javaabu / efaas-socialite
eFaas Provider for Laravel Socialite
Installs: 1 349
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 3
Forks: 4
Open Issues: 1
Requires
- php: ^7.2 || ^8.0 || ^8.1
- illuminate/support: ^6.0|^7.0|^8.0|^9.0|^10.0|^11.0
- laravel/socialite: ~5.0
Requires (Dev)
- orchestra/testbench: ^4.0
- phpunit/phpunit: ^8.0
README
Laravel Socialite Provider for eFaas.
Installation
For Laravel 6.0+, you can install the package via composer:
composer require javaabu/efaas-socialite
For Laravel 5.6, use version 1.x
composer require javaabu/efaas-socialite:^1.0
Laravel 5.5 and above uses Package Auto-Discovery, so doesn't require you to manually add the ServiceProvider.
After updating composer, add the ServiceProvider to the providers array in config/app.php
Javaabu\EfaasSocialite\Providers\EfaasSocialiteServiceProvider::class,
Add configuration to config/services.php
'efaas' => [ 'client_id' => env('EFAAS_CLIENT_ID'), 'client_secret' => env('EFAAS_CLIENT_SECRET'), 'redirect' => env('EFAAS_REDIRECT_URI'), 'mode' => env('EFAAS_MODE', 'development'), // supports production, development ],
Usage
Note: A demo implementation of this package is available here.
You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed): Refer to the Official Social Docs for more info.
Warning: If you get 403 Forbidden error when your Laravel app makes requests to the eFaas authorization endpoints, request NCIT to whitelist your server IP.
return Socialite::driver('efaas')->redirect();
and in your callback handler, you can access the user data like so.
$efaas_user = Socialite::driver('efaas')->user(); $access_token = $efaas_user->token;
Enabling PKCE
By default, this package has PKCE disabled. To enable PKCE, use the enablePKCE() method in both your redirect call and the callback handler.
return Socialite::driver('efaas')->enablePKCE()->redirect();
// inside callback handler $efaas_user = Socialite::driver('efaas')->enablePKCE()->user(); $access_token = $efaas_user->token;
Logging out the eFaas User
In your Laravel logout redirect, redirect with the provider logOut() method using the access token saved during login
return Socialite::driver('efaas')->logOut($access_token, $post_logout_redirect_url);
Using eFaas One-tap Login
This package will automatically add an /efaas-one-tap-login endpoint to your web routes which will redirect to eFaas with the eFaas login code.
Sometimes you may wish to customize the routes defined by the Efaas Provider. To achieve this, you first need to ignore the routes registered by Efaas Provider by adding EfaasProvider::ignoreRoutes to the register method of your application's AppServiceProvider:
use Javaabu\EfaasSocialite\EfaasProvider; /** * Register any application services. */ public function register(): void { EfaasProvider::ignoreRoutes(); }
Then, you may copy the routes defined by Efaas Provider in its routes file to your application's routes/web.php file and modify them to your liking:
Route::group([ 'as' => 'efaas.', 'namespace' => '\Javaabu\EfaasSocialite\Http\Controllers', ], function () { // Efaas routes... });
Authenticating from mobile apps
To authenticate users from mobile apps, redirect to the eFaas login screen through a Web View on the mobile app.
Then intercept the code (authorization code) from eFaas after they redirect you back to your website after logging in to eFaas.
Once your mobile app receives the auth code, send the code to your API endpoint. You can then get the eFaas user details from your server side using the auth code as follows:
$efaas_user = Socialite::driver('efaas')->userFromCode($code);
After you receive the eFaas user, you can then issue your own access token or API key according to whatever authentication scheme you use for your API.
Changing the eFaas login prompt behaviour
The eFaas login prompt behaviour can be customized by modifying the prompt option on your redirect request
return Socialite::driver('efaas')->with(['prompt' => 'select_account'])->redirect();
The available prompt options are:
| Option | Description |
|---|---|
login |
Forces the user to enter their credentials on that request, regardless of whether the user is already logged into eFaas. |
none |
Opposite of the login option. Ensures that the user isn't presented with any interactive prompt. If the request can't be completed silently by using single-sign on, the Microsoft identity platform returns an interaction_required error. |
consent |
Triggers the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app. |
select_account |
Interrupts the single sign-on, providing account selection experience listing all the accounts either in session or any remembered account or an option to choose to use a different account altogether |
Available Methods for eFaas User
$efaas_user->isMaldivian(); // Check if is a Maldivian $efaas_user->getDhivehiName(); // Full name in Dhivehi
Getting eFaas data from eFaas User object
$id_number = $oauth_user->idnumber;
Available eFaas data fields
| Field | Description | Example |
|---|---|---|
name |
Full Name | Ahmed Mohamed |
given_name |
First Name | Ahmed |
middle_name |
Middle Name | |
family_name |
Last Name | Mohamed |
idnumber |
ID number in case of maldivian and workpermit number in case of expatriates | A037420 |
gender |
Gender | M or F |
address |
Permananet Address. Country will contain an ISO 3 Digit country code. | ["AddressLine1" => "Light Garden", "AddressLine2" => "", "Road" => "", "AtollAbbreviation" => "K", "IslandName" => "Male", "HomeNameDhivehi" => "ލައިޓްގާރޑްން", "Ward" => "Maafannu", "Country" => "462"] |
phone_number |
Registered phone number | 9939900 |
email |
Email address | ahmed@example.com |
fname_dhivehi |
First name in Dhivehi | އަހުމަދު |
mname_dhivehi |
Middle name in Dhivehi | |
lname_dhivehi |
Last name in Dhivehi | މުހައްމަދު |
user_type |
User type 1- Maldivian 2- Work Permit Holder 3- Foreigners |
1 |
user_type_desc |
Description of the user type | Maldivian |
verification_level |
Verification level of the user in efaas 100: Not Verified 150: Verified by calling 200: Mobile Phone registered in the name of User 250: Verified in person (Limited) 300: Verified in person |
300 |
verification_level_desc |
Description of the verification level | Verified in person |
user_state |
User's state 2- Pending Verification 3- Active |
3 |
user_state_desc |
Description of user's state | Active |
birthdate |
Date of birth. (Carbon instance) | 10/28/1987 |
is_workpermit_active |
Is the work permit active | false |
passport_number |
Passport number of the individual (expat and foreigners only) | |
updated_at |
Information Last Updated date. (Carbon instance) | 10/28/2017 |
Testing
composer test
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security related issues, please email info@javaabu.com instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.