Opauth strategy for Google authentication

Overview

Opauth-Google

Opauth strategy for Google authentication.

Implemented based on https://developers.google.com/accounts/docs/OAuth2 using OAuth 2.0.

Opauth is a multi-provider authentication framework for PHP.

Getting started

  1. Install Opauth-Google:

    cd path_to_opauth/Strategy
    git clone git://github.com/opauth/google.git Google

    or

    composer require opauth/google
    
  2. Create a Google APIs project at https://code.google.com/apis/console/

    • You do not have to enable any services from the Services tab.
    • Make sure to go to API Access tab and Create an OAuth 2.0 client ID.
    • Choose Web application for Application type
    • Make sure that redirect URI is set to actual OAuth 2.0 callback URL, usually http://path_to_opauth/google/oauth2callback
  3. Configure Opauth-Google strategy.

  4. Direct user to http://path_to_opauth/google to authenticate

Strategy configuration

Required parameters:


'Google' => array(
	'client_id' => 'YOUR CLIENT ID',
	'client_secret' => 'YOUR CLIENT SECRET'
)

Optional parameters: scope, state, access_type, approval_prompt

References

License

Opauth-Google is MIT Licensed
Copyright © 2012 U-Zyn Chua (http://uzyn.com)

Comments
  • repository does not exist anymore

    repository does not exist anymore

    Looks like the README is not up to date :)

    $ git clone git://github.com/uzyn/opauth-google.git Google Cloning into 'Google'... fatal: remote error: Repository not found. $

    opened by bert2002 2
  • $_SESSION / $_GET / $_POST is empty on response

    $_SESSION / $_GET / $_POST is empty on response

    $this->auth_config = array(
                'host'               => "http" . (($_SERVER['SERVER_PORT'] == 443) ? "s://" : "://") . $_SERVER['HTTP_HOST'],
                'path'               => '/user/auth/',
                'debug'              => true,
                'callback_url'       => "{host}/user/auth/$strategy/oauth2callback",
                'security_salt'      => '...',
                'callback_transport' => 'session',
                'Strategy'           => array( respective configs here
                    'Facebook' => array(
                        'app_id'     => '...',
                        'app_secret' => '...',
                        'scope'      => 'email'
                    ),
                    'Google'   => array(
                        'client_id'     => '...',
                        'client_secret' =>'...'
                    ),
                    'Twitter'  => array(
                        'key'    => '...',
                        'secret' => '...',
                        'scope'  => 'email'
                    ),
                )
            );
    
    

    i get this on the response

    Undefined index: opauth
    

    on the line

    $response = $_SESSION['opauth'];

    i checked the $_SESSION thing its all blank.. same goes if i choose get / post they all remain blank.

    the exact config etc works fine for both facebook and twitter.. am i missing something?

    opened by WilliamStam 1
  • Add

    Add "refresh_token" to credentials array

    If your application needs an offline access then after authorization Google will include "refresh_token" parameter in response.

    This fix just adds this "refresh_token" to credentials array so you can access it and store after opauth callback.

    opened by VladaPetrovic 1
  • Add state verification on callback

    Add state verification on callback

    The state paramater is currently neither validated nor passed to the application. This parameter is crucial in avoiding CSRF-attacks.

    This commit should compare the state parameter from the strategy configuration with the received state parameter from the Google endpoint.

    opened by beheh 0
  • How can we get list out all the used and unused projects in GCP

    How can we get list out all the used and unused projects in GCP

    How can we get list out all the used and unused projects in GCP with the help of gcloud or some alternative)

    i.e(How can we determine that the project is running or not?

    opened by sabhijeet779 0
  • id_token is missing

    id_token is missing

    id_token is missing in credentials and would be great to be included...

    credentials' => array( 'token' => $results->access_token, 'id_token' => $results->id_token, 'expires' => date('c', time() + $results->expires_in) )

    opened by am-adnbp 0
  • Opauth occasionally fails with unauthorized response

    Opauth occasionally fails with unauthorized response

    When I originally log into my website through Opauth, everything works perfectly. I have some pages that will import contacts or calendar events, and these pages work well too. The only issue is that after a while, I'll get an error when I go to these page, as if my request token has expired or I'm not authorized anymore.

    I checked my refresh token, but it says it's not supposed to expire for another day. Is there a way to automatically try and refresh my session on the backend without having to make the user log back into Google?

    Here is the error:

    'code' => 'userinfo_error',
    'message' => 'Failed when attempting to query for user information',
    'raw' => [
        'response' => false,
        'headers' => 'HTTP/1.0 401 Unauthorized
    Vary: Origin
    Vary: X-Origin
    WWW-Authenticate: Bearer realm="https://accounts.google.com/AuthSubRequest", error=invalid_token
    Content-Type: application/json; charset=UTF-8
    Date: Mon, 24 Nov 2014 02:55:13 GMT
    Expires: Mon, 24 Nov 2014 02:55:13 GMT
    Cache-Control: private, max-age=0
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alternate-Protocol: 443:quic,p=0.02'
    
    opened by ghost 0
  • Added prompt parameter to request URL in GoogleStrategy.php

