OAuth by FriendsOfFlarum

License Latest Stable Version Total Downloads OpenCollective

A Flarum extension. Allow users to log in with various OAuth providers

Bundled providers

By default these providers are included:

  • Discord
  • Facebook
  • Github
  • Gitlab
  • Google
  • LinkedIn
  • Twitter

Additional providers

Additional OAuth providers are available for this extension. Here's a handy list of known extensions, let us know if you know of any more and we'll get them added!

Screenshots

Default provider settings example
provider setup example

Login/signup example with Github, Twitter, Twitch and Google enabled.
example login

Installation

composer require fof/oauth

Updating

composer update fof/oauth
php flarum cache:clear

Configuration

Translation

You can replace the text for the forum sign in buttons in two ways.

  • Use fof-oauth.forum.providers.<name> to replace the name of the provider on the forum side
  • Use fof-oauth.forum.log_in.with_<name>_button to replace the entire button "Log In with <name>" text

Extending

It is possible to add additional Providers using an extender. See OAuth-Amazon for an example of how to accomplish this but basically:

  • In your new extension, require fof/oauth as a dependency
  • Define a new Provider which extends FoF\OAuth\Provider
  • From your new extensions extend.php, register the provider (new FoF\OAuth\Extend\RegisterProvider(MyNewProvider::class))
  • Provide the required translations under the fof-oauth namespace. See the linked example extension for details on which keys are required.
  • (optionally) Provide an admin panel link to fof/oauth for easy configuration. Again, see the linked example.
  • (optionally) Provide any CSS required to style your new login button. See the linked example.

Links

OpenCollective

An extension by FriendsOfFlarum.

    7 days later

    When I remember correctly, those extensions only allowed signing-up via those providers and using them for signing-in later on. Is it now also possible to connect existing accounts (with classic username/password) with those providers?

      pkernstock this extension works just like the core extensions worked in the past.

      It's all email-based. Whether you previously logged in with a social login doesn't matter.

      If you use social login and an account already exists with that email, you will be logged into it.

      If you have an account that only used social login, you can use the forgotten password feature to set a password and enable password login.

      does this support only using social login as an alternative to user/pass?

      ragards

        CSDA1 you cannot disable password login with this extension.

        You can hide the password login fields with CSS if you want to promote social login, but people with the necessary know-how count still create password accounts via the REST API.

        Why would you need to disable password login though? Password reset/login also allows users who might have deleted their Facebook/Twitter/... account to regain access to the forum without having to contact the webmaster.

        7 days later

        Communitybuilder Not on the FoF team so I can't say, with that said if someone made a good PR I'm sure the FoF team would look into it. The big problem with Google though is that they require their logo to be shown in color to approve mass deployment of things, so it's not quite as simple as choosing the Font Awesome icon to display.

          lukeeexd You need to set the redirect URI of the Discord application to what the modal tells you - see screenshot below

          img

            I think found a bug (or maybe not). If a avatar is not set a person cannot login via discord. Here is what the debug looks like.

