adamwathan / eloquent-oauth Goto Github PK

Apologies if I have posted this in the wrong section. This is an awesome plugin and wondering if you are building in any more providers, especially SoundCloud? - Thanks.

Hi, this not issue. I just want to say thanks for creating this library. Its really help! :)

Hi,
Thanks for your package.

When I'm using your package with the Facebook API I'm getting a warning "You must upgrade this app to Graph API v2.x
v1.0 will be deprecated on April 30, 2015"

I'm using the version for Laravel 4.

Are you going to update your package for the new API from Facebook ?

Thanks.

laravel 4.1
"adamwathan/eloquent-oauth": "~4.0"

ErrorException
Undefined property: AdamWathan\EloquentOAuth\Providers\FacebookProvider::$request

$url = $this->getAccessTokenBaseUrl();
try {
$response = $this->httpClient->get($url, [
'query' => [
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectUri(),
'code' => $this->request->authorizationCode(), // this line
],
]);

Authorization was attempted with invalid [This Happens Even When OAuth Returns Valid User Details]
I have added the code below..

try 
        {
            OAuth::login('facebook', function($user, $details) {

                var_dump($details);
                $checkVal =   $user->activated;
                $user->username = strtolower ( $details->firstName . '.' . $details->lastName );
                $user->name = $details->firstName . ' ' . $details->lastName;
                $user->image_url = $details->imageUrl;
                $user->email = $details->email;
                $user->gender = $details->gender;
                $user->activated = 1;
                $user->save();

                $userRole = Role::where('name', '=', 'super_admin')->first();

                if($checkVal!=1)
                {
                    //$userRole = Role::find(1);
                    $user->roles()->attach($userRole);
                }

            });

        } 
        catch (ApplicationRejectedException $e) 
        {
            // User rejected application
            return Response::json(['success' => false,'message'=>'User Authorization Rejected']);
        } 
        catch (InvalidAuthorizationCodeException $e)
        {
            return Response::json(['success' => false,'message'=>'Invalid Autorization Code']);
            // Authorization was attempted with invalid
            // code,likely forgery attempt
        }

        // Current user is now available via Auth facade
        $user = Auth::user();

        return Redirect::to('admin/tags');

How do you register a custom provider? It doesn't appear to be possible without editing EloquentOAuthServiceProvider.php.

Hi Adam,

First, thanks for this great package.
I'm using OAuth::authorize('facebook') to open the facebook authorize screen. The screen opens fine, but i want it to have the popup layout. So basically i want to be able to add parameters to the OAuth::authorize('provider').
See https://developers.facebook.com/docs/reference/dialogs/oauth?locale=nl_NL for the possible facebook parameters.
In my case i want to add the parameter display=popup.

I'm experiencing something odd:

Auth::check() is fine, but when I check Auth::user() it doesn't exist. This happens only after a period of inactivity, which leads me to believe that there is a timeout issue happening somewhere, perhaps on the Github provider?

Please consider adding Stripe. For use with the Stripe Connect OAUTH flow.

I'm getting an error page showing that an ApplicationRejectedException has been thrown.
Am I doing anything wrong here? It catches the exception when I do the catch on runtimeException.

Here's my code

Route::get('{oauth}/login', function($oauth) {
    try {
        OAuth::login($oauth);
    } catch (ApplicationRejectedException $e) {
        echo "in ApplicationRejectedException";
        die();
    } catch (InvalidAuthorizationCodeException $e) {
        // Authorization was attempted with invalid
        // code,likely forgery attempt
    }
   //catch(\RuntimeException $e){
   //     echo "in RuntimeException";
   //     die();
   //}

    // Current user is now available via Auth facade
    $user = Auth::user();

    return Redirect::intended();
});

I fucked something up somewhere, just posting this issue so people know I'm aware... Sorting it out now.

If you follow the installation instructions the file EloquentOAuthServiceProvider.php (and several others) are not included which make following the remainder of the installation impossible.

I had to manually set the branch to "dev-laravel-5" in order to pull in the updated branch with the required files.

When I'm using php artisan migrate it showing migration table created successfully along with this error "cannot redeclare class CreateOauthIdentitiesTable" someone help me to resolve this error...

Hi! First thanks for this great library! Absolutely easy to use, as you mentioned! :)

I would like to offer two authentication (ex. Google & Facebook) if it's possible. Now I implemented both. But when the "same" user using another provider, another user record will be created. Is it possible to lookup in the users table by a field (ex. email) and set the oauth_identities user_id to that if it's exists? (One user to Many provider)

i got cURL error 60: SSL certificate problem: unable to get local issuer certificate when authenticate on facebook
how to fix it
thank

So this might be (probably is) a stupid question but we have a backend system which powers multiple sites across multiple domains. Is there a way to check whether a person has authenticated and then identify which user it is once the domain has changed? I tried changing the Laravel session domains to an array but it did not like that, so I went with OAuth.