    Added prompt parameter to request URL in GoogleStrategy.php

    Added optional prompt parameter specified here: https://developers.google.com/accounts/docs/OAuth2Login#prompt

    Allows applications to force the account chooser or consent screen to show on all logins.

    opened by duncanbarnes 0
Owner
Opauth – PHP Auth Framework
Opauth – PHP Auth Framework
Facebook strategy for Opauth

Opauth-Facebook Opauth strategy for Facebook authentication. Implemented based on https://developers.facebook.com/docs/authentication/ Getting started

Opauth – PHP Auth Framework 89 Dec 4, 2022
Rinvex Authy is a simple wrapper for @Authy TOTP API, the best rated Two-Factor Authentication service for consumers, simplest 2fa Rest API for developers and a strong authentication platform for the enterprise.

Rinvex Authy Rinvex Authy is a simple wrapper for Authy TOTP API, the best rated Two-Factor Authentication service for consumers, simplest 2fa Rest AP

Rinvex 34 Feb 14, 2022
It's a Laravel 8 authentication markdown that will help you to understand and grasp all the underlying functionality for Session and API Authentication

About Auth Starter It's a Laravel 8 authentication markdown that will help you to understand and grasp all the underlying functionality for Session an

Sami Alateya 10 Aug 3, 2022
phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server.

phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server.

Apereo Foundation 780 Dec 24, 2022
A One Time Password Authentication package, compatible with Google Authenticator.

Google2FA Google Two-Factor Authentication for PHP Google2FA is a PHP implementation of the Google Two-Factor Authentication Module, supporting the HM

Antonio Carlos Ribeiro 1.6k Dec 30, 2022
Simple PHP Google Authentication Template

php-google-auth A php google authentication page project View Demo · Report Problems About The Project This is a small and easy project that I made to

Antonio 4 Nov 21, 2021
Social OAuth Authentication for Laravel 5. drivers: facebook, github, google, linkedin, weibo, qq, wechat and douban

Social OAuth Authentication for Laravel 5. drivers: facebook, github, google, linkedin, weibo, qq, wechat and douban

安正超 330 Nov 14, 2022
PHP class to generate and verify Google Authenticator 2-factor authentication

Google Authenticator PHP class Copyright (c) 2012-2016, http://www.phpgangsta.de Author: Michael Kliewe, @PHPGangsta and contributors Licensed under t

Michael Kliewe 2.1k Jan 2, 2023
Enables Google Authentication for YOURLS

google-auth-yourls Enables Google Authentication for YOURLS Proper documentation coming soon. For now, here is the very rough documentation: Download

8th Wall 14 Nov 20, 2021
Google Two-Factor Authentication Package for Laravel

Google2FA for Laravel Google Two-Factor Authentication Package for Laravel Google2FA is a PHP implementation of the Google Two-Factor Authentication M

Antonio Carlos Ribeiro 785 Dec 31, 2022
Multi-provider authentication framework for PHP

Opauth is a multi-provider authentication framework for PHP, inspired by OmniAuth for Ruby. Opauth enables PHP applications to do user authentication

Opauth – PHP Auth Framework 1.7k Jan 1, 2023
A framework agnostic authentication & authorization system.

Sentinel Sentinel is a PHP 7.3+ framework agnostic fully-featured authentication & authorization system. It also provides additional features such as

Cartalyst 1.4k Dec 30, 2022
PHP library for Two Factor Authentication (TFA / 2FA)

PHP library for Two Factor Authentication PHP library for two-factor (or multi-factor) authentication using TOTP and QR-codes. Inspired by, based on b

Rob Janssen 896 Dec 30, 2022
Provides a unified interface to local and remote authentication systems.

Aura.Auth Provides authentication functionality and session tracking using various adapters; currently supported adapters are: Apache htpasswd files S

Aura for PHP 125 Sep 28, 2022
Vendor-Agnostic Two-Factor Authentication

Multi-Factor Designed to be a vendor-agnostic implementation of various Two-Factor Authentication solutions. Developed by Paragon Initiative Enterpris

Paragon Initiative Enterprises 139 Dec 21, 2022
:octocat: Socialite is an OAuth2 Authentication tool. It is inspired by laravel/socialite, you can easily use it without Laravel.

Socialite Socialite is an OAuth2 Authentication tool. It is inspired by laravel/socialite, You can easily use it in any PHP project. 中文文档 This tool no

安正超 1.2k Dec 22, 2022
🔐 JSON Web Token Authentication for Laravel & Lumen

Documentation Documentation for 1.* here For version 0.5.* See the WIKI for documentation. Supported by Auth0 If you want to easily add secure authent

Sean Tymon 10.7k Dec 31, 2022
LDAP Authentication & Management for Laravel

?? Hey there! Looking for something even easier to use for LDAP integration in your Laravel applications? ?? Introducing LdapRecord ?? LdapRecord is t

null 894 Dec 28, 2022
A Simple method to create laravel authentication for an existing laravel project.

Laravel Simple Auth A Simple method to create laravel authentication for an existing laravel project. Indroduction Why I created this kind of package?

Dasun Tharanga 10 Dec 14, 2021