composer require socialiteproviders/steamPlease see the Base Installation Guide, then follow the provider specific instructions below.
'steam' => [
'client_id' => null,
'client_secret' => env('STEAM_CLIENT_SECRET'),
'redirect' => env('STEAM_REDIRECT_URI'),
'allowed_hosts' => [
'example.com',
]
],Set this for protect against authorization domain spoofing. When the user returns from the Steam login page, along with the OpenID validation, the return_to parameter will be checked against the available domains in allowed_hosts.
If you don't specify the setting, then fraudsters have the opportunity to enter the application under other users
Issue resolved in SocialiteProviders/Providers#817
By default this protection is disabled. It will only be active when allowed hosts is not equal to an empty array.
Set this property to force HTTPS scheme when redirecting from Steam OAuth.
If you do not set it, the scheme will be inferred from your server settings.
'steam' => [
'client_id' => null,
'client_secret' => env('STEAM_CLIENT_SECRET'),
'redirect' => env('STEAM_REDIRECT_URI'),
'force_https' => true, // This will force HTTPS scheme
'allowed_hosts' => [
'example.com',
]
],Configure the package's listener to listen for SocialiteWasCalled events.
Add the event to your listen[] array in app/Providers/EventServiceProvider. See the Base Installation Guide for detailed instructions.
protected $listen = [
\SocialiteProviders\Manager\SocialiteWasCalled::class => [
// ... other providers
\SocialiteProviders\Steam\SteamExtendSocialite::class.'@handle',
],
];You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed):
return Socialite::driver('steam')->redirect();idnicknamenameavatar