Can I use this bundle directly in Laravel without Symfony?

No, this bundle is designed for Symfony and depends on FOSOAuthServerBundle. For Laravel, you’ll need to adapt it using the Symfony Bridge (e.g., `spatie/laravel-symfony-support`) or replace its functionality with Laravel’s native OAuth2 libraries like `laravel/passport` or `typhon/oauth2-server`.

How do I validate Facebook tokens in Laravel without this bundle?

Use the `facebook/graph-sdk` package to validate tokens. Create a service like `FacebookTokenValidator` that checks token validity by calling Facebook’s `/me` endpoint with the provided token. Handle exceptions for invalid or expired tokens.

What’s the best way to map Facebook users to Laravel’s User model?

Create a custom `FacebookUserProvider` service that queries your `users` table for a `facebook_id` match. If no user exists, create one with Facebook’s profile data (e.g., `name`, `email`). Store the Facebook ID in your Laravel user model for future lookups.

Does this bundle support Laravel Passport?

No, this bundle is built for FOSOAuthServerBundle. To integrate with Laravel Passport, you’d need to manually implement a custom grant type in Passport’s `Grant` system or use a middleware to validate Facebook tokens before issuing Passport tokens.

How do I handle new Facebook users who don’t exist in my Laravel database?

Extend your `FacebookUserProvider` to include logic for creating new users. Use Facebook’s `/me` endpoint to fetch user details (e.g., `id`, `name`, `email`), then create a Laravel user with these fields. Add a `facebook_id` column to your `users` table for future authentication.

What Laravel versions does this bundle support?

This bundle itself doesn’t support Laravel—it’s for Symfony. However, you can adapt its logic to Laravel 8.x–10.x by using the Symfony Bridge or rewriting the OAuth2 flow with Laravel’s ecosystem (e.g., Passport, Typhon OAuth2). Ensure your Laravel version supports the chosen OAuth2 library.

Is there a performance impact from validating Facebook tokens on every request?

Yes, validating tokens via Facebook’s API adds latency. Mitigate this by caching validated Facebook user data (e.g., store the `fb_id` and user details in Laravel’s `users` table after the first validation). Use Laravel’s cache system to reduce repeated API calls.

What if Facebook SSO fails? Can I fallback to email/password login?

Yes, design your authentication flow to handle failures gracefully. If Facebook token validation fails, redirect users to a traditional login form or use Laravel’s `Auth::attempt()` for email/password authentication. Log failures for debugging.

How do I secure the Facebook token exchange endpoint in Laravel?

Protect the endpoint with Laravel middleware (e.g., `auth:api`). Validate the `facebook_access_token` parameter strictly, and ensure the client ID/secret are passed securely (e.g., via HTTPS). Use Laravel’s `Hash` facade to verify secrets if needed.

Are there alternatives to this bundle for Laravel?

Yes. For Laravel, consider `laravel/socialite` (for OAuth2 auth) or build a custom solution using `facebook/graph-sdk` + `laravel/passport`. Libraries like `typhon/oauth2-server` also support custom grants. Avoid Symfony bundles unless using the Symfony Bridge.

Weave Code

Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Oauth2 Facebook Grant Bundle Laravel Package

adrienbrault/oauth2-facebook-grant-bundle

Symfony bundle that adds a Facebook access-token grant to FOSOAuthServerBundle. Lets your API exchange a valid Facebook token for an OAuth2 access token, resolving the user via a custom Facebook user provider for mobile/SSO logins.

