PHPackages xcesaralejandro/canvasoauth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. xcesaralejandro/canvasoauth ActiveLibrary[Authentication & Authorization](/categories/authentication) xcesaralejandro/canvasoauth =========================== This package provides a simple integration for oauth between canvas and laravel. 1.0.2(3y ago)1227MITPHPPHP ^8.0 Since Jul 14Pushed 3y ago1 watchersCompare [ Source](https://github.com/xcesaralejandro/canvasoauth)[ Packagist](https://packagist.org/packages/xcesaralejandro/canvasoauth)[ RSS](/packages/xcesaralejandro-canvasoauth/feed)WikiDiscussions main Synced 4w ago READMEChangelogDependencies (2)Versions (9)Used By (0) Introduction ------------ [](#introduction) canvasoauth is a package developed for Laravel and integrates the Oauth2 credential flow in its entirety. The package provides everything you need to get started and takes care of storing and renewing user tokens. To learn more about Oauth2 focused on canvas, you can visit the official Canvas documentation here: Requirements ------------ [](#requirements) php >= 8.0 Laravel >= 8.0 Installation and configuration ------------------------------ [](#installation-and-configuration) #### 1.- Add the package to your project [](#1--add-the-package-to-your-project) `composer require xcesaralejandro/canvasoauth` #### 2.- Publish the provider [](#2--publish-the-provider) `php artisan vendor:publish --provider=xcesaralejandro\canvasoauth\Providers\CanvasOauthServiceProvider --force` #### 3.- Run the migrations [](#3--run-the-migrations) `php artisan migrate` #### 4.- Complete the configuration file [](#4--complete-the-configuration-file) Once the providers have been published, you will have a new file called `canvasoauth.php` inside the config folder, there you will have to complete the configuration. The variables to fill in the configuration are the credentials obtained when adding a new API developer key in canvas. While it is generating the credentials, canvas will ask you for your redirection point, use the following for all fields where you need to put a URL: `https://YOUR_DOMAIN_HERE/canvas/code_exchange` Going back to the configuration, at this point it may be a bit obvious what goes into each section, but I'll comment on them anyway. **VERIFY\_SELF\_SIGNED\_HTTPS =>** If false, it allows you to make the required HTTP requests, ignoring that your certificate is self-signed. **CANVAS\_DOMAIN\_URL =>** The url of your Canvas instance, for example ***[https://YOUR\_INSTITUTION.instructure.com](https://YOUR_INSTITUTION.instructure.com)*** **CANVAS\_CLIENT\_ID =>** client\_id generado por canvas tras agregar una nueva clave de desarrollador API. **CANVAS\_CLIENT\_SECRET =>** client\_secret generado por canvas tras agregar una nueva clave de desarrollador API. Use --- [](#use) First of all, note that this package manages the authorization tokens and the retrieval flow for you, in no case does it manage users. When referring to the user\_id, we are referring to the one provided by canvas. If your application has its own user management, try to store a dictionary of your local identifier and the canvas identifier obtained in the granting of permissions, otherwise, you will not be able to obtain the tokens correctly. Once you have configured the tool, the flow starts with a predefined link that is built with the credentials. This can be obtained using the following facade: ``` use xcesaralejandro\canvasoauth\Facades\CanvasOauth; CanvasOauth::getInitialAuthenticationUrl() ``` You can put the URL inside a link, automatic redirection or wherever you want, depending on the application you want to build. Remember that this is not authentication, rather a flow to get an authorization token. Access tokens can be infinitely regenerated, so ideally you should only ask the user for authorization once and then the package will always return a valid token. To control the flow, use the controller `App\Http\Controllers\CanvasOauthController.php` ``` public function onFinish(AuthenticatedUser $user, Request $request) : mixed { return parent::onFinish($user); // you can skip this, only creates debug log :) // At this point the oauth flow has finished successfully and the user has granted permissions. } public function onRejectedPermission(Request $request) : mixed { return parent::onRejectedPermission($request); // you can skip this, only creates debug log :) // At this point the user has canceled the grant of permissions. } public function onError(\Exception $exception) : mixed { return parent::onError($exception); // you can skip this, only creates debug log // Any error that may arise during the oauth flow will be thrown here } ``` On the other hand, you can manage the tokens with the `CanvasToken` model and in the following way: Check if a token exists for the user ``` CanvasToken::ExistsForUser(int $user_id) : bool ``` Returns the token for a particular user, regenerates in the background in case the token is expired. If the consulted user does not have a token or an error has occurred while regenerating the token, it will return null. ``` CanvasToken::GetForUser(int $user_id) : ?string ``` ### Health Score 27 — LowBetter than 49% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity13 Limited adoption so far Community7 Small or concentrated contributor base Maturity57 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~9 days Recently: every ~15 days Total 8 Last Release 1330d ago Major Versions 0.0.5 → 1.0.02022-07-19 ### Community Maintainers ![](https://www.gravatar.com/avatar/dc4591dc07f7628fa73beebc2af3dd8e1e27c3486f3e593f3a8991da57eed7c5?d=identicon)[xcesaralejandro](/maintainers/xcesaralejandro) --- Top Contributors [![xcesaralejandro](https://avatars.githubusercontent.com/u/24363177?v=4)](https://github.com/xcesaralejandro "xcesaralejandro (6 commits)") ### Embed Badge ![Health badge](/badges/xcesaralejandro-canvasoauth/health.svg) ``` [![Health](https://phpackages.com/badges/xcesaralejandro-canvasoauth/health.svg)](https://phpackages.com/packages/xcesaralejandro-canvasoauth) ``` ### Alternatives [overtrue/socialite A collection of OAuth 2 packages. 1.4k5.5M86](/packages/overtrue-socialite)[josiasmontag/laravel-recaptchav3 Recaptcha V3 for Laravel package 2641.6M2](/packages/josiasmontag-laravel-recaptchav3)[rahul900day/laravel-captcha Different types of Captcha implementation for Laravel Application. 10715.9k](/packages/rahul900day-laravel-captcha)[simplesamlphp/simplesamlphp-module-oidc A SimpleSAMLphp module adding support for the OpenID Connect protocol 5016.9k1](/packages/simplesamlphp-simplesamlphp-module-oidc)[kinde-oss/kinde-auth-php Kinde PHP SDK for authentication 2369.5k3](/packages/kinde-oss-kinde-auth-php)[descope/descope-php Descope SDK for PHP 3814.0k](/packages/descope-descope-php) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)