FoF passport, the Laravel passport oauth extension

FriendsOfFlarum

Passport by FriendsOfFlarum

The Laravel Passport compatible oauth extension.

Installation

Use Bazaar or install manually:

composer require fof/passport

Updating from Flagrow

This extension replaces Flagrow Passport.

To upgrade from the old extension to the new one:

Backup your data!
Disable the Passport extension in the admin panel.
Run:

composer require fof/passport

Composer should let you know that flagrow/passport has been automatically removed.

Enable the new extension in the admin panel.
Your existing settings will be migrated to FoF Passport automatically.
You should be good to go! All URLs stay the same.

Configuration

In the extension settings, you have to fill the following data:

Setting | Example | Description
--- | --- | ---
OAuth authorization url | https://example.com/oauth/authorize | <your laravel install>/oauth/authorize
OAuth token url | https://example.com/oauth/token | <your laravel install>/oauth/token
Api URL providing user details when authenticated | https://example.com/api/user | Default Laravel installs have an /api/user route, otherwise point to a route returning the current user data (protected by the passport driver)
OAuth application id | 1 | The integer Client ID you've made in the Laravel app or via artisan passport:client
OAuth application secret | abcdefghijABCDEFGHIJabcdefghijABCDEFGHIJ | The Client secret provided by Laravel once you created the OAuth client
OAuth scopes to request | | Optional additional scopes to request during authorization, perhaps you want to protect the user url with a scope or add additional functionality
Label for login button | Login with Example | Label to place on the login button
Icon for login button | far fa-id-card | FontAwesome icon to place on the login button. List of available icons

Hint: When creating the OAuth client in your Laravel app, don't forget to set the redirect value to <your flarum install>/auth/passport or you might encounter invalid_client errors.

Links

An extension by FriendsOfFlarum

[deleted]

FriendsOfFlarum Awesome! Good job ?

jordanjay29

FriendsOfFlarum Links

Source code on GitHub

Brightside56 ^^

witech

FriendsOfFlarum Thank you for the plugin

I got it to work with MatterMost opensource team, was hoping to get it to work with WHMCS but have to fiddle around with that a bit more.

jacobgrillo

FriendsOfFlarum Is it possible to use this with Azure AD? If so, how?

MayankSethi

hey guys i tried using this command "composer require flagrow/passport" for installation of this package but it is giving error

[InvalidArgumentException]
Could not find package passport at any version for your minimum-stability (
stable). Check the package spelling or your minimum-stability
please help me with this

jordanjay29

MayankSethi You need to run this command in the flarum root folder. You can check that you're in the right place by running php flarum info and getting a successful response.

MayankSethi

yeah it worked thanks for that now how i should configure this with my laravel website?

luceos

MayankSethi follow the installation instructions of Laravel passport. After that the instructions in the OP should be obvious. If not let me know so I can improve them ?

MayankSethi

yeah i have enabled that i guess now i need to install laravel passport in my laravel then link both of them?

what should i fill in these
OAuth authorization url
OAuth token url
Api URL providing user details when authenticated etc......

luceos

MayankSethi once you've installed passport on laravel it should make sense (if you read that guide properly) also the defaults are already mentioned in the OP.

MayankSethi

i m trying to install that but my laravel is giving error while installing passport in it
anyway thanks for the help will get back to you if have any other problem that for the help

MayankSethi

hey guys I was having a situation here as I have talked to you about the falgrow passport I installed that successfully but the thing is that my project is in laravel framework version 5.2.* and I found out that it doesn't support laravel passport so is their any other way that I can use this thing as if I update the laravel framework it will broke my site can you guys help me with this as I want to use this as my forum for my website

clarkwinkelmann

MayankSethi I'm afraid you will have to update your Laravel install to use Passeport

Upgrade from 5.2 should not be too much of a pain, see https://laravel.com/docs/5.4/upgrade

If you encounter issues with your Laravel upgrade there are many places where you can ask for help (even here, but stackoverflow and laravel forums are probably better)

luceos

olidev You cannot use Laravel Passport on it without any package?

You need to configure this oauth2 driver as additional authorization driver next to the default username/password, github or twitter logins Flarum provides. So yes you need an extension to make this happen. This extension is named after the Laravel passport library, but it works with any OAuth 2 server adhering to conventions.

hassanalvi20

Problem 1
- Installation request for flagrow/passport ^0.2.0@beta -> satisfiable by flagrow/passport[0.2.0-beta].
- flagrow/passport 0.2.0-beta requires flarum/core ^0.1.0-beta.8 -> satisfiable by flarum/core[0.1.x-dev] but these conflict with your requirements or minimum-stability.

how to reslove this

hassanalvi20

Using version ^0.2.0@beta for flagrow/passport
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.

Installation failed, reverting ./composer.json to its original content.

luceos

hassanalvi20 use this

composer require "flagrow/passport:*"

poVoq

Laravel Passport, which provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Alex Bilbie.

Am I assuming right that this will also work with other OAuth2 servers, or only this specific one?

luceos

poVoq works with pretty much all oath 2 servers.

Brightside56

luceos , I would like to allow users sign in to my forum only using OAuth2 provider (laravel passport) without possibility to create forum account manually. Do you plan to implement such functionality? I would like just to see "sign in using xxx" button. Also when user is authentificating using oauth, forum needs to associate it's oauth record with forum account and this process is not intuitive.

luceos

Brightside56 without possibility to create forum account manually

This is an existing core request: flarum/core641

Brightside56 Also when user is authentificating using oauth, forum needs to associate it's oauth record with forum account and this process is not intuitive.

I think that's still possible using the events the extension provides. You can listen to them and fill any columns you so please, see https://github.com/flagrow/passport/blob/master/src/Events/SendingResponse.php

Brightside56

luceos I think that's still possible using the events the extension provides. You can listen to them and fill any columns you so please, see https://github.com/flagrow/passport/blob/master/src/Events/SendingResponse.php

No, it's not solution I need. In case there is no account on forum with such social provider I need to inform user that he need to register new account or login via his existing account to connect social record with forum account.

Also, if someone creates account on oauth side with email which belongs to forum admin, he can get admin permissions on forum (login as admin), because there is no email validation mechanisms on oauth side or they are, but optional, and newly created user will be able to login on forum with not confirmed email of admin.