View on GitHub

Deep Wiki

Context7

At a glance

Frequently asked questions about Oauth2 Facebook Grant Bundle

Can I use this bundle directly in Laravel without Symfony?: No, this bundle is designed for Symfony and depends on FOSOAuthServerBundle. For Laravel, you’ll need to adapt it using the Symfony Bridge (e.g., `spatie/laravel-symfony-support`) or replace its functionality with Laravel’s native OAuth2 libraries like `laravel/passport` or `typhon/oauth2-server`.
How do I validate Facebook tokens in Laravel without this bundle?: Use the `facebook/graph-sdk` package to validate tokens. Create a service like `FacebookTokenValidator` that checks token validity by calling Facebook’s `/me` endpoint with the provided token. Handle exceptions for invalid or expired tokens.
What’s the best way to map Facebook users to Laravel’s User model?: Create a custom `FacebookUserProvider` service that queries your `users` table for a `facebook_id` match. If no user exists, create one with Facebook’s profile data (e.g., `name`, `email`). Store the Facebook ID in your Laravel user model for future lookups.
Does this bundle support Laravel Passport?: No, this bundle is built for FOSOAuthServerBundle. To integrate with Laravel Passport, you’d need to manually implement a custom grant type in Passport’s `Grant` system or use a middleware to validate Facebook tokens before issuing Passport tokens.
How do I handle new Facebook users who don’t exist in my Laravel database?: Extend your `FacebookUserProvider` to include logic for creating new users. Use Facebook’s `/me` endpoint to fetch user details (e.g., `id`, `name`, `email`), then create a Laravel user with these fields. Add a `facebook_id` column to your `users` table for future authentication.
What Laravel versions does this bundle support?: This bundle itself doesn’t support Laravel—it’s for Symfony. However, you can adapt its logic to Laravel 8.x–10.x by using the Symfony Bridge or rewriting the OAuth2 flow with Laravel’s ecosystem (e.g., Passport, Typhon OAuth2). Ensure your Laravel version supports the chosen OAuth2 library.
Is there a performance impact from validating Facebook tokens on every request?: Yes, validating tokens via Facebook’s API adds latency. Mitigate this by caching validated Facebook user data (e.g., store the `fb_id` and user details in Laravel’s `users` table after the first validation). Use Laravel’s cache system to reduce repeated API calls.
What if Facebook SSO fails? Can I fallback to email/password login?: Yes, design your authentication flow to handle failures gracefully. If Facebook token validation fails, redirect users to a traditional login form or use Laravel’s `Auth::attempt()` for email/password authentication. Log failures for debugging.
How do I secure the Facebook token exchange endpoint in Laravel?: Protect the endpoint with Laravel middleware (e.g., `auth:api`). Validate the `facebook_access_token` parameter strictly, and ensure the client ID/secret are passed securely (e.g., via HTTPS). Use Laravel’s `Hash` facade to verify secrets if needed.
Are there alternatives to this bundle for Laravel?: Yes. For Laravel, consider `laravel/socialite` (for OAuth2 auth) or build a custom solution using `facebook/graph-sdk` + `laravel/passport`. Libraries like `typhon/oauth2-server` also support custom grants. Avoid Symfony bundles unless using the Symfony Bridge.

Popularity trends

Recorded values over time (once-a-day snapshots). Apr 15, 2026 – May 14, 2026

GitHub · stars, forks, watchers

Stars Forks Watchers

Packagist · monthly downloads

Ecosystem · dependents

View on GitHub

Stars

Favorites

Forks

Score

0.1

Score breakdown

Sum of components, capped 0–100. Halved if archived.

Stars

input: 4

+0.0
Forks

input: 2

+0.1
Open issues + PRs

input: 0

+0.0
Releases

input: 0

+0.0
Recency

input: —

+0.0
Issue opportunity

input: 0

+0.0
Laravel News mentions

input: 0

+0.0
Dependents

input: 0

+0.0

Total 0.1

License

—

Watchers

Dependents

Open issues

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

comsave/common

alecsammon/php-raml-parser

chrome-php/wrench

lendable/composer-license-checker

typhoon/reflection

mesilov/moneyphp-percentage

mike42/gfx-php

bookdown/themes

aura/view

aura/html

aura/cli

povils/phpmnd

nayjest/manipulator

omnipay/tests

psr-mock/http-message-implementation

psr-mock/http-factory-implementation

psr-mock/http-client-implementation

voku/email-check

voku/urlify

rtheunissen/guzzle-log-middleware