Adventures in OAuth with Laravel 4.1

I’ve been playing with Laravel 4.1 recently for a project and I wanted to allow people to login using their various social media accounts (I’ve opted on the “big 3″, Twitter, Google and Facebook). As it turned out, it’s been a bit of a chore due to a lack of clear documentation and examples, but I’ve managed to figure it all out and thought I’d share with the rest of the class.

In order to do the oauth, I used the artdarek/oauth-4-laravel package. However, the latest version of this package at the time of writing uses an older version of the lusitanian/oauth package. This is a problem because Google are currently changing how their scopes work and this new methodology is only supported in the newer versions of the package. In order to make sure I was using a package with the correct version of lusitanian/oauth, I used this fork from github:

In order to use this, I needed to set a custom repository in my composer.json so it would use the fork in preference to the mainline version:

From this point, it’s relatively simple to use the oauth-4-laravel package. You just need to sign up to the various places to get your OAuth client keys and secrets. For twitter, that’s, for Facebook it’s and creating an app (once you’ve done that, you can get your app ID and secret). For Google, go to the developer console and create an app.

The basic usage instructions for oath-4-laravel are more or less fine, but I found the Google auth failed for me unless I made some changes:

For a decent twitter example, you can look at the tickets on the oauth-4-laravel github. This one is quite helpful:

Finally, nothing tells you how to handle errors or the user cancelling an authorisation request. By default, the examples end up redirecting back to the same URL that started the request, making it look like you app want take no for an answer. Sadly, not all the services respond to cancellations/errors in the same way, but here is what I did for the ones I used:

Put the relevant code in the same place where you first grab the auth code (i.e. the call to Input::get(“code”)) and now you can handle cancelled auths.

Hopefully that’s enough to help kickstart your work with OAuth in Laravel. I wish these things were clear when I started on it!


I do not deal well with stress. I’m generally a pretty chilled out person, due to a combination of overwhelming cynicism, apathy and lack of basic, human empathy. Okay, that might be a bit of an exaggeration, but I do have an astounding ability to truly not give a shit about a great many things.

However, that stress does affect me, but rather than taking immediate effect, it builds up over time until it eventually reaches toxic levels, as my IBS will gladly attest. Furthermore, being around other stressed people makes me stressed out, even if their problems don’t directly affect me. Stress is one of those horrible toxic things, like radiation, the invisible killer that seems to spread and taint everything it touches.

These last few weeks have been full of fun, beyond the usual pressure to meet deadlines. Left my card at home when paying for fuel for the car, leaking plumbing resulting in fixes needing to be done and mold dealing with, broken fridge-freezer needing replacement, surrounded by stressed people at work due to an event, and also surrounded by them at home as my wife preps for the event herself and consequently is stressed. Knowing I’m going to be alone for a week (on top of dealing with these last minute broken fridge issues), plus the organisational stuff for the projects I’m working on in my own time. The weight of the flat losing £20k in value and a whole bunch of other little things have all mounted up to just making things very hard to deal with.

Naturally, the first instinct is to blame oneself for being too weak and pathetic to just deal with it, which surprise-surprise brings another delightful helping of stress. Oh, ability to not give a fuck, where art thou?

But I soldier on I guess. Not everything is bad, even though it seems overwhelming negative at the moment. Good things are on the horizon, probably, if you squint hard enough.

You may remember I was a technical reviewer on a book for Packt a while back (I’ve also reviewed another book that’ll hopefully be out soon for them). Well, they recently published their 2000th book so they’ve started another offer – unlimited buy one, get one free on their ebook range (which is effectively their entire library). If you want to pick up some ebooks on the cheap, now is the time to do it.

Their 2000th book is one about Dart, which funnily enough I’ve been pretty interested in picking up myself. Dart is another language by Google, one that compiles to javascript, but can also be used directly by the DartVM both server-side and in the browser. Notch of Minecraft fame made a WebGL game using it recently for Ludum Dare, you can watch the video on twitch.

It’s Good to be Back

Finally after an extended hiatus, we’re back playing a roleplaying game again! We’ve returned to Numenera, but sadly due to a number of dropouts, we decided to start a fresh campaign with new characters. I’m in the driving seat again as GM and we kicked off the adventure with one of the PCs already captured in a slavers caravan heading to Rarmon in the Pytharon Empire. The other two PCs, trying to cross the Empire on their way to Nihliesh, ended up captured as well after a bit of a scuffle and negotiation.

