I am currently trying to get this to work on NextClouds OAuth2, but I cannot figure it out.
What do I have to enter when there's the /api/user information?
FoF passport, the Laravel passport oauth extension
a month later
- Edited
Hello. I'm trying to integrate this fof/passport with a Django based authentication provider (Django OAuth Toolkit).
Apparently, I'm stuck at the final step: getting information from the user, which should be done through the "Api URL providing user details".
I cannot figure out how this information should be provided. Apparently, the authorization provider should yield some JSON data about the user, but the client of the HTTP request (Flarum) does not pass any authorization detail (such as an access token) when it performs the API request to get user info. How can the authentication server know what user the request is about, from the "blank" HTTP request it gets?
2 months later
LucaAllulli Not sure if it is still an issue for you. But you can DM me and I'll explain this. Extension works just fine. There's a final step requires to code your own endpoint for it.
- Edited
Sorry for the late reply for the last few questions. The best way to know exactly what URL and other parameters you need is to check out the source code of this extension as well as the documentation for the league oauth2 library that's used behind the scenes.
This extension's oauth provider basically just extends League's AbstractProvider by using the provided URL for getResourceOwnerDetailsUrl. We also use the BearerAuthorizationTrait trait that sends the token as part of an Authorization: Bearer token header, like Laravel's Passport does.
The expected response type is JSON. We're not using the ACCESS_TOKEN_RESOURCE_OWNER_ID feature of League's oauth package. Maybe we should, but while the ID is stored it's not actually used by Flarum later on at this point. The important bit is that we access the email and name attributes of the JSON object via ResourceOwner. We also trigger an event that could be used to alter the response in case your JSON object doesn't match what this extension expects. It's very likely that name isn't actually used by Flarum, so that basically leaves only email that's really required.
If your oauth system doesn't work with this extension, it should be quite easy to fork it, then customize the oauth provider and/or resourceowner code.
I hope this clarifies things.
a month later
- Edited
Can someone help me understand the utility of this package? What does it allow me to accomplish that core does not?
A separate question, can this be added to an existing forum, or would it mess up the login for existing users?
This passport extension is a generic oauth 2 client that allows users to log in with credentials from another website that has an oauth2 server. This is exceptionally useful if you own the other website and are able to add oauth 2 server capabilities there; for Laravel a package exists that offers that functionality which is named passport, hence the name of this extension.
You should be able to use this with existing users just fine.
luceos Gotcha, that makes sense. So as an example, if T-Mobile wants to use Flarum as a discussion community, they can have people logged into their website automatically logged into the forum when they go to discuss.tmobile.com (assuming they use oauth 2).
cmwetherell almost. They can't log in automatically; they would still need to click a button (log in with your t-mobile account) and then be directed to the t-mobile website (or auth platform), log in if they haven't and then be redirected to the forum to be automatically logged in. Only with some settings of the oauth 2 server and already being logged in there might give the impression of full automatic log in.
24 days later
0.4.0
- beta 14 ready
a month later
- Edited
Thank you for the update, but the following raw error appears in the HTML when attempting to enter the forum. Testing FreeFlarum beta.14 update. Any clue what might be wrong?
Flarum encountered a boot error (FastRoute\BadRouteException)
Static route "/auth/passport" is shadowed by previously defined variable route "/auth/([^/]+)" for method "GET"
thrown in /app/vendor/nikic/fast-route/src/DataGenerator/RegexBasedAbstract.php on line 64
FastRoute\BadRouteException: Static route "/auth/passport" is shadowed by previously defined variable route "/auth/([^/]+)" for method "GET" in /app/vendor/nikic/fast-route/src/DataGenerator/RegexBasedAbstract.php:64
Stack trace:
#0 /app/vendor/nikic/fast-route/src/DataGenerator/RegexBasedAbstract.php(18): FastRoute\DataGenerator\RegexBasedAbstract->addStaticRoute('GET', Array, Object(Closure))
#1 /app/vendor/flarum/core/src/Http/RouteCollection.php(69): FastRoute\DataGenerator\RegexBasedAbstract->addRoute('GET', Array, Object(Closure))
#2 /app/vendor/flarum/core/src/Extend/Routes.php(82): Flarum\Http\RouteCollection->addRoute('GET', '/auth/passport', 'auth.passport', Object(Closure))
#3 /app/vendor/illuminate/container/Container.php(1102): Flarum\Extend\Routes->Flarum\Extend\{closure}(Object(Flarum\Http\RouteCollection), Object(Illuminate\Container\Container))
#4 /app/vendor/illuminate/container/Container.php(1048): Illuminate\Container\Container->fireCallbackArray(Object(Flarum\Http\RouteCollection), Array)
#5 /app/vendor/illuminate/container/Container.php(701): Illuminate\Container\Container->fireResolvingCallbacks('flarum.forum.ro...', Object(Flarum\Http\RouteCollection))
#6 /app/vendor/illuminate/container/Container.php(629): Illuminate\Container\Container->resolve('flarum.forum.ro...', Array)
#7 /app/vendor/flarum/core/src/Forum/ForumServiceProvider.php(45): Illuminate\Container\Container->make('flarum.forum.ro...')
