๐Ÿ‘จโ€๐Ÿ’ป
Socialstream
  • Introduction
  • โฎ๏ธPrologue
    • Release Notes
    • Upgrade Guide
      • Upgrading to v6 from 5.x
      • Upgrading to v5 from 4.x
      • Upgrading to v4 from 3.x
      • Upgrading to v3 from 2.x
      • Upgrading to v2 from 1.x
    • Contribution Guide
  • ๐Ÿ”‘Getting Started
    • Installation
    • Configuration
    • Customization
      • Socialite Redirect
      • Resolving Users
      • Handling Invalid State
      • Handling OAuth Errors
      • Authenticating Users
  • ๐Ÿš€Features
    • Remember Session
    • Refresh Expired Tokens
    • Provider Avatars
    • Global Login
    • Register from Login
    • Missing Emails
    • Auth Existing Unlinked Users
    • Login on Registration (deprecated)
  • ๐Ÿงพguides
    • Standalone Installation
    • Filament with Jetstream
    • Filament with Breeze
    • Laravel Passport
    • Socialite Providers
    • Overriding Fortify's Authentication
  • ๐Ÿ”—Links
    • View Code On GitHub
    • About Me
    • Contribute
    • Donate
Powered by GitBook
On this page

Was this helpful?

  1. Features

Refresh Expired Tokens

PreviousRemember SessionNextProvider Avatars

Last updated 1 year ago

Was this helpful?

As of Socialstream v4.1.0, socialstream will now automatically check and refresh expired access tokens when they're retrieved from the database. To do this, socialstream uses the client_id and client_secret values stored in your applications services.php config file.

This may slow down your application depending on any delays in the request to the providers OAuth server.

This feature is enabled by default, to disable this feature, simply remove it from the features array inside your socialstream.php config file:

Features::refreshOauthTokens()

You may wish to customise the logic behind refreshing an expired token, to do this, you can provide a closure to the Socialstream::refreshesTokensForProviderUsing() method from within the boot method of your applications AppServiceProvider. For example, for GitHub, this would look like the following:

Socialstream::refreshesTokensForProviderUsing('github', function (ConnectedAccount $account) {
    $response = Http::asForm()->post(...);

    return new RefreshedCredentials(
        token: $response['access_token'],
        refreshToken: $response['refresh_token'],
        expiry: now()->addSeconds($response['expires_in']),
    );
});

Alternatively, you may provide the method with the FQN of a resolver class. This class must extend the base provider class from either Laravel Socialite, or the Socialite Providers package you are using. For example, if you were to use the Reddit provider from , you may define a class for refresh Reddit Oauth tokens and use that instead:

<?php

namespace App\RefreshTokenProviders;

use GuzzleHttp\RequestOptions;
use JoelButcher\Socialstream\Concerns\RefreshesOauth2Tokens;
use JoelButcher\Socialstream\Contracts\Oauth2RefreshResolver;
use SocialiteProviders\Reddit\Provider as RedditProvider;

class RedditOauth2RefreshResolver extends RedditProvider implements Oauth2RefreshResolver
{
    use RefreshesOauth2Tokens;

    public function __construct()
    {
        parent::__construct(
            request: request(),
            clientId: config('services.reddit.client_id'),
            clientSecret: config('services.reddit.client_secret'),
            redirectUrl: '',
        );

        $this->guzzle = [
            RequestOptions::AUTH => [$this->clientId, $this->clientSecret],
        ];
    }
}

You would then add the following to the boot method of your applications AppServiceProvider:

Socialstream::refreshesTokensForProviderUsing('reddit', RedditOauth2RefreshResolver::class);
๐Ÿš€
socialiteproviders/reddit