Composer
首页 包列表 提交包 常见问题 关于

承接 tea-software/secure-socialite 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

tea-software/secure-socialite

最新稳定版本:v1.0.0

Composer 安装命令:

composer require tea-software/secure-socialite

包简介

Secure, stateless OAuth state handling for Laravel Socialite

README 文档

README

Secure, stateless OAuth state handling for Laravel Socialite with enhanced security features.

Description

SecureSocialite provides a robust solution for handling OAuth authentication in Laravel applications using Socialite. It implements secure, encrypted state parameters with automatic expiration and domain whitelisting for callbacks, helping protect your application against CSRF and redirection attacks.

Installation

You can install the package via Composer:

composer require tea-software/secure-socialite

The package will automatically register its service provider if you're using Laravel's package auto-discovery.

Configuration

Publish the configuration file:

php artisan vendor:publish --provider="SecureSocialite\SecureSocialiteServiceProvider" --tag="config"

This will create a config/secure-socialite.php file with the following contents:

<?php

return [
    'whitelist' => [
        'localhost',
        'localhost:3000',
        'yourapp.com',
    ],
];

Update the whitelist array to include all domains that are allowed to receive OAuth callbacks. This helps prevent open redirect vulnerabilities.

Usage

SecureSocialite provides a secure way to handle OAuth authentication flows with Laravel Socialite.

Basic Example

// Frontend code (JavaScript/Vue/React)
const redirect = encodeURIComponent('https://yourapp.com/auth/callback');
window.location.href = `/auth/social/redirect?provider=google&redirect=${redirect}&nonce=optional_nonce`;

The package handles the OAuth flow with the following security features:

  1. State parameters are stored securely with encryption
  2. Automatic expiration of state tokens (5 minutes)
  3. Domain whitelisting for callbacks
  4. Stateless implementation for better horizontal scaling

Routes

The package automatically registers the following routes:

  • GET /auth/social/redirect - Initiates the OAuth flow
  • GET /auth/social/callback - Handles the OAuth callback

Requirements

  • PHP 8.0+
  • Laravel 8.x or higher

License

The MIT License (MIT). Please see License File for more information.

统计信息

  • 总下载量: 1
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP
访问仓库

其他信息

  • 授权协议: MIT
  • 更新时间: 2025-05-06