Both providers use the same urls for requesting tokens and api calls:

https://github.com/SocialiteProviders/Providers/blob/master/src/Microsoft-Graph/Provider.php#L33
https://github.com/SocialiteProviders/Providers/blob/master/src/Microsoft-Live/Provider.php#L32

The Microsoft-Azure provider uses the deprecated V1.0 api, but i do like the configurable "tenant"
https://github.com/SocialiteProviders/Providers/blob/master/src/Microsoft-Azure/Provider.php#L36

Would it be ok if I:

• Create a new provider "microsoft"
• Mark these 3 as deprecated

https://api.vk.com/method/users.get?access_token={token}&fields=uid,email,first_name,last_name,screen_name,photo&v=3.0 Such kind of request doesn't return a email value. In verison 3.0.1 everything was working except of using version as required get param.

I use Laravel 5.4 with Socialite Providers (http://socialiteproviders.github.io/providers/twitter/)

I want build an application with two Twitter services with no the same credentials.

I use this in services.php:

'twitter' => [
    'client_id' => env('TWITTER_KEY'),
    'client_secret' => env('TWITTER_SECRET'),
    'redirect' => env('TWITTER_REDIRECT_URI'),
],

I have this to my controller:

$config = new SocialiteProvidersConfig(
    env('TWITTER_CONSUMER_KEY_2'),
    env('TWITTER_CONSUMER_SECRET_2'),
    env('TWITTER_REDIRECT_URI_2')
);

return Socialite::with('twitter')->setConfig($config)->redirect();

I have my credentials to .env:

TWITTER_KEY=
TWITTER_SECRET=
TWITTER_REDIRECT_URI=

TWITTER_CONSUMER_KEY_2=xxx
TWITTER_CONSUMER_SECRET_2=xxx
TWITTER_REDIRECT_URI_2=http://localhost/twitter/login/callback

TWITTER_CONSUMER_KEY_3=xxx
TWITTER_CONSUMER_SECRET_3=xxx
TWITTER_REDIRECT_URI_3=http://localhost/twitter/login/callback

But, I have this error when I try to connect my Twitter account:

Received HTTP status code [400] with message
"{"errors":[{"code":215,"message":"Bad Authentication data."}]}" when
getting temporary credentials.

I have the impression that the configuration is not taken into account.

According to https://vk.com/dev/version_update, you should include version as get param in your requests. For example:

$response = $this->getHttpClient()->get( 'https://api.vk.com/method/users.get?v=5&user_ids='.$token['user_id'].'&fields='.implode(',', $this->fields).$lang.'&https=1' );

https://github.com/SteeinRu/oauth2-steein - This package includes many, additional components

It's possible?

Hello,

I'm not sure that I have to post the issue here but the flickr socialite provider keeps asking to grant permissions each time I call to login. I've manage to save the responded user and save it to the session. Is that the way flickr works?

Will there be support for the Google Drive login as a socialite provider?

Can't use the dribble provider without editing directly in the vendor file..

Needs updating.

Hi, Have you ever considered a provider for the NEST API? :)

is there a way to make a user accept a discord invite through the discord provider?

Would it be possible to add a normalized profileUrl to all providers. Facebook returns this in the provider->user object but providers like twitter do not. It would be beneficial to have this for other providers as well: twitter, google (when plus is enabled), twitch and others.

This attribute is very helpful in helping users know which social account is being used with that provider. Sometimes they have more than one account with the provider or are not sure which account is linked.

If this seems like an acceptable change I would be happy to make the appropriate PR to accomplish this.

It's been months and I've been using it on my old project. But now for 5.4 it's in dire need of an update and a proper release so we don't have to change minimum-stability

I know this is kind weid but i have an application that utilized laravel sociate and extenstion...
i never used the built in twitter and facebook, so i can change config based on user...

but the normal behaviour would be, is if im already authenticated by laravel passport...
then i tried to authenticated via facebook or twitter,
my old token is being invalidated,

i wanna know what method that really makes this happens,
my hunch is mapUserToObject but i belive this is just mapping the credentials fetched from any service provider...

maybe the setToken ,method in Class
vendor\laravel\socialite\src\Two\User.php
vendor\laravel\socialite\src\One\User.php

I wouldnt like to messed up built in functionality
But i would like to remove or avoid calling setToken

Can someone help me with this?
I just wanna return the userdetails and tokens after they authenticated in facebook or twitter...
but i dont want to authenticate them anymore in my app since they are authenticated already

hope someone can drop a good pointers for this thanks

Expected Behavior:
Click Login/Signup
Redirect you url https://(slackteam).slack.com/oauth/
Click 'Continue'
At Dashboard.

