API based on Lumen with Google, Facebook, LinkedIn OAUTH implementation ideas

Hi Jeffrey,

I am interested into getting your best way of doing OAUTH for an API service built on Lumen. Let me describe a little.

I will like to create a web service api based on lumen. The user interface will be completely decoupled and can be a smartphone app, javascript app, etc. The api service will require authentication for some parts. Therefore, the users will need to login and pass the details in order to obtain an token (bearer). BUT, from the user interface app I will like to allow them to login via google, facebook, etc. (only oauth2) and then instruct the web service api to provide back the token. The thing is the api service should not expose any views but in order to keep it secure, I will like it to connect using the access token to the oauth2 provider and get the user details. based on this, will check the permissions and will authenticate the user and provide back the bearer token.

Passport will help me up to a point since I do not want to host an oauth2 server.

I think others might have this question too.

Please let me know what are your thoughts on this.

Thanks