The group this time around is made up of an ageing cyborg – a Wise Glaive who Fuses Flesh and Steel and a pair of mutants, one a man on fire with adhesive hands and a knack for resisting attacks on his mind – a Mutant Nano who Bears a Halo of Fire and a slow, lumbering woman with prehensile dreadlocks, telekinetic abilities and a robust digestion system, with a strangely absent past – a Mutant Nano who Isn’t. It’s particularly interesting for me this time around because I wrote the “Isn’t” focus, so it’s good to see it play-tested outside my own solo test scenarios. “Wise” also comes from as does our Firey Nano’s “Very smart” mutation that grants him his armour versus psychic attacks and the female mutant’s “robust digestion”. It’s going to be fun to put some of the communities additions through their paces.

The session last night was really only meant to be a quick character generation session and maybe a quick dip into the game to establish a few things. Suddenly midnight arrived and the group had caused a mass-slave escape in the Slaver’s Markets of Rarmon. Riots and looting ensued. It was a great session and the Isn’t focus played out really well, the ‘Absent Esoteries’ effect adding a lot of fun to the actions going on throughout the groups bid for freedom. Really looking forward to the next game.

Since we dropped the old campaign, I let slip some of the behind-the-scenes things that were happening. They’d unshackled an AI they’d dealt with before, started the beginnings of a Magyr holy war and depending on their actions (though probably, considering) the King of Ghan was going to be assassinated and they’d likely be implicated, plus it was the first step on the Jagged Dream’s plan to instigate a huge war between the Beyond and the Steadfast. Fun times!


I’ve very much enjoyed learning and working with Google’s Golang recently. For those unfamiliar with it, it’s a new, open-source programming language from Google. It’s very similar to C in many way, but it’s like C in ‘easy mode’. It’s got garbage collection, it’s compiler is smart enough to figure out what you mean most of the time without you needing to constantly give it hints by declaring your variable types before hand or constantly peppering your source code with semi-colons. It’s strongly typed, but supports interfaces and type-inference allowing you many of the strengths and benefits of more dynamically-typed languages. It compiles to a single static binary with no external dependencies and it’s cross-compiling is excellent and easy to use.

The best feature by far though is how the language just gets out of your way and lets you actually achieve things you want to achieve. Every issue I’ve ever had with it so far has never been down to some stupid issue with the language or some need to set up complex, complicated bootstrapping code, but my own fault, usually some tiny issue in my own code that I couldn’t see because I was too close to it. I also like the fact that it will allow you to take control if you need to. You can deliberately bypass it’s garbage collection and type-safety features by explicitly stating you are going to use unsafe code (which makes it easy to track down where the bugs are coming from since the source clearly states when it’s entering ‘here be dragons’ territory). I’ve not needed to do this, nor have I spent any time integrating with external C libraries (which apparently is also quite easy) but having that flexibility there if I need it is nice – easy mode is great, but only if you can drop under the hood when you need to.

In Go, my main big project has been an IRC bot for G3 Radio called Leader-1, because making a pun name inspired by terrible 80s cartoons is pretty much mandatory. AT first it had a few issues where I was still learning go and the third-party libraries I was using were having issues as well. However, from knowing effective 0 Go, over the course of maybe 40 hours total dev time, I’ve built a nice bot that scriptable using javascript, has a built-in webserver for debugging and seems pretty rock solid. That also includes the time I’ve spent contributing patches to the IRC library I’m using.

I’ve also written a re-implementation of a javascript ‘image glitcher‘ as a command line application I imaginatively called glitch. That was probably my first ever Go app and it works reasonably well.

It’s been a lot of fun learning the language, getting back into writing strongly-typed code after having spent the last 6-8 years mostly in the dynamically-typed world of Ruby, PHP and Javascript. If you are looking for a language for a new challenge, I’d highly recommend Go, it’s great fun.

However, Go isn’t perfect. It’s standard library, while full of great stuff, also has some foibles I’m not too pleased with. The net/http library and the net library in general doesn’t have many sane defaults, meaning the simple ‘works out of the box’ quick start methods are mostly useless for anything serious and you’re required to do a lot of work to get something realistically usable. For example, those libraries do not set timeouts by default and setting them for a http server or client means setting up a complete custom net connection to use. Net connections also don’t get tracked in anyway, meaning if you want to do a forced disconnect for shutting down a particular net service your app is running (like the temporary http debug server in my IRC bot), you can’t because you either have to tracking of existing connections and no way to close them all immediately. There are a lot of rough edges like that, but luckily they are all easy to workaround, if a little frustrating. Since Go is still fairly new, I expect many of these issues to be resolved in the near future.

