Implementing OAuth2

I had to implement an OAuth2 server on my application. Easy, with the great oauth-server-laravel module. But on Laravel 5.2 I had some issue in correctly routing the requests. Or, to be more precise, on routing as desired.

Required behaviour: use the auth-code flow (already implemented on the client part), but do not display the addictional screen to require confirmation for the access of the client application (as long it is a trusted client, and the only one to have a valid id/secret). More difficult: the routing suggested in the documentation didn't worked as expected.

In the end, I merged a pair of routing rules and added the web middleware (which, among other things, starts the user session, otherwise it appears always not autheticated).

The final result for routes.php:

Route::get('oauth/authorize', ['as' => 'oauth.authorize.get', 'middleware' => ['check-authorization-params', 'web', 'auth'], function() {
        $authParams = Authorizer::getAuthCodeRequestParams();
        $authParams['user_id'] = Auth::user()->id;
        $redirectUri = Authorizer::issueAuthCode('user', $authParams['user_id'], $authParams);
        return Redirect::to($redirectUri);
}]);

Route::post('oauth/access_token', function() {
        return Response::json(Authorizer::issueAccessToken());
});