Package Data | |
---|---|
Maintainer Username: | sim1barreto |
Maintainer Contact: | mclinmike@gmail.com (Mike McLin) |
Package Create Date: | 2023-03-21 |
Package Last Update: | 2023-06-08 |
Language: | PHP |
License: | MIT |
Last Refreshed: | 2024-12-23 03:19:27 |
Package Statistics | |
---|---|
Total Downloads: | 479 |
Monthly Downloads: | 30 |
Daily Downloads: | 0 |
Total Stars: | 0 |
Total Watchers: | 0 |
Total Forks: | 0 |
Total Open Issues: | 0 |
Install with composer... composer require mikemclin/passport-custom-request-grant
^1.0
^0.1
MikeMcLin\Passport\CustomRequestGrantProvider
to your list of providers after Laravel\Passport\PassportServiceProvider
.byPassportCustomRequest($request)
method to your User
model (or whatever model you have configured to work with Passport).
Illuminate\Http\Request
object.null
https://your-site.com/oauth/token
, just like you would a Password or Refresh grant.grant_type
= custom_request
.User::byPassportCustomRequest()
function, where you will determine if access should be granted or not.access_token
and refresh_token
will be returned if successful.Here is what a User::byPassportCustomRequest()
method might look like...
/**
* Verify and retrieve user by custom token request.
*
* @param \Illuminate\Http\Request $request
*
* @return \Illuminate\Database\Eloquent\Model|null
* @throws \League\OAuth2\Server\Exception\OAuthServerException
*/
public function byPassportCustomRequest(Request $request)
{
try {
if ($request->get('sso_token')) {
return $this->bySsoToken($request->get('sso_token'));
}
} catch (\Exception $e) {
throw OAuthServerException::accessDenied($e->getMessage());
}
return null;
}
In this example, the app is able to authenticate a user based on an sso_token
property from a submitted JSON payload. The bySsoToken
is this app's way of doing that. It will return null
or a user object. It also might throw exceptions explaining why the token is invalid. The byPassportCustomRequest
catches any of those exceptions and converts them to appropriate OAuth exception type. If an ssoToken
is not present on the request payload, then we return null
which returns an invalid_credentials error response:
{
"error": "invalid_credentials",
"message": "The user credentials were incorrect."
}