PHPackages onelabs/xguard-client - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. onelabs/xguard-client ActiveLibrary[Authentication & Authorization](/categories/authentication) onelabs/xguard-client ===================== Laravel client SDK for x-guard OAuth 2.0 / OpenID Connect Identity Provider. Drop-in Socialite provider with default routes, controller, and Blade button component. v0.1.0(1mo ago)03MITPHPPHP ^8.2 Since May 8Pushed 1mo agoCompare [ Source](https://github.com/kurniawa9157/xguard-client)[ Packagist](https://packagist.org/packages/onelabs/xguard-client)[ Docs](https://github.com/kurniawa9157/xguard-client)[ RSS](/packages/onelabs-xguard-client/feed)WikiDiscussions main Synced 1w ago READMEChangelogDependencies (10)Versions (2)Used By (0) xguard-client ============= [](#xguard-client) Laravel client SDK for **x-guard** — an OAuth 2.0 / OpenID Connect Identity Provider. Drop in a Socialite provider, default routes, and a Blade login button. Get SSO into your Laravel app in 5 minutes. ``` composer require onelabs/xguard-client ``` --- What it does ------------ [](#what-it-does) - Registers `Socialite::driver('xguard')` — same API you already know. - Provides default `/auth/xguard/redirect` & `/auth/xguard/callback` routes (opt-out). - Resolves SSO users to your local `User` model (override via `UserResolver` interface). - Ships a Blade component `` for instant UI. --- Requirements ------------ [](#requirements) - PHP 8.2+ - Laravel 10, 11, or 12 - A running x-guard server with an App registered for your project (see [Developer Portal Setup](#getting-credentials-from-x-guard)) --- Installation ------------ [](#installation) ### 1. Install the package [](#1-install-the-package) ``` composer require onelabs/xguard-client ``` ### 2. Add credentials to `.env` [](#2-add-credentials-to-env) ``` XGUARD_ISSUER=https://x-guard.example.com XGUARD_CLIENT_ID=xg_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx XGUARD_CLIENT_SECRET=PASTE_PLAIN_SECRET_HERE XGUARD_REDIRECT_URI="${APP_URL}/auth/xguard/callback" ``` > The `XGUARD_REDIRECT_URI` value **must exactly match** a Redirect URI registered for your App in the x-guard Developer Portal — including scheme, host, port, and path. ### 3. Add to `config/services.php` [](#3-add-to-configservicesphp) ``` 'xguard' => [ 'issuer' => env('XGUARD_ISSUER'), 'client_id' => env('XGUARD_CLIENT_ID'), 'client_secret' => env('XGUARD_CLIENT_SECRET'), 'redirect' => env('XGUARD_REDIRECT_URI'), ], ``` ### 4. Publish the migration & run it [](#4-publish-the-migration--run-it) The package adds an `sso_user_id` column to your `users` table (used to link local users to x-guard). ``` php artisan vendor:publish --tag=xguard-migrations php artisan migrate ``` > The migration is idempotent: it skips if the column already exists. ### 5. Add the login button to your login view [](#5-add-the-login-button-to-your-login-view) ``` ``` That's it. The button points to the default `/auth/xguard/redirect` route, which handles the entire OAuth flow. --- Customization ------------- [](#customization) ### Publish the config (optional) [](#publish-the-config-optional) ``` php artisan vendor:publish --tag=xguard-config ``` This creates `config/xguard.php` where you can change defaults: scopes, route prefix, redirect-after-login, lookup column, button text, etc. ### Customize the button label/style [](#customize-the-button-labelstyle) ``` ``` ### Publish the button view (full markup control) [](#publish-the-button-view-full-markup-control) ``` php artisan vendor:publish --tag=xguard-views # edits resources/views/vendor/xguard/components/login-button.blade.php ``` ### Custom user resolver [](#custom-user-resolver) Need different linking logic (multi-table user storage, role assignment, domain whitelist)? Implement the `UserResolver` contract: ``` // app/Auth/MyXGuardResolver.php namespace App\Auth; use Onelabs\XGuardClient\Contracts\UserResolver; use Illuminate\Contracts\Auth\Authenticatable; use Laravel\Socialite\Two\User as SocialiteUser; class MyXGuardResolver implements UserResolver { public function resolve(SocialiteUser $ssoUser): Authenticatable { // Reject users from non-allowed domains, for example: if (!str_ends_with((string) $ssoUser->getEmail(), '@mycompany.com')) { throw new \DomainException('Hanya email @mycompany.com yang diizinkan.'); } // ... your custom lookup / create logic ... return \App\Models\User::firstOrCreate( ['sso_user_id' => $ssoUser->getId()], ['name' => $ssoUser->getName(), 'email' => $ssoUser->getEmail()], ); } } ``` Bind it in `AppServiceProvider::register()`: ``` $this->app->bind( \Onelabs\XGuardClient\Contracts\UserResolver::class, \App\Auth\MyXGuardResolver::class, ); ``` ### Disable default routes (write your own) [](#disable-default-routes-write-your-own) Set `XGUARD_USE_DEFAULT_ROUTES=false` (or in published config: `'use_default_routes' => false`), then write your own controller using the Socialite driver: ``` public