            
            POST https://mydomainname/register
            
            Intervention\Image\Exception\NotReadableException: Unable to init from given url (https://cdn.discordapp.com/avatars/0.png). in file /home/pxpocvvj/forum/vendor/intervention/image/src/Intervention/Image/AbstractDecoder.php on line 84
            Stack trace:
              1. Intervention\Image\Exception\NotReadableException->() /home/pxpocvvj/forum/vendor/intervention/image/src/Intervention/Image/AbstractDecoder.php:84
              2. Intervention\Image\AbstractDecoder->initFromUrl() /home/pxpocvvj/forum/vendor/intervention/image/src/Intervention/Image/AbstractDecoder.php:330
              3. Intervention\Image\AbstractDecoder->init() /home/pxpocvvj/forum/vendor/intervention/image/src/Intervention/Image/AbstractDriver.php:66
              4. Intervention\Image\AbstractDriver->init() /home/pxpocvvj/forum/vendor/intervention/image/src/Intervention/Image/ImageManager.php:54
              5. Intervention\Image\ImageManager->make() /home/pxpocvvj/forum/vendor/flarum/core/src/User/Command/RegisterUserHandler.php:139
              6. Flarum\User\Command\RegisterUserHandler->uploadAvatarFromUrl() /home/pxpocvvj/forum/vendor/flarum/core/src/User/Command/RegisterUserHandler.php:121
              7. Flarum\User\Command\RegisterUserHandler->applyToken() /home/pxpocvvj/forum/vendor/flarum/core/src/User/Command/RegisterUserHandler.php:93
              8. Flarum\User\Command\RegisterUserHandler->handle() /home/pxpocvvj/forum/vendor/illuminate/bus/Dispatcher.php:90
              9. Illuminate\Bus\Dispatcher->Illuminate\Bus\{closure}() /home/pxpocvvj/forum/vendor/illuminate/pipeline/Pipeline.php:130
             10. Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() /home/pxpocvvj/forum/vendor/illuminate/pipeline/Pipeline.php:105
             11. Illuminate\Pipeline\Pipeline->then() /home/pxpocvvj/forum/vendor/illuminate/bus/Dispatcher.php:98
             12. Illuminate\Bus\Dispatcher->dispatchNow() /home/pxpocvvj/forum/vendor/illuminate/bus/Dispatcher.php:76
             13. Illuminate\Bus\Dispatcher->dispatch() /home/pxpocvvj/forum/vendor/flarum/core/src/Api/Controller/CreateUserController.php:45
             14. Flarum\Api\Controller\CreateUserController->data() /home/pxpocvvj/forum/vendor/flarum/core/src/Api/Controller/AbstractSerializeController.php:96
             15. Flarum\Api\Controller\AbstractSerializeController->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Api/Controller/AbstractCreateController.php:22
             16. Flarum\Api\Controller\AbstractCreateController->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Api/Client.php:72
             17. Flarum\Api\Client->send() /home/pxpocvvj/forum/vendor/flarum/core/src/Forum/Controller/RegisterController.php:58
             18. Flarum\Forum\Controller\RegisterController->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/RouteHandlerFactory.php:38
             19. Flarum\Http\RouteHandlerFactory->Flarum\Http\{closure}() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/DispatchRoute.php:65
             20. Flarum\Http\Middleware\DispatchRoute->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             21. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/fof/ban-ips/src/Middleware/RegisterMiddleware.php:93
             22. FoF\BanIPs\Middleware\RegisterMiddleware->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             23. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/fof/oauth/src/Middleware/ErrorHandler.php:46
             24. FoF\OAuth\Middleware\ErrorHandler->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             25. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/kilowhat/flarum-ext-audit-free/src/Middlewares/SetLoggerActor.php:28
             26. Kilowhat\Audit\Middlewares\SetLoggerActor->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             27. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/ShareErrorsFromSession.php:57
             28. Flarum\Http\Middleware\ShareErrorsFromSession->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             29. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/SetLocale.php:50
             30. Flarum\Http\Middleware\SetLocale->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             31. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/CheckCsrfToken.php:45
             32. Flarum\Http\Middleware\CheckCsrfToken->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             33. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/AuthenticateWithSession.php:32
             34. Flarum\Http\Middleware\AuthenticateWithSession->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             35. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/RememberFromCookie.php:51
             36. Flarum\Http\Middleware\RememberFromCookie->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             37. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/StartSession.php:61
             38. Flarum\Http\Middleware\StartSession->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             39. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/CollectGarbage.php:46
             40. Flarum\Http\Middleware\CollectGarbage->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             41. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/ParseJsonBody.php:28
             42. Flarum\Http\Middleware\ParseJsonBody->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             43. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Middleware/HandleErrors.php:57
             44. Flarum\Http\Middleware\HandleErrors->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             45. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/MiddlewarePipe.php:84
             46. Laminas\Stratigility\MiddlewarePipe->process() /home/pxpocvvj/forum/vendor/middlewares/request-handler/src/RequestHandler.php:84
             47. Middlewares\RequestHandler->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             48. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/middlewares/base-path-router/src/BasePathRouter.php:97
             49. Middlewares\BasePathRouter->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             50. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Middleware/OriginalMessages.php:42
             51. Laminas\Stratigility\Middleware\OriginalMessages->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             52. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/middlewares/base-path/src/BasePath.php:53
             53. Middlewares\BasePath->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/Next.php:61
             54. Laminas\Stratigility\Next->handle() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/MiddlewarePipe.php:84
             55. Laminas\Stratigility\MiddlewarePipe->process() /home/pxpocvvj/forum/vendor/laminas/laminas-stratigility/src/MiddlewarePipe.php:73
             56. Laminas\Stratigility\MiddlewarePipe->handle() /home/pxpocvvj/forum/vendor/laminas/laminas-httphandlerrunner/src/RequestHandlerRunner.php:96
             57. Laminas\HttpHandlerRunner\RequestHandlerRunner->run() /home/pxpocvvj/forum/vendor/flarum/core/src/Http/Server.php:42
             58. Flarum\Http\Server->listen() /home/pxpocvvj/forum/public/index.php:26

            I set a profile pic to the same account and logged in, then it worked fine.

            lukeeexd If you click the OAuth tab you can add as many redirects as you need. See screenshot below.

            screenshot