56e9e949786642d4765d21adbb7f99e7839ff5133f87194abb0c509f7d4f/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6e69636b6265656e2f736f6369616c69746570726f7669646572732d676f6f676c652d6f6e652d746170)](https://packagist.org/packages/nickbeen/socialiteproviders-google-one-tap)[![Total downloads](https://camo.githubusercontent.com/8116aeadc92ee242968427015a53049c65685469f124ed1cf83ec759c0a260ef/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6e69636b6265656e2f736f6369616c69746570726f7669646572732d676f6f676c652d6f6e652d746170)](https://packagist.org/packages/nickbeen/socialiteproviders-google-one-tap)[![PHP Version](https://camo.githubusercontent.com/2888d29ffe0fbb14e8c88725ef8ff9d84c289a1f40ea57442607c17c781a74cb/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f6e69636b6265656e2f736f6369616c69746570726f7669646572732d676f6f676c652d6f6e652d746170)](https://packagist.org/packages/nickbeen/socialiteproviders-google-one-tap)[![License](https://camo.githubusercontent.com/e4950bae279c004eab207f6162914a279a9596ce2bdc2540e7ef23a0bd67f2c3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f736f6369616c69746570726f7669646572732d676f6f676c652d6f6e652d746170)](https://packagist.org/packages/nickbeen/socialiteproviders-google-one-tap) A provider for [Laravel Socialite](https://laravel.com/docs/master/socialite) that allows authentication for Google through Google One Tap. The Google One Tap framework is build on top of OAuth2, but does not use the traditional OAuth authorize user flow. Instead of returning an access token, it returns an authenticating JWT token that expires after an hour. Google One Tap does not sync with the session of your application, so you should solve this within your application. As long as the credentials of the user aren't revoked and the user is logged in with their Google account or Google Chrome browser, the application will be able to grab a new JWT token with minimal user interaction when necessary. Installation ------------ [](#installation) ``` composer require nickbeen/socialiteproviders-google-one-tap ``` This package depends on `google/apiclient` (including 200+ `google\api-clients-services` packages) and will be also be included when installing this package. You can run the `google-task-composer-cleanup` script in `composer.json` to only keep the Google API client packages needed for running this Socialite provider. [DO NOT](https://github.com/googleapis/google-api-php-client?tab=readme-ov-file#cleaning-up-unused-services) run this script if your application depends on `google/apiclient`. Usage ----- [](#usage) Please see the [Base Installation Guide](https://socialiteproviders.com/usage/) if Laravel Socialite isn't installed yet into your application. ### Setup Google project [](#setup-google-project) First you might need to create a new project at [Google Cloud console](https://console.cloud.google.com/apis/credentials/consent), set up the *OAuth consent screen* and create a new *OAuth Client ID*. Within the Credentials menu you will find the client ID and client secret which you will need for authenticating. ### Add configuration [](#add-configuration) You will need to store the client ID and client secret in your `.env` file and add the configuration to `config/services.php`. You will also need to add a redirection url which will be used for logging in and registering with Google One Tap. This package refers to a specific .env value for Google One Tap to avoid any clashes with the standard Google Socialite provider. ``` # .env GOOGLE_CLIENT_ID=314159265-pi.apps.googleusercontent.com GOOGLE_CLIENT_SECRET=mkhYkO_ECIIp11mcZ3CEClhmgh_9FWTV2M_ GOOGLE_LOGIN_URI=/auth/google-one-tap ``` ``` # config/services.php return [ // other providers 'google-one-tap' => [ 'client_id' => env('GOOGLE_CLIENT_ID'), 'client_secret' => env('GOOGLE_CLIENT_SECRET'), 'redirect' => env('GOOGLE_LOGIN_URI'), ], ]; ``` ### Add provider event listener [](#add-provider-event-listener) Configure the package's listener to listen for `SocialiteWasCalled` events. Add the event to your `boot()` method in `app/Providers/AppServiceProvider` in Laravel 11 or add the event to your `listen[]` array in `app/Providers/EventServiceProvider` in Laravel 10. See the [Base Installation Guide](https://socialiteproviders.com/usage/) for detailed instructions. With Laravel 11: ``` namespace App\Providers; use Illuminate\Support\Facades\Event; use Illuminate\Support\ServiceProvider; class AppServiceProvider extends ServiceProvider { /** * Bootstrap any application services. */ public function boot(): void { Event::listen(function (\SocialiteProviders\Manager\SocialiteWasCalled $event) { $event->extendSocialite('google-one-tap', \SocialiteProviders\GoogleOneTap\Provider::class); }); } } ``` With Laravel 10: ``` namespace App\Providers; use Illuminate\Support\ServiceProvider; class EventServiceProvider extends ServiceProvider { protected $listen = [ \SocialiteProviders\Manager\SocialiteWasCalled::class => [ // other providers \SocialiteProviders\GoogleOneTap\GoogleOneTapExtendSocialite::class, ], ]; } ``` Usage ----- [](#usage-1) Google One Tap requires a specific implementation both in the front-end as the back-end. ### Front-end [](#front-end) On every page where you want to use Google One Tap, you will need to include the following script in the header of your html templates. ``` @guest @endguest ``` The actual Google One Tap prompt can be initiated with either javascript or html. The following code handles the response server side in html. It does not matter where you place this code. You can also append `data-client_id` and `data-login_uri` to any existing html element. Check [references](#references) for more settings and variations such as a full javascript implementation. ``` @guest @endguest ``` Styling this element won't have any effect since Google One tap is migrating to [FedCM](https://developer.chrome.com/en/docs/privacy-sandbox/fedcm/) which means the prompt will be handled by the browser itself if the browser supports it. For signing out you should add a `g_id_signout` class to your sign-out button to avoid a redirection loop because of `data-auto_select` in the previous snippet. ``` @csrf Sign out ``` Google One Tap has a cooldown period when a user closes the Google One Tap