Download the PHP package overtrue/socialite without Composer

On this page you can find all versions of the php package overtrue/socialite. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package socialite

Socialite

Socialite is an OAuth2 Authentication tool. It is inspired by laravel/socialite, You can easily use it in any PHP project. 中文文档

GitHub release (latest SemVer) GitHub License Packagist Downloads

Sponsor me

This tool now supports platforms such as Facebook, GitHub, Google, Figma, LinkedIn, Outlook, QQ, Tapd, Alipay, Taobao, Baidu, DingTalk, Weibo, WeChat, Douyin, Feishu, Douban, WeWork, Tencent Cloud, Line, Gitee.

如果你喜欢我的项目并想支持它,点击这里 :heart:

Requirement

Installation

Usage

Users just need to create the corresponding configuration variables, then create the authentication application for each platform through the tool, and easily obtain the access_token and user information for that platform. The implementation logic of the tool is referred to OAuth2 documents of major platforms for details.

The tool is used in the following steps:

  1. Configurate platform config
  2. Use this tool to create a platform application
  3. Let the user redirect to platform authentication
  4. The server receives a Code callback from the platform, and uses the Code to exchange the user information on the platform (including access_token).

Packages created for Laravel users are easier to integrate: overtrue/laravel-socialite

authorize.php:

callback.php:

Configuration

Each create uses the same configuration keys: client_id, client_secret, redirect.

Example:

Custom app name

You can use any name you like as the name of the application, such as foo, and set provider using provider key:

Extends custom provider

You can create application from you custom provider easily,you have to ways to do this:

  1. Using custom creator: As shown in the following code, the service provider name is defined for the Foo application, but the tool itself does not support it, so use the creator extend() to create an instance of the service provider as a closure function.

  2. Using provider:

👋🏻 Your custom provider class must be implements of Overtrue\Socialite\Contracts\ProviderInterface.

then set provider with the class name:

Platform

Different platforms have different configuration methods, so please check the platform Settings you are using.

Alipay

You must have the following configuration.

Only RSA2 personal private keys are supported, so stay tuned if you want to log in with a certificate.

DingTalk

Follow the documentation and configure it like following.

Note: It only supported QR code access to third-part websites. i.e exchange for user information(opendid, unionid and nickname)

Douyin

Note: using the Douyin create that if you get user information directly using access token, set up the openid first. the openid can be obtained by code when access is obtained, so call userFromCode() automatically configured for you openid, if call userFromToken() first call withOpenId()

TouTiao

Note: using the toutiao create that if you get user information directly using access token, set up the openid first. the openid can be obtained by code when access is obtained, so call userFromCode() automatically configured for you openid, if call userFromToken() first call withOpenId()

XiGua

Note: using the xigua create that if you get user information directly using access token, set up the openid first. the openid can be obtained by code when access is obtained, so call userFromCode() automatically configured for you openid, if call userFromToken() first call withOpenId()

Baidu

You can choose the form you want display by using withDisplay().

popup mode is the default setting with display. basic is the default with scopes.

Feishu

Some simple way to use by internal app mode and config app_ticket.

Taobao

You can choose the form you want display by using withView().

web mode is the default setting with display. user_info is the default with scopes.

WeChat

We support Open Platform Third-party Platform webpage authorizations on behalf of Official Account.

You just need input your config like below config. Official Accounts authorizations only doesn't need.

Some Skill

Scopes

Before redirecting the user, you may also set "scopes" on the request using the scopes() method. This method will overwrite all existing scopes:

Redirect URL

You may also want to dynamically set redirect_uri,you can use the following methods to change the redirect_uri URL:

State

Your app can use a state parameter for making sure the response belongs to a request initiated by the same user, therefore preventing cross-site request forgery (CSFR) attacks. A CSFR attack occurs when a malicious attacker tricks the user into performing unwanted actions that only the user is authorized to perform on a trusted web application, and all will be done without involving or alerting the user.

Here's the simplest example of how providing the state can make your app more secure. in this example, we use the session ID as the state parameter, but you can use whatever logic you want to create value for the state.

Redirect with state parameter

Validate the callback state

Once the user has authorized your app, the user will be redirected back to your app's redirect_uri. The OAuth server will return the state parameter unchanged. Check if the state provided in the redirect_uri matches the state generated by your app:

Read more about state parameter

Additional parameters

To include any optional parameters in the request, call the with() method with an associative array:

User interface

Standard user api:

You can fetch the user attribute as a array keys like these:

Or using the method:

Get raw response from OAuth API

The $user->getRaw() method will return an array of the API raw response.

Get the token response when you use userFromCode()

The $user->getTokenResponse() method will return an array of the get token(access token) API response.

Note: This method only return a valid array when you use userFromCode(), else will return null because use userFromToken() have no token response.

Get user with access token

Enjoy it! :heart:

Reference

Sponsor me

Project supported by JetBrains

Many thanks to Jetbrains for kindly providing a license for me to work on this and other open-source projects.

PHP 扩展包开发

想知道如何从零开始构建 PHP 扩展包?

请关注我的实战课程,我会在此课程中分享一些扩展开发经验 —— 《PHP 扩展包实战教程 - 从入门到发布》

License

MIT


All versions of socialite with dependencies

PHP Build Version
Package Version
Requires php Version >=8.0.2
ext-json Version *
ext-openssl Version *
guzzlehttp/guzzle Version ^7.0
symfony/http-foundation Version ^6.0
symfony/psr-http-message-bridge Version ^2.1

The package overtrue/socialite contains the following files

Loading the files please wait ....