function redirect() { return Socialite::driver('xguard')->redirect(); } public function callback(Request $request) { $ssoUser = Socialite::driver('xguard')->user(); // ... your logic } ``` ### Custom scopes per request [](#custom-scopes-per-request) ``` Socialite::driver('xguard') ->scopes(['openid', 'profile', 'email', 'phone', 'offline_access']) ->redirect(); ``` Available scopes: `openid` (required), `profile`, `email`, `phone`, `offline_access` (triggers refresh token). --- Getting credentials from x-guard -------------------------------- [](#getting-credentials-from-x-guard) You need 4 values from your x-guard developer: ValueWhere it comes from`XGUARD_ISSUER`The x-guard server URL (e.g. `https://x-guard.example.com`)`XGUARD_CLIENT_ID`Developer Portal → your App → Overview tab`XGUARD_CLIENT_SECRET`Developer Portal → your App → Credentials → **Generate New Secret** (shown ONCE)`XGUARD_REDIRECT_URI`Developer Portal → your App → Redirect URIs → add the exact callback URL of this Laravel appIf you're the x-guard developer, log in to x-guard and follow the [Developer Portal flow](#). --- How it works (under the hood) ----------------------------- [](#how-it-works-under-the-hood) 1. User clicks `` → goes to `/auth/xguard/redirect` 2. `XGuardLoginController::redirect()` calls `Socialite::driver('xguard')->redirect()` 3. User is sent to `{XGUARD_ISSUER}/oauth/authorize` → logs in at x-guard → grants consent 4. x-guard redirects back to `{XGUARD_REDIRECT_URI}?code=...&state=...` 5. `XGuardLoginController::callback()`: - Exchanges code for tokens at `{XGUARD_ISSUER}/oauth/token` - Fetches user profile from `{XGUARD_ISSUER}/oauth/userinfo` - Calls `UserResolver::resolve($ssoUser)` to find/create the local user - `Auth::login()` and redirects to the intended URL (or `redirect_after_login`) PKCE, JWT signature verification (via the OIDC `userinfo` server-to-server fetch), state CSRF protection — all handled by Socialite + the underlying x-guard server. --- Troubleshooting --------------- [](#troubleshooting) SymptomLikely cause / fix`error=invalid_request, redirect_uri not registered``XGUARD_REDIRECT_URI` doesn't exactly match what's whitelisted in Developer Portal. Check scheme, host, port, path, trailing slash.`error=invalid_client`Wrong `XGUARD_CLIENT_SECRET` or App is suspended in Developer Portal.User logs in but new account is created instead of linkingCheck that `email` returned by x-guard matches your local user's `email` exactly. Or override `UserResolver`.Button has no link (href="#")Default routes disabled but no `xguard.redirect` route defined. Either re-enable default routes or pass `href="..."`.`Class "Laravel\Socialite\..." not found`Socialite is a peer dep — `composer require laravel/socialite` once.--- License ------- [](#license) MIT — see [LICENSE](LICENSE). --- Credits ------- [](#credits) - Built on top of [Laravel Socialite](https://laravel.com/docs/socialite). - The icon is a generic shield-with-lock SVG; replace by publishing the view if you have x-guard branding. ### Health Score 36 — LowBetter than 79% of packages Maintenance94 Actively maintained with recent releases Popularity4 Limited adoption so far Community6 Small or concentrated contributor base Maturity36 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 32d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/ebfdf31ee1facbce32390112aaa9de10967806a914483d3729bb904e1cba475d?d=identicon)[kurniawa9157](/maintainers/kurniawa9157) --- Top Contributors [![kurniawa9157](https://avatars.githubusercontent.com/u/95950754?v=4)](https://github.com/kurniawa9157 "kurniawa9157 (3 commits)") --- Tags laravelSSOoauthsocialiteoauth2OpenID Connectoidcx-guardxguard ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/onelabs-xguard-client/health.svg) ``` [![Health](https://phpackages.com/badges/onelabs-xguard-client/health.svg)](https://phpackages.com/packages/onelabs-xguard-client) ``` ### Alternatives [psalm/plugin-laravel Psalm plugin for Laravel 3325.1M337](/packages/psalm-plugin-laravel)[roots/acorn Framework for Roots WordPress projects built with Laravel components. 9732.3M121](/packages/roots-acorn)[laravel/passport Laravel Passport provides OAuth2 server support to Laravel. 3.4k89.4M569](/packages/laravel-passport)[laravel/pulse Laravel Pulse is a real-time application performance monitoring tool and dashboard for your Laravel application. 1.7k14.1M120](/packages/laravel-pulse)[laravel/cashier-paddle Cashier Paddle provides an expressive, fluent interface to Paddle's subscription billing services. 268880.7k3](/packages/laravel-cashier-paddle)[pressbooks/pressbooks Pressbooks is an open source book publishing tool built on a WordPress multisite platform. Pressbooks outputs books in multiple formats, including PDF, EPUB, web, and a variety of XML flavours, using a theming/templating system, driven by CSS. 45344.0k1](/packages/pressbooks-pressbooks) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)