Michael MorozovPHP Developer

Definitive guide on creating custom providers for Laravel OAuth2 authorization

25 May 2015

This article will guide you through the process of creating custom provider for OAuth2 authorization using php framework Laravel 5 and it's first-party package Socialite.

First of all let's say that social authorization is very popular and frankly speaking  it's really handy tool. Surfing internet we can see a lot of sites and services which offer login with Facebook, Twitter, Google and other social networks. Quite frequently when building and maintaining web-sites a question of choosing appropriate tool/package/library arises. And there is a great amount of them.

If you're building your website in PHP using Laravel, probably you've noticed Socialite which provides OAuth / OAuth 2 authentication with Facebook, Twitter, Google, and GitHub.

The most famous social network which provides OAuth2 authentication in Russian segment of the internet is vk. But there is a lack of such connector (provider) in Socialite library. Actually it's not a hard problem, so let's build new VkProvider on top of Socialite's components.

Before we start building new provider please make sure you got the idea of OAuth2. Below is a cheat-sheet for the common workflow.


In order to use vk authorization for our app we need to create a standalone application. For more information please check this link. After you created the app you should pay attention to the settings in red boxes on image below.


In terms of Laravel we need to put these values under new section in services.php. Like this:

Then we need to add Socialite library to our project dependencies.

In order to create new provider we need to extend AbstractProvider and implementProviderInterface according to Socialite's source code. In general UML-diagram will look like this:


From this diagram we can notice that we need to implement 4 methods in our FooProvider. After spending some time with VK api docs my VKProvider class was extended with more methods:


Vk's response contains not only access_token but also user's email (which will be cool to keep for our further needs), so we can override parseAccessToken() and user() in order to attach email to user's info. Class code:

Now, we are almost ready to use this provider. But nevertheless one thing is left to do. The last thing we need to do is register SocialiteServiceProvider. According to the official docs we need to add it to config/app.php. This is the part where things get slightly complicated. Default service provider via dependency injection produces SocialiteManager class which doesn't know about our new VkProvider. That's why we will do the trick. After inspecting SocialiteManager code I realized that it was inherited from Laravel's Manager class which allows to add new drivers (providers) via extend() method.


So lets create new service provider called SocialitePlusServiceProvider where we will register new driver for vk.

So that's it. Now we can add SocialitePlusServiceProvider in config/app.php and we are good to start using it in accordance with the documentation provided by Laravel. Files which were added to the project with appropriate folders:

1q_J12Xwip8DeNwcUANirUhG2s8HxiwtLeJn3DA In order to check how our new provider works let's create dummy example in routes.php:

If everything went fine you will receive similar dump:


So, you can use retrieved info in your app's authorization process. Also, on Laravel News I found that company DraperStudio has implemented 70 oauth(2) drivers for different social services.
However, they use Observer Pattern approach in order to register new providers. They also implemented Vkontakte provider which is pretty similar to introduced above.
Thanks for reading & I hope it was helpful for you.