Anyone actually using Socialite ?

Anyone actually using Socialite ? - I guess thats a no then!

I'm replying as a bump for your post cos I also wondered.

I'm using it, followed jeffry's free tutorial on it, modified it to be more modular and it's werking perfectly.

Personally i have only used github and facebook but i know these work and it supports all.

@londoh @superjo149 yep it works fine on oauth2 stuff like facebook, github, but oauth 1 like twitter ... err not so much :)

I'm using socialite and it works fine (using google driver). Show some code.

@nolros not sure about Twitter, I have only bothered to try facebook, google and github

@pmall @londoh @superjo149 @andrew_henderson @Marlon @Stolz @JefferyWay

I have google, FB, github working. Like I said, any oauth 2 works, but twitter is oauth 1 and does some weird redirecting. Seems like everyone is struggling with it. I've tried all the online guides but seems like most struggle with the same issues:

The issue with twitter is that twitter is as follows:

1. you make the initial call $this->socialite->driver('twitter')->redirect();
2. this then sets temp 'oauth.temp' value with temp credentials. You then redirected to the twitter app authorize page. If you, as the user, authorize it will return a 'oauth_token' && 'oauth_verifier'
3. however, somewhere at the same time it returns the code and verifier it does another request and rewrites the temp values in session.
4. so when you do a auth user() call $this->socialite->driver('twitter')->user(); and it calls the getTokenCredentials method the temp values no longer match and you end up with a mismatch error or I get a null passed through to temp i.e. it clears out Session:

so you end up with one of the two exceptions:

a. the temp and return dont match exception
"Temporary identifier passed back by server does not match that of stored temporary credentials. Potential man-in-the-middle." b. it clears session and you end up with an invalidargument exception with null passed

my current code that works for most oauth2 https://laracasts.com/discuss/channels/general-discussion/please-help-or-post-working-socialite-twitter-code

Similar issues :

https://laracasts.com/discuss/channels/requests/temporary-token-issues-with-socialitetwitter?page=1

https://laracasts.com/discuss/channels/general-discussion/socilite-and-twitter

Hi @nolros

I just solved my twitter trouble changing this

    public function getLoginTwitter(AuthenticateTwitter $authenticatetwitter, Request $request)
    {
        return $authenticatetwitter->execute($request->has('code'));
    }

for

    public function getLoginTwitter(AuthenticateTwitter $authenticatetwitter, Request $request)
    {
        return $authenticatetwitter->execute($request->has('oauth_token'));
    }

Hope I help!

For all those reasons plus few others :) I posted a while ago an alternative to Socialite on https://github.com/fulup-bzh/OidConnect. If you check the readme you will find we I stop using Socialite and a link to explanation videos.

@Marlon thanks but that did not help. I pass through the entire request for all providers and then check for the $request vs. $request->has

$socialStatus   = $socialAuthManager->execute($request->all(), $this, $provider);

I asked on github, but the response by those idiots was go to forums ... "err, duh, what's this forums you speak of". Love it when people develop software with crappy documentation :)

@fulup am I reding correctly that OidConnect requires an old version of Laravel 5?

Sorry @nolros I really not have idea how can I help you.

@Graham; Why did my readme make you think that I OidConnect requiere an old version ?

I used Annotation for the demo, but outside of that I do not have any special dependencies. If my read me is confusing, let me know I will fix it.

@fulup your readme is fine, I misunderstood when I read though it initially. You do make it clear annotations are only used in the samples.

@nolros : I faced the same issue for twitter case .. (Facebook works just fine!):

Argument 1 passed to League\OAuth1\Client\Server\Server::getTokenCredentials() must be an instance of League\OAuth1\Client\Credentials\TemporaryCredentials, null given

I fixed it but with a workaround: before the session dies , i save the temporary credentials in cache()... Then .. i used the magic method __set_state to set the temporary Credentials back into the session (for which I had to define a custom static function __set_state in TemporaryCredentials class)...Also i used Cache::pull so that cache forgets the credentials after i pull the data say in .. It worked.. Pheww...!!

Any suggestions for better workaround or proper fix ?

@ospteam Maybe I can help a bit with Twitter...

To start, I found that the authorization url is wrong. It's hidden away here:

\vendor\league\oauth1-client\src\Client\Server\Twitter.php: line 22:

// change this:
// return 'https://api.twitter.com/oauth/authenticate';
// to this:
return 'https://api.twitter.com/oauth/authorize';

Also, Twitter has only recently started supplying the email address BUT you need to apply to have you're app "whitelisted" in order to do so.

I applied a few days ago and haven't heard from them yet so don't know fully how to implement it until I get accepted.

As a workaround I just used the Twitter ID in the email field for now.

Good luck and let us know how you get on with it :)

@sitesense : hi , for both the authorization Url , i had to use the workaround i mentioned previously...so awaiting for some proper fix ..

Yesterday when twitter was not providing email with user data.. i did found out that twitter had just started providing email for the whitelisted apps ...https://twittercommunity.com/t/how-to-get-email-is-using-twitter-api-on-callback-page-using-php/404/210

While filling the whitelisting form (via https://dev.twitter.com/rest/reference/get/account/verify_credentials ), i read that they do not whitelist web apps for email access.. .. lets see whether they allow or deny the request..

