Closed Mat-Hartje closed 3 months ago
Another lower effort option would be to update the docs to callout that this is something that needs to be handled
something like:
Route::get('/auth/callback', function () {
if (request()->query('error')) {
// handle errors: https://www.oauth.com/oauth2-servers/server-side-apps/possible-errors/
}
$user = Socialite::driver('github')->user();
// $user->token
});
Thanks @Mat-Hartje. I think adding this to the docs is a good idea so feel free to attempt a PR 👍
Socialite Version
5.14.0
Laravel Version
11.10.0
PHP Version
8.2
Database Driver & Version
No response
Description
The oAuth provider can at times return errors (in my experience, this is most commonly due to the end user, declining to share their information with the requesting app)
Documentation: https://www.oauth.com/oauth2-servers/server-side-apps/possible-errors/
When this happens, I would expect Socialite to gracefully handle this. For example, it could throw an explicit error similar to what it does for Invalid State.
Instead things end up failing with a Guzzle exception due to a 400 Bad Request
Steps To Reproduce
/my_redirect_uri?error=access_denied&state=...
Socialite::driver($provider)->user()
as recommended in the docs, it will throw a random guzzle exception with the 400 error above