Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Return the access token and the user when authenticating using Passport and Laravel

I am creating an API using Laravel 5.4 and Passport. The API authorization is done using Password grant type.

Below is a sample request:

$http = new GuzzleHttp\Client;
$response = $http->post('http://your-app.com/oauth/token', [
  'form_params' => [
     'grant_type' => 'password',
     'client_id' => 'client-id',
     'client_secret' => 'client-secret',
     'username' => '[email protected]',
     'password' => 'my-password',
     'scope' => '',
   ],
]);

return json_decode((string) $response->getBody(), true);

This will send a POST request to '/oauth/token' with the following response:

{
  "token_type": "Bearer",
  "expires_in": 3155673600,
  "access_token": "eyJ0eXAiOiJK...",
  "refresh_token": "LbxXGlD2s..."
}

What I want is to get a response including the authenticated user as shown below:

[
  data:{
     name: Jhon,
     email: [email protected],
     address: ASDF Street no.23
  },
  token{
     "token_type": "Bearer",
     "expires_in": 3155673600,
     "access_token": "eyJ0eXAiOiJK...",
     "refresh_token": "LbxXGlD2s..."
  }
]

What I already did was alter the PasswordGrant file at line 65

vendor/league/oauth2-server/src/Grant/PasswordGrant.php

$responseType->setAccessToken($accessToken);
$responseType->setRefreshToken($refreshToken);
return $responseType;

I hope someone can help me, and tell me how to resolve this, thank you.

like image 747
Egi Avatar asked Apr 14 '17 13:04

Egi


People also ask

How can I get token in Laravel Passport?

Requesting Tokens Once you have created a password grant client, you may request an access token by issuing a POST request to the /oauth/token route with the user's email address and password. Remember, this route is already registered by the Passport::routes method so there is no need to define it manually.

How does Laravel Passport authentication work?

Laravel Passport is an easy way to set up an authentication system for your API. As a Laravel package, it uses an OAuth2 server to perform authentication, creating tokens for user applications that request to interface with the API it protects, and only granting them access if their tokens are validated.

What is Passport token in Laravel?

Laravel Passport is an OAuth 2.0 server implementation for API authentication using Laravel. Since tokens are generally used in API authentication, Laravel Passport provides an easy and secure way to implement token authorization on an OAuth 2.0 server.

How can I check my Passport token is valid or not in Laravel?

If you don't want to use the Passport middleware in the project where you want to validate the tokens, you would have to create an endpoint in the Laravel Passport server that can accept the token, perform the usual Passport validation and return a response to your service.


1 Answers

You could write an (after-) middleware that takes the original response and transforms it to be the way you want it to be. But be aware that all other Passport middleware (CheckClientCredentials, CheckScopes, CreateFreshApiToken, etc...) probably depends on that specific format and will have to be adapted as well.

like image 76
Christoph Float Avatar answered Oct 14 '22 23:10

Christoph Float