carlostmj/uway-connect

SDK oficial para integrar OAuth 2.0/2.1 do UWAY Auth em PHP e Laravel.

Maintainers

Package info

github.com/carlostmj/uway-connect

pkg:composer/carlostmj/uway-connect

Statistics

Installs: 1

Dependents: 0

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

dev-main 2026-01-23 18:22 UTC

Requires

Requires (Dev)

MIT 5c80f9a287b812e6bf835311275f8d7d431b5887

This package is not auto-updated.

Last update: 2026-02-21 17:20:48 UTC

README

SDK oficial para integrar OAuth 2.1 do UWAY Auth em PHP puro e Laravel.

  • Fluxo Authorization Code + PKCE (OAuth 2.1)
  • Helpers para state/PKCE
  • Troca de code por tokens e userinfo
  • Integração simples no Laravel

Instalacao

composer require carlostmj/uway-connect

Fluxo completo (PHP puro)

1) Criar instancia

use CarlosTMJ\UwayConnect\Config;
use CarlosTMJ\UwayConnect\UwayConnect;

$uway = new UwayConnect(new Config(
    baseUrl: 'https://auth.uway.com.br',
    clientId: 'SEU_CLIENT_ID',
    clientSecret: null, // public client (SPA/mobile)
    redirectUri: 'https://seu-app.com/auth/uway/callback',
    defaultScopes: ['openid', 'profile', 'email']
));

2) Gerar URL de consentimento (PKCE + state)

session_start();

$request = $uway->createAuthorizationRequest([
    'openid', 'profile', 'email'
]);

// guarde na sessao
$_SESSION['uway_state'] = $request->state;
$_SESSION['uway_verifier'] = $request->codeVerifier;

header('Location: '.$request->url);
exit;

3) Callback: validar state e trocar code por token

session_start();

$tokenSet = $uway->exchangeCodeFromCallback(
    $_GET,
    $_SESSION['uway_state'] ?? '',
    $_SESSION['uway_verifier'] ?? ''
);

$user = $uway->userInfo($tokenSet->accessToken);

Laravel (exemplo completo)

.env

UWAY_AUTH_BASE_URL=https://auth.uway.com.br
UWAY_AUTH_CLIENT_ID=...
UWAY_AUTH_CLIENT_SECRET=...
UWAY_AUTH_REDIRECT_URI=https://seu-app.com/auth/uway/callback
UWAY_AUTH_SCOPES="openid profile email"

Rotas

Route::get('/auth/uway', [UwayAuthController::class, 'redirect'])->name('uway.redirect');
Route::get('/auth/uway/callback', [UwayAuthController::class, 'callback'])->name('uway.callback');

Controller

use Illuminate\Http\Request;
use CarlosTMJ\UwayConnect\Laravel\UwayConnectFacade as UwayConnect;

class UwayAuthController
{
    public function redirect(Request $request)
    {
        $authRequest = UwayConnect::createAuthorizationRequest();

        $request->session()->put('uway_state', $authRequest->state);
        $request->session()->put('uway_verifier', $authRequest->codeVerifier);

        return redirect()->away($authRequest->url);
    }

    public function callback(Request $request)
    {
        $tokenSet = UwayConnect::exchangeCodeFromCallback(
            $request->query(),
            (string) $request->session()->pull('uway_state'),
            (string) $request->session()->pull('uway_verifier')
        );

        $profile = UwayConnect::userInfo($tokenSet->accessToken);

        // aqui voce cria/loga o usuario
        return response()->json($profile);
    }
}

Tratamento de erros

Qualquer falha gera UwayConnectException com:

  • statusCode
  • payload (dados brutos do endpoint)
try {
    $tokenSet = $uway->exchangeCodeFromCallback($_GET, $state, $verifier);
} catch (\CarlosTMJ\UwayConnect\UwayConnectException $e) {
    // log e tratamento
}

Documentacao completa

Veja docs/ para:

  • quickstart.md
  • oauth-flow.md
  • php.md
  • laravel.md
  • security.md

Licenca

MIT