#8 /app/vendor/illuminate/container/Container.php(690): Flarum\Forum\ForumServiceProvider->Flarum\Forum\{closure}(Object(Flarum\Http\UrlGenerator), Object(Illuminate\Container\Container))
#9 /app/vendor/illuminate/container/Container.php(629): Illuminate\Container\Container->resolve('Flarum\\Http\\Url...', Array)
#10 /app/vendor/flarum/core/src/Frontend/FrontendServiceProvider.php(70): Illuminate\Container\Container->make('Flarum\\Http\\Url...')
#11 /app/vendor/illuminate/container/BoundMethod.php(36): Flarum\Frontend\FrontendServiceProvider->boot()
#12 /app/vendor/illuminate/container/Util.php(37): Illuminate\Container\BoundMethod::Illuminate\Container\{closure}()
#13 /app/vendor/illuminate/container/BoundMethod.php(93): Illuminate\Container\Util::unwrapIfClosure(Object(Closure))
#14 /app/vendor/illuminate/container/BoundMethod.php(37): Illuminate\Container\BoundMethod::callBoundMethod(Object(Illuminate\Container\Container), Array, Object(Closure))
#15 /app/vendor/illuminate/container/Container.php(590): Illuminate\Container\BoundMethod::call(Object(Illuminate\Container\Container), Array, Array, NULL)
#16 /app/vendor/flarum/core/src/Foundation/Application.php(327): Illuminate\Container\Container->call(Array)
#17 /app/vendor/flarum/core/src/Foundation/Application.php(310): Flarum\Foundation\Application->bootProvider(Object(Flarum\Frontend\FrontendServiceProvider))
#18 [internal function]: Flarum\Foundation\Application->Flarum\Foundation\{closure}(Object(Flarum\Frontend\FrontendServiceProvider), 12)
#19 /app/vendor/flarum/core/src/Foundation/Application.php(311): array_walk(Array, Object(Closure))
#20 /app/vendor/flarum/core/src/Foundation/InstalledSite.php(148): Flarum\Foundation\Application->boot()
#21 /app/vendor/flarum/core/src/Foundation/InstalledSite.php(81): Flarum\Foundation\InstalledSite->bootLaravel()
#22 /app/vendor/flarum/core/src/Http/Server.php(56): Flarum\Foundation\InstalledSite->bootApp()
#23 /app/vendor/flarum/core/src/Http/Server.php(33): Flarum\Http\Server->safelyBootAndGetHandler()
#24 /app/public/index.php(22): Flarum\Http\Server->listen()
#25 {main}Flarum core 0.1.0-beta.14.1
PHP version: 7.2.24-0ubuntu0.18.04.7
Loaded extensions: Core, date, libxml, openssl, pcre, zlib, filter, hash, pcntl, Reflection, SPL, sodium, session, standard, mysqlnd, PDO, xml, calendar, ctype, curl, dom, mbstring, fileinfo, ftp, gd, gettext, iconv, json, exif, mysqli, pdo_mysql, Phar, posix, readline, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, wddx, xmlreader, xmlwriter, xsl, zip, Zend OPcache
+-------------------------------------+------------------+--------+
| Flarum Extensions | | |
+-------------------------------------+------------------+--------+
| ID | Version | Commit |
+-------------------------------------+------------------+--------+
| flarum-approval | v0.1.0-beta.14 | |
| flarum-bbcode | v0.1.0-beta.12 | |
| flarum-emoji | v0.1.0-beta.14 | |
| flarum-lang-english | v0.1.0-beta.14.1 | |
| flarum-flags | v0.1.0-beta.14.1 | |
| flarum-likes | v0.1.0-beta.14 | |
| flarum-lock | v0.1.0-beta.14 | |
| flarum-markdown | v0.1.0-beta.14 | |
| flarum-mentions | v0.1.0-beta.14 | |
| flarum-statistics | v0.1.0-beta.14 | |
| flarum-sticky | v0.1.0-beta.14 | |
| flarum-subscriptions | v0.1.0-beta.14 | |
| flarum-suspend | v0.1.0-beta.14 | |
