I recently have been trying to work up a side project using Laravel to download and display the information from my YouTube video playlists, using an API which requires OAuth2 authentication. The last time I played with something like this was years ago, and they only required an application key, not the full blown login. As for OAuth2, I have either worked with it a little with software to make a provider, or with software to make a client use it for regular authentication, but not for going further and consuming that authentication for authenticating for accessing a foreign API, so I had a few gaps to address. So I did what any developer does, and turned to the Internet.
In my search, I found two "demos", one for accessing Google Drive as an API through a Laravel API, and one which accessed YouTube through a application, originally through a stand-alone PHP application, which was later bodged into a Laravel application. The problem is, neither of these was a good implementation.
The first was incomplete, and rather dated at 4 years, using Laravel 8 (Laravel 12 was just released), and worst of all, did not provide any front-end code to drive things... the demo was being driven by doing cut and pastes of URLs using a browser or something like Postman/curl. In my opinion, it would have been far better to provide the rest of the application, which could have shown all of the pieces working together, to show the consumption and use of the local API authentication. It was just mostly a copy of the sample snippets from Google wrapped into a Laravel API, and there were also missing steps and errors in the code. The one thing it did do well, however, was to separate out functionality into separate methods, to follow the principles of DRY (Don't Repeat Yourself) and having methods do one thing and do that one thing well.
As for the second, while the non-framework implementation of the application was decent, if limited, it did not separate things out well. And when converted to Laravel in an add-on video, it really became a bodge job. The single endpoint was crammed into a single controller method in a Laravel, which handled "authentication" through parameters present in the query, and a single view conditionally displayed the link to authenticate or deauthenticate with Google. In all, it struck me as typical code from some college prof, which was reinforced by the video showing various Google accounts mentioning an Ivy league school. (I have seen horrible code produced by professors, who have tried to do things like claim that UDP did not potentially reorder packets even though that is clearly stated in the RFC specifications which they were shown).
So now, I will continue to search for the missing bits, and perhaps just write things myself. And as for those saying "use AI", realize that my experience with AI is just as bad, as it uses things like this to train the models, and incorporates the incomplete code, complete with errors directly into what it uses to give to unknowing, less knowledgeable users.