Thanks for your great work on this.
Matt

Hi Adam,

First of all, thanks for opensourcing your library. It was a great help for me.

I've forked your code for a project that I'm working on, and made some additions and updates to handle some custom scenarios that I need:

• In our webapp, Users need to be created by an admin first. We don't have to create them directly if the don't exist already in a user list. Because of this, I added a config parameter where you can configure the behavior (fail if user doesn't exist, or continue working as usual, creating the user).
• In our case a User might NOT exist in the identity table, but do exist in the webapp users table. For other webapps this might be the case also if they allowed the user to register first directly into their app, and added oauth functionality later.
• The webapp where we are using this has it's own complex logic for saving and finding users, so I made the UserStore overridable by the client webapp. In this way the webapp can implement it's own logic for storing and finding users.

All these changes are in this fork of your library: https://github.com/emersonmedia/eloquent-oauth , in the branch "feature_em" (https://github.com/emersonmedia/eloquent-oauth/commits/feature_em).

I thought to share it as maybe these features make sense to you too. Please, if you have some time, maybe you can take a look at the code additions and see if it useful for you too? There are still some Log::info() calls, and more commits than might be needed, but I was doing changes and testing directly in an online staging server by pushing this... If some of this evolves into a pull request, I can clean it up and organize it in less commits.

Just let me know what you think. These changes make sense from my side and app... but don't know if they might be useful in general for the library.

Thanks for your time!

How do you avoid an error with people logging in with different providers? So, if I log in with Github one visit and it creates a user and a oauth identity. Then the next time I visit the site and need to log in, I forgot that I used Github and click 'log in with Facebook'. It throws an error saying that there is a duplicate entry.

Hi Adman, Is can you add bit-bucket to the list of providers ? thanks :)

Could Guzzle 4.x be implemented instead of 3.7? My app uses 4.0 which means there are issues with this particular module.

In my fork I have made some changes to make use of Guzzle 4.0 (mostly namespace changes) but there are still a few things I haven't yet figured out. The access_token request is different when 4.0 is being used.

Good night,
It is possible that a user can install one or more providers and start with one section. This will create a new field in the users table.

My email is register with facebook [email protected] and new test with github have next error.

SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry '[email protected]' for key 'users_email_unique' (SQL: insert into users (email, name, updated_at, created_at) values ([email protected], Andres Felipe Vasquez, 2015-03-12 02:55:56, 2015-03-12 02:55:56))

Lots of providers don't give you these separately. Currently splitting on space, super dumb. Should've done full name in the first place.

Hi,

I'm trying to implement OAuth2 for a google account so we can access Google Analytics. My problem is that it's a single company-wide google account, so we'll be trying to log in with OAuth after a user has logged in to the Laravel 5 app itself, and therefore AIUI we need to keep the OAuth user out of Auth. Is this possible?

Many thanks.

If the user is missing, but the oauth_identities does exist, the $user returns null in the login closure, instead of throwing an exception.

Hi Adam,
Is there a possible way for me to add a new provider to the package? I'm trying to using my own provider with this package.

Hey Adam,

Thanks a lot for the package, it really makes Oauth easy true Laravel style!

I do however have a question, in regards to using the package. When i provide additional scopes for a provider, in my example Facebook, the returned user details that i access through the login callback doesn't include the extra details that i requested permission for.

How would i go about retrieving these extra details, e.g. the birthday of a user. Am i missing something here, or do i need to create a custom provider? And even so, how would i access the data?

We have our own authentication package which is basically a wrapper around this package.
This was done in order to make it easier to work with, since only our package (and config) needed to be there and it would supply the underlying eloquent-oauth with appropriate configurations. It also adds some additional routes, views (403 etc) and the related model. All in one package is very convenient.

With Laravel 4(.2) this was working just fine. However, with the dev-laravel-5 version this doesn't work anymore :(

In our serviceprovider we registered our provider as such:

\AdamWathan\EloquentOAuth\Facades\OAuth::registerProvider('CustomAuth', $this->app->make('CustomAuthProvider'));

This was working fine with L4.
But with L5 this doesn't appear to be possible (anymore) since we're getting an exception stating:

Invalid argument supplied for foreach() 

This originates from /vagrant/vendor/adamwathan/eloquent-oauth/src/EloquentOAuthServiceProvider.php:

     return $oauth;
    });
    }
    protected function registerProviders($oauth)
    {
    $providerAliases = $this->app['config']['eloquent-oauth.providers'];
    foreach ($providerAliases as $alias => $config) {
    if(isset($this->providerLookup[$alias])) {
    $providerClass = $this->providerLookup[$alias];

Has anything changed in that regard?