Current Behavior:
Click Login/Signup
Redirect you url https://(slackteam4).slack.com/oauth/
ERROR: OAuth Error: invalid_team_for_non_distributed_app

How to Reproduce:

1. Login to slackteam1 https://(slackteam).slack.com/
2. Login to slackteam4 https://(slackteam4).slack.com/
3. Go to your Login page on laravel. Click slack Login

I assume need a way to direct people to the correct slackteam oauth url. Might need another configuration.

I have used Laravel Socialite with default configuration another social like google,Facebook,Twitter is work fine but when I create Linkedin it respond as below errors

"require": {
"php": ">=5.6.4",
"laracasts/flash": "^2.0",
"laravel/framework": "5.4.*",
"laravel/socialite": "^3.0",
"laravel/tinker": "~1.0",
"nesbot/carbon": "^1.22",
"socialiteproviders/google": "^3.0",
"socialiteproviders/linkedin": "^3.0",
"socialiteproviders/twitter": "^3.0",
"twbs/bootstrap": "4.0.0-alpha.6"
},

vendor/socialiteproviders/linkedin/Provider.php line 76:
Call to undefined method Illuminate\Session\Store::set()

Thank for help

Hello

I'd like to ask the user to give consent every time they login. But the current Microsoft Azure Provider doesn't allow the prompt setting.

Could you please add it? Or is it OK if I submit a pull request?

Regards

The grant_type parameter seems to be correct according to the API docs: https://buffer.com/developers/api/oauth

Here's a partial dump of the stack trace from the point where my code hands over to the Buffer provider.

in RequestException.php line 111
at RequestException::create(object(Request), object(Response)) in Middleware.php line 65
at Middleware::GuzzleHttp\{closure}(object(Response)) in Promise.php line 203
at Promise::callHandler('1', object(Response), array(object(Promise), object(Closure), null)) in Promise.php line 156
at Promise::GuzzleHttp\Promise\{closure}() in TaskQueue.php line 47
at TaskQueue->run(true) in Promise.php line 246
at Promise->invokeWaitFn() in Promise.php line 223
at Promise->waitIfPending() in Promise.php line 267
at Promise->invokeWaitList() in Promise.php line 225
at Promise->waitIfPending() in Promise.php line 62
at Promise->wait() in Client.php line 129
at Client->request('post', 'https://api.bufferapp.com/1/oauth2/token.json', array('headers' => array('Accept' => 'application/json'), 'form_params' => array('client_id' => <snip>, 'client_secret' => <snip>, 'code' => <snip>, 'redirect_uri' => 'http://<snip>/buffer/callback', 'grant_type' => 'authorization_code'), 'synchronous' => true)) in Client.php line 87
at Client->__call('post', array('https://api.bufferapp.com/1/oauth2/token.json', array('headers' => array('Accept' => 'application/json'), 'form_params' => array('client_id' => <snip>, 'client_secret' => <snip>, 'code' => <snip>, 'redirect_uri' => 'http://<snip>/auth/buffer/callback', 'grant_type' => 'authorization_code')))) in AbstractProvider.php line 255
at AbstractProvider->getAccessTokenResponse(<snip>) in AbstractProvider.php line 35
at AbstractProvider->user() in SocialAuthController.php line 111

I know I could use Facebook provider for the default socialite provided by laravel, but laravel socialite doesn't provide a way for me to modify the redirect url (for dynamic url).

Hence, the i decided to use this package, but I discovered that there is no Facebook provider available.

It looks like $this->config, is used, but never defined.

After the authentication screen, on the callback when I try to run:

Socialite::driver('flickr')->user()

I get the following error:

FatalThrowableError in Server.php line 107:
Call to undefined method GuzzleHttp\Psr7\Response::send()

I'm using the microsoft-azure provider and I get the following error message on the callback.

