imrancse/passportgrant

Custom grant_type for laravel passport

Maintainers

Details

github.com/imrancse94/passport-custom-grant-type

Source

Issues

Installs: 851

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 0

dev-master 2021-11-22 10:22 UTC

Requires

MIT 95ca7ae1917d4bb80d60dabf170e9c0f7cb3f0bc

  • Imran Hossain <imrancse94.woop@gmail.com>

This package is auto-updated.

Last update: 2024-04-22 15:13:58 UTC

README

Note: this documentation assumes Laravel Passport installation is completed.

To get started, install package via the Composer package manager :

composer require imrancse/passportgrant

Publish the passport_grant_type.php configuration file using vendor:publish Artisan command :

php artisan vendor:publish --provider="imrancse\passportgrant\PassportGrantServiceProvider" --tag="config"

Configuration

In your config/passport_grant_type.php configuration file, enable any custom grant types providing user provider class.

// "grants" is an array of user provider class indexed by grant type

'grants' => [
    // 'otp_grant' => 'App\Passport\OTPGrantProvider',
],

User provider

User provider class roles are :

  • validate /oauth/token request custom parameters
  • provide user entity instance

User provider class must implements the imrancse\passportgrant\UserProviderInterface :

/**
 * Validate request parameters.
 *
 * @param  \Psr\Http\Message\ServerRequestInterface  $request
 * @return void
 * @throws \League\OAuth2\Server\Exception\OAuthServerException
 */
public function validate(ServerRequestInterface $request);

/**
 * Retrieve user instance from request.
 *
 * @param  \Psr\Http\Message\ServerRequestInterface  $request
 * @return mixed|null
 */
public function retrieve(ServerRequestInterface $request);

If request validation fails, the validate() method must throw a League\OAuth2\Server\Exception\OAuthServerException invalid parameter exception.

On success, the retrieve() method must return a League\OAuth2\Server\Entities\UserEntityInterface or Illuminate\Contracts\Auth\Authenticatable instance. Otherwise null on failure.

User provider example

For convenience, the UserProvider class provide methods to validate and retrieve request custom parameters.

Therefore, creating a user provider becomes simple :

<?php

namespace App\Passport;

use App\User;
use Psr\Http\Message\ServerRequestInterface;
use imrancse\passportgrant\UserProvider;

class OTPGrantProvider extends UserProvider
{
    /**
     * {@inheritdoc}
     */
    public function validate(ServerRequestInterface $request)
    {
        // It is not necessary to validate the "grant_type", "client_id",
        // "client_secret" and "scope" expected parameters because it is
        // already validated internally.

        $this->validateRequest($request, [
            'email' => ['required', 'email'],
        ]);
    }

    /**
     * {@inheritdoc}
     */
    public function retrieve(ServerRequestInterface $request)
    {
        $inputs = $this->only($request, [
            'email'
        ]);

        // Here insert your logic to retrieve user entity instance

        // For example, let's assume that users table has "email" column
        $user = User::where('email', $inputs['email'])->first();

        return $user;
    }
}

Token request example

Request an access token for "otp_grant" grant type :

// You have to import "Illuminate\Support\Facades\Http"

$response = Http::asForm()->post('https://your-app.com/oauth/token', [
                'grant_type' => 'otp_grant',
                'client_id' => <client-id>,
                'client_secret' => <client-secret>,
                'email'=>'<user-email>',
                'scope' => ''
            ],
]);