Machine of Death – Putting the Fun in Murderfun

What seems like an age ago, I backed a kickstarter campaign for the Machine of Death card game. For those unfamiliar with the Machine of Death, it’s a simple premise.

The machine had been invented a few years ago: a machine that could tell, from just a sample of your blood, how you were going to die. It didn’t give you the date and it didn’t give you specifics. It just spat out a sliver of paper upon which were printed, in careful block letters, the words DROWNED or CANCER or OLD AGE or CHOKED ON A HANDFUL OF POPCORN. It let people know how they were going to die.
Machine of Death – About

That premise spawned two books of short stories and artwork and, finally, this card game!

The game is quite simple and is based more around collaborative story-telling than being competitive with each other. I’ve played it in two different ‘modes’, the classic assassination mode where you collaboratively take on contracts from a mission book (or make up targets of your own) and then proceed to assassinate them and a mode the rules bill as ‘Psychopath mode’, which plays a lot like Cards Against Humanity except with less wrong and more murder.

The classic mode felt a little complex at first, what with setting up different decks of cards and figuring out the order of things. However, once we got to grips with it, the game was a lot of fun. Essentially, play would revolve around us selecting a target and their predicted death, after which we would then draw 3 items from our pool of cards with which we had to achieve the murder. Then, we up-turned the timer and rushed to use each item. Whether we succeeded or not was based on dice rolls against target numbers which we decided earlier, based on our pre-agreed plan of attack. If we succeeded in using all our items, job done! The extra fun came in when we failed and our pre-made plan went to shit. We can to draw a card, work out how to achieve our goals with the new item, and then carry on.

We had to do all this in 90 seconds.

Naturally, this results in crazy, madcap rushes and poorly made hacks on the fly. Any remaining time on the clock was for dealing with the aftermath of the murder and trying to gain bonus cards by achieving aftermath goals, which would make life easier for future missions.

In a few games we ran out of cards and failed, in others we never completed a mission in time and failed too, though winning our way through a set of 4 targets from the mission book was a great feeling. We tried our hand at ‘endurance mode’, which basically was continuing on as long as possible, rather than ending the game on a win at 4 murders. So far our record is 6.

Psychopath mode was incredible and I really enjoyed it. The basic premise of the game is that each player is a psycho with 5 hostages, each with a ‘death card’. Each round, a psycho grabs a random item (one of the item cards) and uses that to go on a murder spree. The other players put forward one of their hostages as a likely candidate to be killed by that weapon in a way that satisfies their death card and essentially lobby the killer as to why their hostage should be killed. The killer chooses their favourite and awards the player their item card. The next player becomes the killer and everyone draws death cards back up to a hand of five. The first to 5 item cards wins.

We had some great, ridiculous stories grow out of this game, especially when we decided to try and be as abstract as possible with the item cards. We had one situation where the killer was using an ‘artifact’ to murder people and defined that as a JPEG artifact. I played mannequin as my death card and made the following pitch:

You send the target to a particular place on google maps where they see a strange rendering artifact on the map. They scroll in, closer, curious. Closer, the artifact begins to form into a corrupted shape, than a humanoid as they scroll and zoom deeper. Soon it’s clear it’s a mannequin but as they scroll closer they see a face, their own on the impossibly contorted figure, screaming it’s eternal torment from the abyss of the screen into their very souls, sending them spiralling into endless horror until their heart gives out and they die.

Yeah, I won that round.

All in all, I’ve really enjoyed playing the game so far ad am looking forward to playing it some more! If you enjoy improv and collaborative games and have a dark sense of humour (murder-ha-ha!) then I highly recommend it!

I’ve written some more Numenera content over at The Ninth World, two things of which I’m particularly proud of. The first one is The Flense, a creature encounter inspired by Neal Asher’s Hooders and some veritable nightmare fuel for players. The other one is a focus built around an existential crisis, ceasing the exist as if reality itself rejects your existence. I’m looking forward to using both in my campaign, speaking of which, you can keep up to date with what is happening in it over on it’s Obsidian Portal page, Voice of the Wind.


Hard Choices: Running Multiple Campaigns in Parallel


Instant Chef


The Flense