How to add external OAuth provider (e.g. Google)?

[dreamsbond]

I came to a use case that,

i need limoncello-php to get authorization from external oauth provider, i.e. google.

how to achieve it?

or is there there any workaround i could get one limoncello-app authorize with another limoncello-app oauth?

thanks

[neomerx]

You can do both. I'll post how-to for authentication with Google later, hopefully, tomorrow.

[neomerx]

https://github.com/limoncello-php/framework/blob/develop/docs/101.How_to_add_Google_auth.md

[neomerx]

Does it work for you?

[dreamsbond]

Does this approach also applies to a limoncellop-app authenticating from another limoncello-app OAuth pacakge?

[neomerx]

Yes, limoncello has built-in OAuth 2.0 Server and support all 4 granting schemes defined in RFC 6749. You will need to register your clients in limoncello server and specify how authentication should work (similar to Google or any other OAuth 2.0 servers). There is API for that but currently no GUI.

[dreamsbond]

I saw it was done in WebRoute no need to change in APIRouter, right?

[neomerx]

Both authentication schemes for Web and API are almost identical. The only major difference is how the auth token is sent between the browser and the server. For web, it's sent in cookies but for API in headers. The example above sends the token in a cookie (which is totally OK for all web requests and API requests may also send it). Do you want to get the secret token via the header as well? No problem. Just add it to a header in \App\Web\Controllers\AuthController::authenticateUserById and expect in browser app (javascript) the token value in the header, then save it.

[neomerx]

Or, if you only use API from the browser, do not POST it in onSignIn but instead send it via API and get the auth token from API controller.

PS As you see there are many ways to do it and so you can choose the optimal for your use case.