Thank you for taking your time to reply .. :)

@ospteam They just started to allow Web Apps since April this year.

Very long thread on the subject but here's the confirmation:

https://twittercommunity.com/t/how-to-get-email-from-twitter-user-using-oauthtokens/558/186

@sitesense Hi , i had mentioned the same thread in the previous comment.. While Registering for whitelisting on https://support.twitter.com/forms/platform .. i get "xAuth is not available for web-based applications." displayed just above the 'Application Name' field .. still i have registered .. lets see

Anyways the main concern is "Argument 1 passed to League\OAuth1\Client\Server\Server::getTokenCredentials() must be an instance of League\OAuth1\Client\Credentials\TemporaryCredentials, null given" error

Thank you

They are different threads, but xAuth is not what you want anyway.

@ospteam Well good news, I got accepted :)

Thanks for reaching out. We've enabled requesting email permissions for your app. Please note that this permission is only enabled on new sign-ins to your app. In order to begin, please log into apps.twitter.com and

Add a terms of service and privacy policy to your app info Change your token's scope to request email We would like to remind you of your consent obligations from https://dev.twitter.com/overview/terms/agreement-and-policy, specifically section 6a: "Obtain consent before accessing users’ email addresses using Twitter login. As part of Twitter’s OAuth protocol, users may consent to share their email addresses with you. On iOS and Android, you must only request access to users’ email addresses using the Twitter-approved user interface made available via Twitter Kit and must only access email addresses of users who provide consent through that user interface.”

Regards, ElliotSamuelson Twitter Platform Operations

Using it! I'm using it with github and google depending on the situation.

@sitesense did that make a difference to the twitter code working?

@nolros

Finally got this working with just a few changes. Obviously you need your app whitelisted first:

vendor/league/oauth1-client/src/Client/Server/Twitter.php look for // CHANGED...

    public function urlUserDetails()
    {
        // return 'https://api.twitter.com/1.1/account/verify_credentials.json';
        // CHANGED added querystring
        return 'https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true';
    }

    public function userDetails($data, TokenCredentials $tokenCredentials)
    {
        $user = new User();

        $user->uid = $data['id'];
        $user->nickname = $data['screen_name'];
        $user->name = $data['name'];

        // CHANGED added email
        $user->email = null;
        if (isset($data['email'])) {
            $user->email = $data['email'];
        }

        $user->location = $data['location'];
        $user->description = $data['description'];
        $user->imageUrl = $data['profile_image_url'];

        // CHANGED added email
        //$used = array('id', 'screen_name', 'name', 'location', 'description', 'profile_image_url');
        $used = array('id', 'screen_name', 'name', 'email', 'location', 'description', 'profile_image_url');

        foreach ($data as $key => $value) {
            if (strpos($key, 'url') !== false) {
                if (!in_array($key, $used)) {
                    $used[] = $key;
                }

                $user->urls[$key] = $value;
            }
        }

I can't figure out why nobody fixes this on the github repo.

Also found this, this is cool : http://socialiteproviders.github.io

@pmall to be fair, it only became an option in April this year. I found the thread about it which is very long, mostly Twitter saying they will never provide the option of requesting email - only towards the end saying it's now available.

Regarding it being fixed in the repo... I was asked to make a pull request which I have done and it's been accepted and merged.

Here it is: https://github.com/thephpleague/oauth1-client

@nolros Figured something out today after I started getting the same error that you were discussing in your OP.

It happened quite by accident after doing some testing, logging in with each provider, logging out and logging in with another.

Suddenly my Twitter login stopped working with the error:

Argument 1 passed to League\OAuth1\Client\Server\Server::getTokenCredentials() must be an instance of League\OAuth1\Client\Credentials\TemporaryCredentials, null given

It took me over an hour to figure out what it was but to cut a long story short, it was my callback URL.

With all of the messing about I'd been doing with this, I'd actually used a different callback URL on one of my providers... only slightly different. Both still point to the same app on my VM.

So I'd logged in with a different provider that returned me to http://mytestapp.dev/auth/login/github but I hadn't noticed the change in URL.

Next time I tried to login with Twitter from http://mytestapp.dev (the wrong url), it redirected me back to my normal callback URL of http://dev.mytestapp.co.uk/auth/login/twitter. and I got the error that you mentioned.

I only noticed when I checked my session files in storage and saw the URL.

So make sure that your app is using the correct callback URL and that the same URL is reflected in your settings with each OAuth provider!

... and don't inadvertently switch URLs midway like the dummy that I am :)

Check my solution: https://www.victorangelier.com/laravel51-laravel-5-1-socialite-twitter/ It is dirty but it does work.

@nolros i was facing the same issue, and i started following you everywhere, but didn't checked my callback url, and finally i changed my url and it's all working Osum.. Framework is Okay, it's us who don't use it like we should.

@sitesense hi i am using socialite library for my website login with twitter functionality and everything worked fine but today i got the below error

Argument 1 passed to League\OAuth1\Client\Server\Server::getTokenCredentials() must be an instance of League\OAuth1\Client\Credentials\TemporaryCredentials, null given

yesterday also it worked good, this error came suddenly and i didn't changed any code regarding twitter login.