After a successful login an entry is inserted into oauth_identities and users. However, the username field remains empty. I have tried renaming "username" to "nickname" in the table definition but this didn't have any result.

This is being returned by the userdata service and the field is correctly configured in the provider

Hi,

I have made an own package based on the previous version of this repo.

Now that I'm implementing a second provider I ran into problem where the Provider class' __construct method is ran only with the first provider, leaving it with the first provider's config details. I have compared this codebase to mine and they seem identical on how the they create providers... For example they are identical in registerProviders() method where is this:

$provider       = new $providerClass($config, $httpClient, $this->app['request']);

After doing loggings the main problem seems to be that with the second provider Provider@__construct method is not run and is left with first provider's details?

Also my code gives an error that my provider's (replaced those you have implemented) wouldn't be an instance of ProviderInterface even though I just updated them to be exactly similar in that they extend Provider class which in turn implements ProviderInterface. That was solved then I wrote " implements ProviderInterface" directly to those custom provider classes.

It would be handy to be able to specify to append provider id and secret to all requests made to that provider. For example for the GitHub API that is one of the ways to get a better rate limit.

What do you think?

I fucked something up somewhere, just posting this issue so people know I'm aware... Sorting it out now.

I'm using the package in laravel 5 and I'm facing an issue. I manage to be redirected to Facebook, and being redirected back to my app, and using the closure I can see the details of the user, but I cannot login normally because no info is added to the table oauth_identities.

If I manually populate a row with the required info, all the new login attepts work properly..

Is this a normal behaviour because it's something I must manually insert or the package is supposed to do that for me?

Thanks and sorry if it is a stupid question.

Hi,

Not sure if this is just a documentation issue.

Because I'm using a slightly more complex auth setup (confide & entrust) I followed the docs to add a closure when hitting the github/login route, as per your documentation.
However this left me hanging with a blank page. Was solved by doing a redirect at the end of the route declaration.

e.g.

  Route::get('github/login', function() {
    try {
      OAuth::login('github',function($user, $details) {
    $user->username = $details->nickname;
    $user->email = $details->email;
    $user->confirmed = 1;
    $user->context = 'store';
    //    $user->name = $details->firstName . ' ' . $details->lastName;
    //    $user->profile_image = $details->imageUrl;
    $user->forceSave();
});

    } catch (ApplicationRejectedException $e) {
      //
    } catch (InvalidAuthorizationCodeException $e) {
      // Authorization was attempted with invalid
      // code,likely forgery attempt
    }
    return Redirect::intended();
 });

just wanted to say thanks as well

Is it possible to post custom requests, i.e. to the GitHub API, to pull other data, or is the functionality strictly limited to authentication?

Hey Adam, I'm using this library on Google App Engine which doesn't allow curl requests. Guzzle 4.0 and removes this dependency and I'm having no issues after upgrading to guzzle 5.2 on my fork.

Is there any reason I should be concerned or any reasoning as to why you chose such an older version of guzzle?

Hi I cannot seem to find a way how to send more parameters to google? E.g I need to send the request to

https://accounts.google.com/o/oauth2/auth?
client_id=424911365001.apps.googleusercontent.com&
response_type=code&
scope=openid%20email&
redirect_uri=https://oa2cb.example.com/&
state=security_token%3D138r5719ru3e1%26url%3Dhttps://oa2cb.example.com/myHome&
login_hint=[email protected]&
openid.realm=example.com&
hd=example.com

and that hd=example.com is actually what I need. I'm trying to restrict the access to specific domain. Is that currently possible? Thanks

In 5.0.2 it appears that things have changed which causes existing apps to break when they update to this version since the ServiceProvider is missing.

It is a tag, but the readme doesn't specify that this should be used.

I have a problem is when it comes redirects from instagram no data to store in the database.

