Bitbucket OAuth2 Provider for Laravel Socialite

v2.0.1 2017-06-23 08:59 UTC

This package is auto-updated.

Last update: 2023-09-29 01:16:58 UTC


Laravel Socialite itself supports Bitbucket oAuth 2. It is strongly recommended to use it. This is deprecated now.

Bitbucket OAuth2 Provider for Laravel Socialite

Packagist Software License StyleCI

This package allows you to use Laravel Socialite using OAuth 2 of Bitbucket.


You can install the package via composer:

Laravel 5.4+

composer require alexsoft/laravel-socialite-bitbucket

Laravel 5.0 - 5.3

You will need to use 1.0 version. Usage remains the same.

composer require alexsoft/laravel-socialite-bitbucket:^1.0

Note: if you use Laravel 5.5+ you can skip service provider registration, because it should be auto discovered.

Then you should register service provider in your config/app.php file:

'providers' => [
    // Other service providers


You will also need to add credentials for the OAuth application that you can get on the Oauth settings page of you Bitbucket account. They should be placed in your config/services.php file. You may copy the example configuration below to get started:

'bitbucket' => [
    'client_id' => env('BITBUCKET_CLIENT_ID'),
    'client_secret' => env('BITBUCKET_CLIENT_SECRET'),
    'redirect' => env('BITBUCKET_REDIRECT'),

Basic usage

So now, you are ready to authenticate users! You will need two routes: one for redirecting the user to the OAuth provider, and another for receiving the callback from the provider after authentication. We will access Socialite using the Socialite facade:


namespace App\Http\Controllers\Auth;

use Socialite;

class AuthController extends Controller
     * Redirect the user to the Bitbucket authentication page.
     * @return Response
    public function redirectToProvider()
        return Socialite::driver('bitbucket2')->redirect();

     * Obtain the user information from GitHub.
     * @return Response
    public function handleProviderCallback()
        $user = Socialite::driver('bitbucket2')->user();

        // $user->token;

Of course, you will need to define routes to your controller methods:

Route::get('auth/bitbucket', 'Auth\AuthController@redirectToProvider');
Route::get('auth/bitbucket/callback', 'Auth\AuthController@handleProviderCallback');

The redirect method takes care of sending the user to the OAuth provider, while the user method will read the incoming request and retrieve the user's information from the provider.

Bitbucket Oauth2 does not support scopes on request, all scopes are configured in Oauth application settings.

Retrieving user details

Once you have a user instance, you can grab a few more details about the user:

$user = Socialite::driver('bitbucket2')->user();

// OAuth Two Providers
$token = $user->token;
$refreshToken = $user->refreshToken; // may not always be provided
$expiresIn = $user->expiresIn;

// OAuth One Providers
$token = $user->token;
$tokenSecret = $user->tokenSecret;

// All Providers

Nota bene

Unlike Github Bitbucket provides you only one hour valid tokens so you will need to refresh access tokens.

Here is the piece of code that refreshes your token (requires Guzzle):

$options = [
    'auth' => [config('services.bitbucket.client_id'), config('services.bitbucket.client_secret')],
    'form_params' => [
        'grant_type' => 'refresh_token',
        'refresh_token' => "BITBUCKET_REFRESH_TOKEN"

$response = (new GuzzleHttp\Client)
    ->post('', $options)

$response = json_decode($response, true);

$newAccessToken = $response['access_token'];

By some reason, after this operation refresh token is not updated, so you do not have to update it in your storage.