Search code examples
laravellaravel-5.1laravel-socialite

Laravel 5 Socialite how to send rerequest (auth_type=rerequest) to Facebook

I am using Socialite for Facebook registration/authentication and it's working great when user accepts all the permissions on Facebook. But I have a problem when user declined one of the permission - especially the e-mail which is necessary in my application to create an account. If the user did it in a mistake and would still like to use Facebook authentication I have to send to Facebook API request with auth_type=rerequest

From Facebook Docs:

If someone has declined a permission for your app, the login dialog won't let your app re-request the permission unless you pass auth_type=rerequest along with your request.

Is there any way to send that by Socialite?

Solution

  • EDIT:

    I just found the solution:

    Add a new auth_type=rerequest parameter to the redirect(), to do so within your controller create a method where the user can be redirected after decline a permission, then set the method with() to append the rerequest parameter to the URL like so:

    public function redirect(Socialite $socialite)
{
    return $socialite->driver('facebook')->with(['auth_type' => 'rerequest'])->redirect();
}

    Another workaround as Socialite do not provide a ReRequest out of the box, for a while, so in this case, you de-authorize your app from the user Facebook account after receive the Socialite user response where the user has declined an email permission, then from the login page alerts the user that he must give you the permission to continue and loggin into in your app using Facebook, so the next time the user clicks in the login button he'll see again a Facebook dialog where he can give all permissions.

        /**@var \Laravel\Socialite\Two\User $retrieveUser*/
    $retrieveUser = $social->driver($provider)->user();
    $client = new \GuzzleHttp\Client;
    $response = $client->delete("https://graph.facebook.com/{$retrieveUser->id}/permissions",
        [
            'headers' => [
                'Accept' => 'application/json',
            ],
            'form_params' => [
                'access_token' => $retrieveUser->token
            ]
        ]
    );

    Because this workaround do not follow the Facebook best practices I also suggest you to use another package which has this option out of the box https://github.com/SammyK/LaravelFacebookSdk