Authentication in Laravel (8.x)with OAuth providers
In this article, we will see how to authenticate a user in a Laravel application using OAuth providers like Google, Twitter, Github, or any other third party providers. But first what exactly is “OAuth Authentication”?
OAuth is an authentication protocol that allows you to approve one application interacting with another on your behalf without giving away your password. Since it does not share the data about passwords then how it proves the identity between consumers and service providers? The answer is OAuth protocol uses authorization tokens to prove the identity of oneself.
How OAuth Works?
To understand how OAuth works first find out all the actors involved in the process. In an OAuth protocol, there are mainly three actors within a system range often called the OAuth love triangle.
1- User (Adam)
Suppose Adam is surfing a website called “Procci” and wanted to log in through his GitHub profile.
2- Consumer (Procci in this case)
The second actor is a consumer which requests the data in this scenario it is “Procci” who is requesting data from GitHub.
3- Service provider
The third very important actor is a service provider in our case it is Github.
Now a user (Adam) who is surfing the web will allow the website “Procci” to access its Github profile information by triggering an event after the event the consumer website will contact Github service and will ask for user information and in response to that request after identification, Github will give the token and secret key which we can be saved on the “Procci” website. To implement this functionality we are going to use a Laravel package called “Socialite”. So let's do it first install the “Socialite Package”.
composer require laravel/socialite;
After successful installation of the package open the config/services.php file and add the following lines of code.
‘github’ => [
‘client_id’ => env(‘GITHUB_CLIENT_ID’),
‘client_secret’ => env(‘GITHUB_CLIENT_SECRET’),
‘redirect’ => env(‘GITHUB_REDIRECT’),
Now go to your GitHub account and go to Settings/Developer settings. Look for OAuth apps option click it and great a new app.
Homepage URL will be your home page of the requesting site whereas the callback URL will be HTTP://your-home-page/auth/callback. After registering your app you will client and secret credentials from GitHub put them in your .env file.
Now that is set up you have to define two routes. One for redirecting the user to the OAuth provider and when is handle the callback situation from service provider. So go to your web.php file and write these two routes.
Now create a LoginController and in it define two methods 1-redirect and other is userInfo with following lines of code.
Now you can visit your site's home page/auth/redirect page and it will ask for your permission to access your profile information and after permitting and everything went well it will redirect you to the dashboard or whatever view you specify in the userInfo function.
That’s it folks I hope you will get it.