Steam OpenID Provider for Laravel Socialite
composer require socialiteproviders/steam
Please see the Base Installation Guide, then follow the provider specific instructions below.
'steam' => [ 'client_id' => null, 'client_secret' => env('STEAM_CLIENT_SECRET'), 'redirect' => env('STEAM_REDIRECT_URI'), 'allowed_hosts' => [ 'example.com', ] ],
Set this for protect against authorization domain spoofing. When the user returns from the Steam login page, along with the OpenID validation, the return_to parameter will be checked against the available domains in
If you don't specify the setting, then fraudsters have the opportunity to enter the application under other users
Issue resolved in SocialiteProviders/Providers#817
By default this protection is disabled. It will only be active when allowed hosts is not equal to an empty array.
Configure the package's listener to listen for
Add the event to your
listen array in
app/Providers/EventServiceProvider. See the Base Installation Guide for detailed instructions.
protected $listen = [ \SocialiteProviders\Manager\SocialiteWasCalled::class => [ // ... other providers \SocialiteProviders\Steam\SteamExtendSocialite::class.'@handle', ], ];
You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed):