README

OAuth2 SSO client SDK for integrating Laravel applications with the Central Authentication Server.

Installation

Install via Composer:

composer require keenops/auth-client

Configuration

Publish the configuration file:

php artisan vendor:publish --tag=auth-client-config

Add the following environment variables to your .env file:

AUTH_SERVER_URL=https://your-auth-server.com
AUTH_CLIENT_ID=your-client-id
AUTH_CLIENT_SECRET=your-client-secret
AUTH_REDIRECT_URI=https://your-app.com/auth/callback
AUTH_SCOPES=read-user
AUTH_BACKCHANNEL_LOGOUT_SECRET=your-backchannel-secret

Usage

SSO Authentication

The package automatically registers the following routes:

• GET /auth/redirect - Redirect to auth server for login
• GET /auth/callback - Handle callback from auth server
• POST /auth/logout - Logout and revoke token
• POST /auth/backchannel-logout - Backchannel logout webhook

Protecting Routes

Use the provided middleware to protect routes:

// Require authentication
Route::middleware('auth.server')->group(function () {
    Route::get('/dashboard', DashboardController::class);
});

// Require specific permissions
Route::middleware(['auth.server', 'server.permission:manage_users'])->group(function () {
    Route::get('/admin/users', UserController::class);
});

Accessing the Authenticated User

use Illuminate\Support\Facades\Auth;

$user = Auth::guard('auth-server')->user();

// Check roles
if ($user->hasRole('admin')) {
    // ...
}

// Check permissions
if ($user->hasPermission('create_post')) {
    // ...
}

License

The MIT License (MIT). Please see License File for more information.