"error":"invalid_request","error_description":"AADSTS90014: The request body must contain the following parameter: 'client_id'

This is the code I'm using.

$config = new \SocialiteProviders\Manager\Config($config->client_id, $config->client_secret, $config->redirect_url, [
    'tenant' => $config->tenant_id
]);

return Socialite::with('azure')->setConfig($config)->redirect();

And then on the callback I run;

try {
    $user = Socialite::driver('azure')->user();
} catch (Exception $e) {
    dd($e->getResponse()->getBody()->getContents());
}

And it falls in the catch and returns the message above.

Any thoughts?

When handling the OAuth callback from JIRA:

$user = Socialite::driver('jira')->setConfig($config)->user()

if the user denies the OAuth request, the Socialite provider throws a Client Exception with this message:

Client error: 'POST https://JIRA_BASE_URI/plugins/servlet/oauth/access-token?oauth_verifier=denied' resulted in a '401 Unauthorized response: oauth_problem=permission_denied'

(Note: my base URI is configured, I've just swapped it for 'JIRA_BASE_URI' for privacy).

What I understand from this is that the provider is assuming that the user has authorised the consumer and is attempting to retrieve the access token from JIRA.

As I can't seem to find any official documentation on this matter, what would be the best way to handle it?

The twitter provider blocks artisan from running If you do not specify a value for client_id and client_secret in config/services.php. The setup could be like this where you defer the values to the .env file:

    'twitter' => [
        'client_id' => env('TWITTER_KEY'),
        'client_secret' => env('TWITTER_SECRET'),
        'redirect' => env('TWITTER_REDIRECT_URI')
    ],

Typically when you deploy your app through some CI you might not have the .env file when running composer install and thus php artisan optimize.

Other providers like Facebook and Instagram has no issues with this.

Sample error:

$ php artisan --help

  [InvalidArgumentException]
  Missing client credentials key [secret] from options.

ps: A temporary solution, if you have this problem, is to just provide a dummy default value until an .env can be placed.

Hey there, if this is the wrong place for this kind of post please direct me to the proper one.

I'm attempting to use the JIRA Socialite provider and cannot get it to work.

I have generated the jira.pem and jira.pub keys and they seem to be loaded fine, I've also added the application link to my JIRA instance and ensured the jira.pub key is pasted in the "Incoming Authentication" section. Still nothing works: attempting Socialite::with('jira')->redirect(); returns:

Received HTTP status code [401] with message "oauth_problem=consumer_key_unknown" when getting temporary credentials.

How do I properly use this provider? JIRA seems different from most of the other providers in the way the generic app is granted access, and that difference is not documented in the stub documentation of this particular provider.

My config/services.php block:

'jira' => [
        'client_id' => env('JIRA_KEY'),
        'client_secret' => env('JIRA_SECRET'),
        'redirect' => env('JIRA_REDIRECT_URI'),
        'base_uri' => env('JIRA_BASE_URI'),
    ],

My .env settings:

JIRA_KEY="test123"
JIRA_SECRET='test123'
JIRA_REDIRECT_URI=http://laravel.dev/login
JIRA_BASE_URI=http://atlassian.dev:8090

Does anyone use this provider that can give some guidance?

I'm getting the following error on the callback of the Spotify provider:

Call to undefined method SocialiteProviders\Spotify\Provider::getAccessTokenResponse()

I'm on Laravel 5.4, might that be an issue? However, I'm using Laravel Socialite 3.0.0, which should be compatible.

I see in the docs that you, you may need to remove
Laravel\Socialite\SocialiteServiceProvider

but by default in laravel 5.5

the socialiteserviceprodiver is being loaded...

how can i disabled it then?

@faustbrian could you pls set up the auto update for Shopify package on Packagist. https://packagist.org/packages/socialiteproviders/shopify

An outdated and broken version there.

Hello,

can anyone confirm that SocialiteProviders/Xing is working?

Looks like XING disabled their API for new users. I am only able to create a "Login with XING Plugin" which provides me a consumer key & signature salt

Hi, do you have plans to natively implement adding the other available scopes in gateway v6 (guild list, connections specifically)? These are extremely helpful tidbits to have when creating a web UI for a bot.

