Menu
I am very new to Laravel 5.3 passport ( oauth2 server )
Please let me know if this kind of job is available.
Supposed there are 4 servers (Apps). 1. Laravel Passport for authentication (App01, App02, App03, App04) 2. App01 3. App02 4. App03
Step 1 though Step 4 are sequential and let me know all the processing is available using Laravel passport
1.User John Doe access and login to App01. Laravel 5.3 passport create authentication token for him.
User John Doe access to App02 and log-in automatically ( SSO)
User John doe access to App03 and required to id and password, he manually input id, pw same for App02 and App03 and login successfully.
when user log out, all the apps ( App02, App03 ) is logged-off.
thank you for your precious reply.
818
Laravel Passport Single Sign On (SSO) for Your Application miniOrange provides a ready to use Single Sign On (SSO)solution for your application. This solution ensures that you are ready to roll out secure access to your application using Laravel Passport within minutes.
You can store this token in local storage. This token is also stored in the oauth_access_tokens table. We will be sending a GET request to your URL and we need to send it token as Authorization Header. Above way successive technologies can do API authentication in Laravel Application with a passport.
In addition to typical, form based authentication, Laravel also provides a simple, convenient way to authenticate with OAuth providers using Laravel Socialite. Socialite currently supports authentication via Facebook, Twitter, LinkedIn, Google, GitHub, GitLab, and Bitbucket.
Laravel automatically generates a CSRF "token" for each active user session managed by the application. This token is used to verify that the authenticated user is the person actually making the requests to the application.
It sounds like you should make your App01 an identity provider (OAuth server) and App02, App03 and App04 will redirect to App01 to get a short lived token. So these three apps must have OAuth client functionality - being able to
You are looking at OAuth2 Authorization Code flow: https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
If you could live without requirement number 4 - logging out everywhere simultaneously, you could just rely on JWT tokens' embedded data.
Every JWT token issued by your App01 (Laravel Passport) already includes information like user ID and token expiration. Moreover, if you add your App01's public key on App02, App03 and App04, they can be 100% sure the token is valid - no requests to App01 necessary. But if user logs out on App01 later on, there is obviously no way to say it happened.
187
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
