Can I use this bundle for Laravel projects, or is it strictly for Symfony?

This bundle is designed for Symfony applications using FOSUserBundle and isn’t natively compatible with Laravel. You’d need to adapt it or use a Laravel-compatible OAuth2 package like `socialiteproviders/vkontakte` instead. The bundle relies heavily on Symfony’s security components, which Laravel doesn’t share.

What Laravel versions does this bundle support?

This bundle doesn’t support Laravel directly—it’s built for Symfony 3.x–5.x. For Laravel, you’d need to integrate a standalone OAuth2 client like `league/oauth2-client` or `socialiteproviders/vkontakte`, which work with Laravel 5.8+. The PHP 5.3+ requirement also conflicts with modern Laravel’s PHP 8.0+ needs.

How do I configure the provider chain in security.yaml for existing FOSUserBundle setups?

Add the `chain_provider` under `providers` in `security.yaml`, listing `fos_userbundle` and `vk_provider` in the `chain` array. Ensure `vk_provider` is defined with `id: vk.user.provider`. Example: `providers: chain_provider: chain: providers: [fos_userbundle, vk_provider]`. Double-check your existing FOSUserBundle configuration to avoid conflicts.

Why are the dependencies (vk-php-sdk, abstract-social-bundle) in dev-master? Is this safe for production?

Using `dev-master` dependencies is risky for production due to potential breaking changes, lack of versioning, and no formal release cycle. The bundle lacks stability guarantees, and the PHP 5.3+ constraint further increases risk. For production, consider forking the bundle to use stable versions or switching to alternatives like `league/oauth2-vkontakte` with proper dependency management.

Does this bundle support PKCE for single-page apps (SPAs) or mobile apps?

No, this bundle only supports the authorization code flow and does not include PKCE (Proof Key for Code Exchange). PKCE is required for SPAs and mobile apps to mitigate authorization code interception. For PKCE support, use a standalone OAuth2 library like `league/oauth2-client` or `socialiteproviders/vkontakte` instead.

How does the bundle handle user merging if a VK user already exists via another provider (e.g., Google)?

The bundle relies on FOSUserBundle’s default user provider logic for merging or linking accounts. If a VK user already exists, FOSUserBundle’s `UserManager` typically handles it via its `loadUserByUsername` or custom logic. However, explicit configuration may be needed in `security.yaml` or a custom `UserProvider` to define merge behavior. Check FOSUserBundle’s documentation for details.

Are there alternatives to this bundle for VK OAuth2 in Laravel/Symfony?

Yes. For Laravel, use `socialiteproviders/vkontakte` (a Laravel Socialite provider for VK). For Symfony, consider `league/oauth2-vkontakte` (part of `league/oauth2-client`) or `hybridauth/hybridauth`, which offer more stability, PKCE support, and active maintenance. These alternatives avoid `dev-master` dependencies and support modern PHP versions.

How do I handle VK API errors (e.g., rate limits, revoked tokens) in the frontend?

The bundle doesn’t explicitly document error handling, but you can extend the `VkUserProvider` or use Symfony’s event system (e.g., `AuthenticationFailureEvent`) to catch and log errors. For the frontend, ensure your login form validates responses and displays generic messages like ‘Login failed’ or ‘VK account not linked.’ Check the VK API’s error codes to customize handling.

Does this bundle support refresh tokens for VK OAuth2, and how are they managed?

The bundle’s documentation doesn’t mention refresh token support, and the underlying `vk-php-sdk` (dev-master) may not handle it. VK’s OAuth2 typically requires manual refresh token logic. For production, implement a refresh token flow using `league/oauth2-client` or extend the bundle’s `AccessToken` handling. Store refresh tokens securely in the user’s session or database.

What’s the maintenance status of this bundle? Is it actively updated or abandoned?

The bundle appears abandoned or minimally maintained, given its `dev-master` dependencies, lack of releases, and low adoption (2 stars, 0 dependents). There’s no visible roadmap or recent commits. For critical projects, avoid it unless you’re willing to fork and maintain it yourself. Alternatives like `league/oauth2-vkontakte` or `socialiteproviders/vkontakte` are better-supported options.