Hi,

I have learned how to get a token after the login via OAuth 2 providers (like Envato), but the token expires after 1 hour.

Any way how to handle this case?

Thanks

Hi,

Telegram just released a way to login via your Telegram account. https://core.telegram.org/widgets/login.

Is there anyway to at least handle the callback by a socialite provider?

I refactored the original example into an Controller with comments for better understanding whats going on: https://gist.github.com/okaufmann/28fd45d6c91107380953123c2e1e4e03

I think its neither a OAuth1 nor OAuth2 way?

Thanks for every tip

All of the providers seem to have a PHP requirement of 5.6 || 7.0 registered in composer.json. This commit allowed use of the 2.0 socialiteproviders/manager branch which has PHP requirement of >=5.4.0.

Any reason for this? Happy to submit a PR that either removes the PHP requirement from each provider or change it to >=5.4.0

When using the current version of Microsoft Live provider, I was facing this problem:

Client error: 'POST https://login.live.com/oauth20_token.srf' resulted in a 400 Bad Request response: {"error":"invalid_request","error_description":"The provided request must include a 'code' input parameter."} in RequestException.php line 111

So I went out to figure out what was causing this issue. I checked the redirects URIs on the Microsoft Application Registration Portal and they were the same. As the returned url was pointing out [http://localhost:8000/auth/live/callback?error=unauthorized_client&error_description=The client does not have a secret configured. If you are the client application developer, configure a secret through the application management site at https://apps.dev.microsoft.com/.&state=8gIw(...)], I was using the PRIVATE KEY instead of the PASSWORD [PASSWORD should be the correct one] as the LIVE_SECRET on .env, but fixing it didn't solve the issue either.

Digging deeper, found someone facing similar issue, tried to learn more about the API flow to understand it's functions I found that they were replaced by a newer one.

They converged the multiple authorization (authentication consequently) as one service using the Microsoft Graph and the Azure AD v2.0 endpoint. So, from there, I was able to dig into the messy Microsoft documentation and find the solution. Using the v2.0 endpoints for Azure AD listed here and here and being guided by this tutorial.

Just as documentation:
Authorize access to web applications using OAuth 2.0 and Azure Active Directory
OAuth 2.0 Authorization Code Flow
Scopes, permissions, and consent in the Azure Active Directory v2.0 endpoint
Microsoft Graph permission scopes
User Entity - Declared properties for authenticated user entity.

Just to be clear: these new endpoints understand the nature of the Microsoft account used for the authorization (if work/student then redirects to a specific page, if "normal" outlook/live/hotmail account, redirects to another, I tested both of them). This may cause some confusion, as this is not just "Microsoft Live" auth only (or is it? Is Outlook 365 a part of "Microsoft Live"? I don't even know anymore heheh).

I didn't change Microsoft Azure, as this seems as an structural-decision I am not fully capable of making.

I can't figure out how thte shopify provider is getting the subdomain out of the incoming request _GET params.
It doesn't seem to be doing it at all - and the resulting invalid url it redirects to backs that up.
eg: https://.myshopify.com/admin/oauth/authorize....

Am I missing something?

Hello everyone!

I have been struggling to retrieve some more fields from the r_basicprofile scope (summary, specialties, positions).

In this provider, there is no configuration for the fields to request and changing them in the code made no difference.
https://github.com/SocialiteProviders/Providers/blob/master/src/LinkedIn/Provider.php line 96

        $response = $this->getHttpClient()->get(
            'https://api.linkedin.com/v1/people/~:(id,first-name,last-name,formatted-name,summary,specialties,email-address,headline,location,industry,positions,public-profile-url,picture-url,picture-urls::(original)', [
            'headers' => [
                'Accept-Language' => 'en-US',
                'x-li-format' => 'json',
                'Authorization' => 'Bearer '.$token,
            ],
        ]);

To get those fields, I had to mess with Socialite's official LinkedIn Provider
https://github.com/laravel/socialite/blob/3.0/src/Two/LinkedInProvider.php line 28

    protected $fields = [
        'id', 'first-name', 'last-name', 'formatted-name', 'summary', 'specialties',
        'email-address', 'headline', 'location', 'industry', 'positions',
        'public-profile-url', 'picture-url', 'picture-urls::(original)',
    ];

Is there any way to configure the fields to be requested?