prompt. The more often a user closes the prompt, the longer it will take for the prompt to be able to reappear to the user. Therefore, you need to include a sign-in button for a fallback to a Google Sign-In prompt. You will likely only want to include this button on login and register pages. [Only](https://developers.google.com/identity/gsi/web/reference/html-reference#button-attribute-types) the data-type field is required. ``` ``` ### Back-end [](#back-end) Google One Tap is build on top of OAuth, but works different with an authenticating JTW token instead of with access tokens and refresh tokens. The `redirect()` and `refreshToken()` method won't be used in this context and will throw a `DisallowedMethodException` as a reminder. Your controller won't need to redirect the user and instead of resolving the user, you can immediately resolve the token. ``` use Laravel\Socialite\Facades\Socialite; return Socialite::driver('google-one-tap')->userFromToken($token); ``` This method will return the payload of the JWT token or throw an `InvalidIdTokenException` if the provided token was invalid. #### Payload array [](#payload-array) FieldTypeDescriptionavatar?stringThe user's profile picture if presentemailstringThe user's email addressemail\_verifiedbooleanTrue, if Google has verified the email addresshost\_domain?stringThe host domain of the user's GSuite email address if presentidstringThe user's unique Google IDnamestringThe user's nameOnly use `id` field as identifier for the user as it is unique among all Google Accounts and never reused. Don't use `email` as an identifier because a Google Account can have multiple email addresses at different points in time. Using the `email`, `email_verified` and `host_domain` fields you can determine if Google hosts and is authoritative for an email address. In cases where Google is authoritative the user is confirmed to be the legitimate account owner. #### Handling the payload [](#handling-the-payload) With the payload containing the `id` you can now handle the user flow after the user finished interacting with the Google One Tap prompt. This usually involves either registering the user if the Google ID isn't present in your database or logging in the user if you have a user registered with this Google ID. Optionally you can use `email` to check if the user already has a user account or Socialite credentials from another provider, and possibly connect the accounts or notify the user account. In basic Laravel code it would look something like this: ``` // routes/web.php use App\Controllers\Auth\GoogleOneTapController; use Illuminate\Support\Facades\Route; Route::post('auth/google-one-tap', [GoogleOneTapController::class, 'handler']) ->middleware('guest') ->name('google-one-tap.handler'); ``` ``` // e.g. GoogleOneTapController.php use App\Models\User; use Illuminate\Http\Request; use Laravel\Socialite\Facades\Socialite; use SocialiteProviders\GoogleOneTap\Exceptions\InvalidIdTokenException; public function handler(Request $request) { // Verify and validate JWT received from Google One Tap prompt try { $googleUser = Socialite::driver('google-one-tap')->userFromToken($request->input('credential')); } catch (InvalidIdTokenException $exception) { return response()->json(['error' => $exception]) } // Log the user in if the Google ID is associated with a user if ($googleUser = User::where('google_id', $googleUser['id'])->first()) { auth()->login($googleUser); } // Send user to registration form to provide missing details like username return redirect()->view('register.google-one-tap', compact('googleUser')) } ``` FAQ --- [](#faq) ### How can I use authoritative scopes with Google One Tap to e.g. upload to Google Drive? [](#how-can-i-use-authoritative-scopes-with-google-one-tap-to-eg-upload-to-google-drive) Google One Tap can only be used for authentication (who you are). For authorization, you need to use the built-in Google provider of Laravel Socialite. Both providers can be used simultaneously to give you the best of both worlds. ### Can I check if a user logged in with One Tap, used an existing session, etc.? [](#can-i-check-if-a-user-logged-in-with-one-tap-used-an-existing-session-etc) The `select_by` field in the response from Google contains [several possible values](https://developers.google.com/identity/gsi/web/reference/html-reference#select_by) like `auto`, `user` and `user_1tap` that indicate how the user interacted with your application when signing up or signing in. In Laravel the value can be easily accessed in your controller. ``` $select_by = request()->input('select_by') ``` References ---------- [](#references) - - - - - - License ------- [](#license) This package is licensed under the MIT License (MIT). See the [LICENSE](LICENSE.md) for more details. ### Health Score 31 — LowBetter than 68% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity32 Limited adoption so far Community7 Small or concentrated contributor base Maturity52 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 794d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/92aa362389acb1b6e743ac01f9532c7d691457e4bef55817c797d9f078136aef?d=identicon)[nickbeen](/maintainers/nickbeen) --- Top Contributors [![nickbeen](https://avatars.githubusercontent.com/u/66799549?v=4)](https://github.com/nickbeen "nickbeen (8 commits)") --- Tags google-one-taplaravelsocialitelaravelprovidersocialiteGoogle One Tap ### Code Quality TestsPest ### Embed Badge ![Health badge](/badges/nickbeen-socialiteproviders-google-one-tap/health.svg) ``` [![Health](https://phpackages.com/badges/nickbeen-socialiteproviders-google-one-tap/health.svg)](https://phpackages.com/packages/nickbeen-socialiteproviders-google-one-tap) ``` ### Alternatives [socialiteproviders/microsoft Microsoft OAuth2 Provider for Laravel Socialite 326.1M13](/packages/socialiteproviders-microsoft)[socialiteproviders/instagram Instagram OAuth2 Provider for Laravel Socialite 421.9M5](/packages/socialiteproviders-instagram)[kovah/laravel-socialite-oidc OpenID Connect OAuth2 Provider for Laravel Socialite 2073.7k](/packages/kovah-laravel-socialite-oidc)[socialiteproviders/kakao Kakao OAuth2 Provider for Laravel Socialite 10484.7k4](/packages/socialiteproviders-kakao) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)