Weave Code

Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Vk Bundle Laravel Package

ailove-dev/vk-bundle

View on GitHub

Deep Wiki

Context7

vk authentication bundle via FOSUserBundle

Frequently asked questions about Vk Bundle

Can I use this bundle for Laravel projects, or is it strictly for Symfony?: This bundle is designed for Symfony applications using FOSUserBundle and isn’t natively compatible with Laravel. You’d need to adapt it or use a Laravel-compatible OAuth2 package like `socialiteproviders/vkontakte` instead. The bundle relies heavily on Symfony’s security components, which Laravel doesn’t share.
What Laravel versions does this bundle support?: This bundle doesn’t support Laravel directly—it’s built for Symfony 3.x–5.x. For Laravel, you’d need to integrate a standalone OAuth2 client like `league/oauth2-client` or `socialiteproviders/vkontakte`, which work with Laravel 5.8+. The PHP 5.3+ requirement also conflicts with modern Laravel’s PHP 8.0+ needs.
How do I configure the provider chain in security.yaml for existing FOSUserBundle setups?: Add the `chain_provider` under `providers` in `security.yaml`, listing `fos_userbundle` and `vk_provider` in the `chain` array. Ensure `vk_provider` is defined with `id: vk.user.provider`. Example: `providers: chain_provider: chain: providers: [fos_userbundle, vk_provider]`. Double-check your existing FOSUserBundle configuration to avoid conflicts.
Why are the dependencies (vk-php-sdk, abstract-social-bundle) in dev-master? Is this safe for production?: Using `dev-master` dependencies is risky for production due to potential breaking changes, lack of versioning, and no formal release cycle. The bundle lacks stability guarantees, and the PHP 5.3+ constraint further increases risk. For production, consider forking the bundle to use stable versions or switching to alternatives like `league/oauth2-vkontakte` with proper dependency management.
Does this bundle support PKCE for single-page apps (SPAs) or mobile apps?: No, this bundle only supports the authorization code flow and does not include PKCE (Proof Key for Code Exchange). PKCE is required for SPAs and mobile apps to mitigate authorization code interception. For PKCE support, use a standalone OAuth2 library like `league/oauth2-client` or `socialiteproviders/vkontakte` instead.
How does the bundle handle user merging if a VK user already exists via another provider (e.g., Google)?: The bundle relies on FOSUserBundle’s default user provider logic for merging or linking accounts. If a VK user already exists, FOSUserBundle’s `UserManager` typically handles it via its `loadUserByUsername` or custom logic. However, explicit configuration may be needed in `security.yaml` or a custom `UserProvider` to define merge behavior. Check FOSUserBundle’s documentation for details.
Are there alternatives to this bundle for VK OAuth2 in Laravel/Symfony?: Yes. For Laravel, use `socialiteproviders/vkontakte` (a Laravel Socialite provider for VK). For Symfony, consider `league/oauth2-vkontakte` (part of `league/oauth2-client`) or `hybridauth/hybridauth`, which offer more stability, PKCE support, and active maintenance. These alternatives avoid `dev-master` dependencies and support modern PHP versions.
How do I handle VK API errors (e.g., rate limits, revoked tokens) in the frontend?: The bundle doesn’t explicitly document error handling, but you can extend the `VkUserProvider` or use Symfony’s event system (e.g., `AuthenticationFailureEvent`) to catch and log errors. For the frontend, ensure your login form validates responses and displays generic messages like ‘Login failed’ or ‘VK account not linked.’ Check the VK API’s error codes to customize handling.
Does this bundle support refresh tokens for VK OAuth2, and how are they managed?: The bundle’s documentation doesn’t mention refresh token support, and the underlying `vk-php-sdk` (dev-master) may not handle it. VK’s OAuth2 typically requires manual refresh token logic. For production, implement a refresh token flow using `league/oauth2-client` or extend the bundle’s `AccessToken` handling. Store refresh tokens securely in the user’s session or database.
What’s the maintenance status of this bundle? Is it actively updated or abandoned?: The bundle appears abandoned or minimally maintained, given its `dev-master` dependencies, lack of releases, and low adoption (2 stars, 0 dependents). There’s no visible roadmap or recent commits. For critical projects, avoid it unless you’re willing to fork and maintain it yourself. Alternatives like `league/oauth2-vkontakte` or `socialiteproviders/vkontakte` are better-supported options.

Popularity trends

Recorded values over time (once-a-day snapshots). May 10, 2026 – Jun 8, 2026

GitHub · stars

GitHub · forks

GitHub · watchers

Packagist · monthly downloads

View on GitHub

Stars

Favorites

Forks

Score

0.0

Score breakdown

Sum of components, capped 0–100. Halved if archived.

Stars

input: 2

+0.0
Forks

input: 1

+0.0
Open issues + PRs

input: 0

+0.0
Releases

input: 0

+0.0
Recency

input: —

+0.0
Issue opportunity

input: 0

+0.0
Laravel News mentions

input: 0

+0.0
Dependents

input: 0

+0.0

Total 0.0

License

—

Watchers

Dependents

Open issues

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

apiboxsym/user-bundle

apiboxsym/health-check-bundle

jayeshmepani/jpl-moshier-ephemeris-php

elnasnato/laraliveui

labrodev/rest-sdk

sampaui/sampaui

babelqueue/php-sdk

facebook/capi-param-builder-php

babelqueue/symfony

hamzi/corewatch

minionfactory/raw-hydrator

hexters/coinpayment

rjcodes/rjcms

act-training/laravel-permissions-manager

alimarchal/laravel-chart-of-accounts

babenkoivan/elastic-scout-driver

mkwebdesign/filament-watchdog-v5

renatomarinho/laravel-page-speed

zedmagdy/filament-business-hours

renatovdemoura/blade-elements-ui