Complete guide to implementing OAuth integrations in OpnForm with architecture overview, flow diagrams, and step-by-step implementation
api/app/Http/Controllers/Auth/OAuthController.php
)auth
vs integration
flowsapi/app/Service/OAuth/OAuthUserService.php
)api/app/Service/OAuth/OAuthProviderService.php
)OAuthDriver
interface:
WidgetOAuthDriver
:
/oauth/connect/{provider}
with intent=auth
/oauth/{provider}/callback
AuthenticationStrategy
handles user creation/loginintention
and autoClose
settings in cacheOAuthProvider
recordsuseWindowMessage
composable for cross-window communication:
useOAuth
)Create OAuth Driver
auth
vs integration
intents using the OAuthController::INTENT_AUTH
and OAuthController::INTENT_INTEGRATION
constants. Auth scopes should be minimal (just enough for user identification), while integration scopes should include all permissions needed for the provider’s functionality.Register in Provider Service
Configure Services
api/config/services.php
:.env.example
:Install Socialite Provider
composer.json
:api/app/Providers/EventServiceProvider.php
:Add Frontend Service Definition
Add Feature Flag
Test the Integration
Add Integration Handler (Optional)
getDatabaseProvider()
method in the enum:
WidgetOAuthDriver
:
Provider not appearing in frontend
FeatureFlagsController
useOAuth
services listOAuth redirect URL mismatch
redirect
URL in config/services.php
matches provider configurationAPP_URL
environment variable is correctScopes not working correctly
getScopesForIntent()
method returns correct scopesWidget authentication failing