No abut the error so that it can solve

SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'email' cannot be null (SQL: insert into `users` (`email`, `name`, `updated_at`, `created_at`) values (, , 2015-04-21 02:42:40, 2015-04-21 02:42:40))

When receiving a github URI Mismatch error, I get the following error from Laravel:

Class 'AdamWathan\EloquentOAuth\EloquentOAuthServiceProvider' not found

My providers in app.php has the following:

'AdamWathan\EloquentOAuth\EloquentOAuthServiceProvider',

I have the following in my routes.php:

use AdamWathan\EloquentOAuth\Exceptions\ApplicationRejectedException;
use AdamWathan\EloquentOAuth\Exceptions\InvalidAuthorizationCodeException;


Route::get('github/authorize', ['as' => 'github.authorize', 'uses' => function() {
//  dd(route('github.login'));
    return OAuth::authorize('github');
}]);
Route::get('github/login', ['as' => 'github.login', 'uses' => function() {
    try {
        OAuth::login('github', function($user, $details) {
            $user->nickname = $details->nickname;
            $user->firstName = $details->firstName;
            $user->lastName = $details->lastName;
            $user->avatar = $details->imageUrl;
            dd($user);
            $user->save();
        });
    } catch (ApplicationRejectedException $e) {
        // User rejected application
    } catch (InvalidAuthorizationCodeException $e) {
        // Authorization was attempted with invalid
        // code,likely forgery attempt
    }

    // Current user is now available via Auth facade
    $user = Auth::user();

    return Redirect::intended();
}]);

This package is excellent.

I notice that there is no Provider for twitter at the moment. Is this something that you would accept a pull request for?

The difficulty with the twitter API is they don't return the users email address so in your app you might not want to add $user->confirmed = false; into the call back and in the controller redirect the user to a complete sign up page where they verify their email and you would have an App::before filter to protect again unconfirmed users. Does this sound about right?

Thanks

Can this package be extended with the option to authorise to an already existing account? For me this would be very useful.

I have started a Disqus provider and its work but I have edited some files in your package. Can I open a PR and can you help me to make this Disqus Provider less dirty ?

Hi,

I'm getting the following error.

    SQLSTATE[HY000]: General error: 1364 Field 'name' doesn't have a default value (SQL: insert into `users` (`updated_at`, `created_at`) values (2015-03-10 22:46:19, 2015-03-10 22:46:19))

This is the 'simple' code i'm using

public function authorize()
    {
        return OAuth::authorize('facebook');
    }

    public function login()
    {
        try {
            Oauth::login('facebook');
        } catch(ApplicationRejectedException $e) {
            // Add errors if users reject
        } catch(InvalidAuthorizationCodeException $e) {
            // Add errors if csrf
        }

        //$user = Auth::user();
        //return Redirect::intended();
    }

Any idea what might be going wrong? Thanks!

Hi,

I read your readme. It lists custom provider documentation as well as "stop saving token as its totally single time use"...

Our need is to integrate with a custom provider with whom we need to get the token once and then the integration link stays on as long as the user decides to unlink. The token will be used for backend syncing of application data to this custom API. So there is no user session going on.

Have you thought of this kind of use scenario? For us it has been a pain to realize every package out there is strictly for session based auth purposes, with a limited set of big providers, and without clear documentation on how to create custom integrations.

• Point to separate wrapper packages for L4 and L5
• Move installation instructions for each version to the appropriate wrapper

Is it possible to use the extra permissions with Eloquent-OAuth? My app uses user_about_me, user_birthday and user_location as extra permissions. I would like to save the about, birthday, languages and city of a person with these.

My current code looks like this but doesn't put anything but the username, email, first_name, last_name and avatar in the table.

Facebook asks to use these permissions when I login, but doesn't seem to use them after that.

Routes.php

Route::get('facebook/login', function() {
    try {
        OAuth::login('facebook', function($user, $details) {
            $user->username = $details->firstName . ' ' . $details->lastName;
            $user->email = $details->email;
            $user->first_name = $details->firstName;
            $user->last_name = $details->lastName;
            $user->birthday = $details->birthday;
            $user->avatar = $details->imageUrl;
            $user->gender = $details->gender;
            $user->about = $details->about;
            $user->city = $details->location;
            $user->lang = $details->languages;
            $user->save();
        });
    } catch (ApplicationRejectedException $e) {
        // User rejected application
    } catch (InvalidAuthorizationCodeException $e) {
        // Authorization was attempted with invalid
        // code,likely forgery attempt
    }

    // Current user is now available via Auth facade
    $user = Auth::user();

    return Redirect::intended();
});

eloquent-oauth.php
Facebook

'scope' => ['email', 'public_profile',  'user_about_me', 'user_birthday', 'user_location'],

Hi,

Great package.

I just testet with postgresql 9.4 and I had to change my schema to allow nulls before it was working.

Schema::create('users', function(Blueprint $table)
{
$table->increments('id');
$table->string('name')->nullable();
$table->string('email')->unique()->nullable();
$table->string('password', 60)->nullable();

I dont know if you can check for this in your code and populate default values for the fillable fields if there are a match.