ncit / efaas-socialite
eFaas Provider for Laravel Socialite
Requires
- php: >=7.2
- illuminate/http: ^9.0|^10.0
- illuminate/support: ^5.6|^6.0|^7.0|^8.0|^9.0|^10.0
- laravel/socialite: ~3.3|~4.0|~5.0
Requires (Dev)
- orchestra/testbench: ^4.0
- phpunit/phpunit: ^8.0
This package is not auto-updated.
Last update: 2024-04-26 06:06:34 UTC
README
Laravel Socialite Provider for eFaas.
Installation
You can install the package via composer:
composer require ncit/efaas-socialite
Laravel 5.5 and above uses Package Auto-Discovery, so doesn't require you to manually add the ServiceProvider.
After updating composer, add the ServiceProvider to the providers array in config/app.php
Ncit\Efaas\Socialite\Providers\EfaasSocialiteServiceProvider::class,
Add configuration to config/services.php
'efaas' => [ 'client_id' => env('EFAAS_CLIENT_ID'), 'client_secret' => env('EFAAS_CLIENT_SECRET'), 'redirect' => env('EFAAS_CLIENT_REDIRECT_URI'), 'server_url' => env('EFAAS_URL', 'https://efaas.gov.mv/connect'), ],
Usage
You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed): Refer to the Official Social Docs for more info.
Warning: If you get 403 Forbidden error when your Laravel app makes requests to the eFaas authorization endpoints, request NCIT to whitelist your server IP.
//efaas default scopes are openid and efaas.profile return Socialite::driver('efaas')->redirect(); //to get extra scopes pass other scopes on scopes methods return Socialite::driver('efaas')->scopes([ 'openid', 'efaas.profile', 'efaas.email', 'efaas.mobile', 'efaas.passport_number', 'efaas.country', 'efaas.work_permit_status', 'efaas.photo' ])->redirect();
and in your callback handler, you can access the user data like so.
$efaasUser = Socialite::driver('efaas')->user();
$accessToken = $efaasUser->token;
Logging out the eFaas User
In your Laravel logout redirect, redirect with the provider logOut() method using the access token saved during login
return Socialite::driver('efaas')->logOut($access_token, $post_logout_redirect_url);
Using eFaas One-tap Login
This package will automatically add an /efaas-one-tap-login endpoint to your web routes which will redirect to eFaas with the eFaas login code.
Sometimes you may wish to customize the routes defined by the Efaas Provider. To achieve this, you first need to ignore the routes registered by Efaas Provider by adding EfaasProvider::ignoreRoutes to the register method of your application's AppServiceProvider:
use Ncit\Efaas\EfaasProvider; /** * Register any application services. */ public function register(): void { EfaasProvider::ignoreRoutes(); }
Then, you may copy the routes defined by Efaas Provider in its routes file to your application's routes/web.php file and modify them to your liking:
Route::group([ 'as' => 'efaas.', 'namespace' => '\Ncit\Efaas\Http\Controllers', ], function () { // Efaas routes... });
Authenticating from mobile apps
To authenticate users from mobile apps, redirect to the eFaas login screen through a Web View on the mobile app.
Then intercept the code (authorization code) from eFaas after they redirect you back to your website after logging in to eFaas.
Once your mobile app receives the auth code, send the code to your API endpoint. You can then get the eFaas user details from your server side using the auth code as follows:
$efaas_user = Socialite::driver('efaas')->userFromCode($code);
After you receive the eFaas user, you can then issue your own access token or API key according to whatever authentication scheme you use for your API.
Changing the eFaas login prompt behaviour
The eFaas login prompt behaviour can be customized by modifying the prompt option on your redirect request
return Socialite::driver('efaas')->with(['prompt' => 'select_account'])->redirect();
The available prompt options are:
| Option | Description |
|---|---|
login |
Forces the user to enter their credentials on that request, regardless of whether the user is already logged into eFaas. |
none |
Opposite of the login option. Ensures that the user isn't presented with any interactive prompt. If the request can't be completed silently by using single-sign on, the Microsoft identity platform returns an interaction_required error. |
consent |
Triggers the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app. |
select_account |
Interrupts the single sign-on, providing account selection experience listing all the accounts either in session or any remembered account or an option to choose to use a different account altogether |
Available properties for eFaas User
$id_number = $efaasUser->username;
All Available eFaas data fields
| Field | Description |
|---|---|
id |
Efaas User Identifier |
name |
Full Name |
first_name |
First Name |
middle_name |
Middle Name |
last_name |
Last Name |
name_dhivehi |
Full Name In dhivehi |
first_name_dhivehi |
First name in Dhivehi |
middle_name_dhivehi |
Middle name in Dhivehi |
last_name_dhivehi |
Last name in Dhivehi |
user_type |
User type 1- Maldivian 2- Work Permit Holder 3- Foreigners |
username |
ID number in case of maldivian and workpermit number in case of expatriates |
birthdate |
Date of birth. (Carbon instance) |
gender |
Gender |
email |
Email address |
mobile |
Registered phone number |
photo |
User photo |
passport_number |
Passport number of the individual (expat and foreigners only) |
is_workpermit_active |
Is the work permit active |
permanentAddress |
Permananet Address. Country will contain an ISO 3 Digit country code. |
country |
user Country name |
countryCode |
user Country Code |
is_verified |
Whether User is verified or Not |
verification_type |
user verification type |
updated_at |
Information Last Updated date. (Carbon instance) |
Testing
composer test
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security related issues, please email is@ncit.gov.mv instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.