| fof-sitemap | 0.5.4 | |
| migratetoflarum-canonical | 0.2.2 | |
| clarkwinkelmann-author-change | 0.2.1 | |
| clarkwinkelmann-create-user-modal | 1.1.0 | |
| madnest-lang-czech | v0.1.0-beta.14.1 | |
| clarkwinkelmann-emojionearea | 0.3.0 | |
| fof-doorman | 0.2.0 | |
| askvortsov-moderator-warnings | v0.3.2 | |
| fof-analytics | 0.10.1 | |
| fof-bbcode-details | 0.1.0 | |
| fof-ban-ips | 0.3.0 | |
| kakifrucht-de | 0.13.1 | |
| michaelbelgium-discussion-views | v5.0.0 | |
| flarum-embed | v0.1.0-beta.14 | |
| fof-best-answer | 0.2.0 | |
| fof-default-group | 0.2.0 | |
| fof-default-user-preferences | 0.2.0 | |
| fof-drafts | 0.2.1 | |
| fof-filter | 0.1.0-beta.3 | |
| fof-upload | 0.11.2 | |
| clarkwinkelmann-first-post-approval | 0.1.2 | |
| flarum-tags | v0.1.0-beta.14 | |
| askvortsov-categories | v1.1.0 | |
| fof-byobu | 0.6.0-beta.2 | |
| fof-formatting | 0.2.0 | |
| fof-forum-statistics-widget | 0.3.0 | |
| fof-linguist | 0.4.4 | |
| customworld-lang-slovak | v1.5.2 | |
| tiu-ram0n-brazilian-portuguese | 1.1.22 | |
| neercsys-lang-bosanski | v0.14 | |
| neercsys-bosanski | v0.37 | |
| fof-links | 0.4.2 | |
| fof-mason | 0.4.2 | |
| fof-masquerade | 0.3.5 | |
| fof-merge-discussions | 0.4.0 | |
| fof-nightmode | 0.6.0 | |
| fof-oauth | 0.1.0 | |
| fof-pages | 0.5.0 | |
+-------------------------------------+------------------+--------+I have removed passport because of this issue (I used latest version - 0.4.0).
SKevo the issue is being discussed here FriendsOfFlarum/oauth9
11 days later
0.5.0
- Flarum beta 15 support
7 days later
IanM I'm having a problem in beta 15. 'Server Error after entering login information with google
Returning error 403
2 months later
Hi there. I'm currently looking to implement this extension to work with my own custom Oauth server. Would anyone mind letting me know what data need to be returned from the user details endpoint (/api/user/)?
jbatham see my answer above, there's some details into how this works.
clarkwinkelmann we access the
nameattributes of the JSON object via ResourceOwner. We also trigger an event that could be used to alter the response in case your JSON object doesn't match what this extension expects. It's very likely thatnameisn't actually used by Flarum, so that basically leaves only
If that doesn't work, let us know and we'll try to improve the documentation.
clarkwinkelmann Thanks clark - appreciate the speedy response!
9 days later
Hi , is it possible to have the oauth call fire on load? I am looking at embedding flarum on a site and don't want uses to have to login twice?
NardusGrobler this extension does not provide any auto-login ability. You would have to develop that yourself.
a month later
Version 0.6.0
Updated deprecated Flarum beta 16 code. The previous version was likely also compatible with Flarum beta 16 as well.
Set the required version to * in composer.json before updating Flarum. You can also use composer require fof/passport:* to make that change prior to the Flarum update.
a month later
Hi,
When it returns from the authorization phase, it stays in this phase. I had to enter this information. Where should I add it?
So it stays in touch. Does not continue. https://domain.com/auth/passport?code=XXX
API connections are made possible on the site as follows.