Thank you in advance!

Lightopenid seems to have proxy support in the second argument of __construct (https://github.com/iignatov/LightOpenID/blob/master/openid.php#L44), I would like to see a config option that allows this to set: https://github.com/SocialiteProviders/Steam/blob/master/Provider.php#L30

Happy to submit a PR.

https://github.com/SocialiteProviders/Weixin-Web/tree/master

https://github.com/SocialiteProviders/Weixin-Web/tree/v3.0.0

I'm trying to implement stateless redirecting to twitter from my Lumen app, but every time it gives an error saying: Session store not set on request.

I followed all the installation instructions of the Twitter provider correctly.

Although the provider should automatically detect I want stateless, I extra noted it in the call:
return Socialite::driver('twitter')->stateless()->redirect();

Do you guys have an idea what might be wrong?

Am not sure if I am creating the issue at the right place. I started implement Google Authentication using the Google-Plus provider. Is there a way to allow only a single tld? For example if my Google Auth is being built on foo.com, I only want the auth to work with @foo.com and not any other email. Is there a config to do this or is there another way to implement this.

When using the stripe provider the docs call to add this to my ENV

STRIPE_KEY=yourkeyfortheservice
STRIPE_SECRET=yoursecretfortheservice
STRIPE_REDIRECT_URI=https://example.com/login  

The actual URL of the stripe oauth calls for the client_id and not the stripe key, which is whats being put into the URL. The client_id is created when you create an app in Stripe connect. That ID is what needs to be sent in the client_id parameter.

https://connect.stripe.com/oauth/authorize?client_id=pk_test_XXXXXXXXXX&redirect_uri

Is the current Instagram provider (https://github.com/SocialiteProviders/Instagram) compatible with new Instagram's Graph API integration?

If not, I will add a pull request for this.

Thanks

In my app, the pinterest provider is returning the full url as the nickname ($nickname = $matches[0];). DDing the array shows the correct information is in $matches[1];.

This URL 404s: http://socialiteproviders.github.io/providers/slack/

I found it at https://github.com/SocialiteProviders/Slack

The Shopify provider doesn't seem to be completely installed/released.

I had to go all the way to adding the Shopify provider's git url to the repositories array, because without it, Composer kept throwing "The requested package socialiteproviders/shopify could not be found in any version," errors.

In the process of troubleshooting, I also found that the Shopify provider only registers versions 1.0 and dev-master. There is no 2.0 version, like there is with the other providers.

(To compare, I did test installs of the Discord provider, which worked as expected by installing version 2.0 with the composer require command, meaning it's an issue with the Shopify provider and not my access to SocialiteProviders as a whole.)

Laravel 5.6 Driver [vkontakte] not supported

Twitter работает и Гугл не пойму что не так.

anyone knows which can be the issue?
it's with twitter provider.. and find this working for almost all the users.. but fail in 10/15 of almost 250 users...

using Laravel 5.4 and "socialiteproviders/twitter": "^3.0"

I have two services to connect with Socialite Provider:

use Laravel\Socialite\Facades\Socialite;
use \SocialiteProviders\Manager\Config;

public function connect_1() {
	$config1 = new Config(
	    env('TWITTER_CONSUMER_KEY_1'),
	    env('TWITTER_CONSUMER_SECRET_1'),
	    env('TWITTER_REDIRECT_URI_1'),
	    [
	        //
	    ]
	);

	return Socialite::with('twitter')->setConfig($config1)->redirect();
}

public function connect_2() {
	$config2 = new Config(
	    env('TWITTER_CONSUMER_KEY_2'),
	    env('TWITTER_CONSUMER_SECRET_2'),
	    env('TWITTER_REDIRECT_URI_2'),
	    [
	        //
	    ]
	);

	return Socialite::with('twitter')->setConfig($config2)->redirect();
}

But, I have this error when I try this code:

Configuration for TWITTER_KEY is missing. There is no services entry
for twitter

It would be nice to have a Mastodon Socialite provider that also allows the ability to pass in which instance you are attempted to authenticate to, since the instances are distributed.

Hello!

Could you pls update Slack on Packagist according to last updates.

Thanks!