Currently I have a Laravel installation using Laravel Passport (which uses league/oauth2-server
for the server implementation). I would like to return the user id when a oauth2 token is granted, so I can use it to identify the authenticated user in my EmberJS app.
The suggested method to do this is:
Create my own class:
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
class UserIdBearerTokenResponse extends BearerTokenResponse
{
protected function getExtraParams(AccessTokenEntityInterface $accessToken)
{
return [
'user_id' => $this->accessToken->getUserIdentifier()
];
}
}
Modifying AuthorizationServer.getResponseType()
in vendor/league/oauth2-server/src
protected function getResponseType()
{
if ($this->responseType instanceof ResponseTypeInterface === false) {
// Return my own class instead of provided one
$this->responseType = new UserIdBearerTokenResponse();
}
$this->responseType->setPrivateKey($this->privateKey);
return $this->responseType;
}
But this approach requires me to add the vendor/league/oauth2-server/src/AuthorizationServer.php
file to my git repo.
This seems very messy and unreliable to me. Is there a better/cleaner way to achieve this?
To use your custom response, you can add a custom authorization server like this:
<?php
namespace App;
use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
class TokenServer extends AuthorizationServer
{
/**
* Get the token type that grants will return in the HTTP response.
*
* @return ResponseTypeInterface
*/
protected function getResponseType()
{
if ($this->responseType instanceof ResponseTypeInterface === false) {
$this->responseType = new UserIdBearerTokenResponse();
}
$this->responseType->setPrivateKey($this->privateKey);
return $this->responseType;
}
}
And a custom PassportServiceProvider like this:
<?php
namespace App\Providers;
use App\TokenServer;
class PassportServiceProvider extends \Laravel\Passport\PassportServiceProvider
{
/**
* Make the authorization service instance.
*
* @return AuthorizationServer
*/
public function makeAuthorizationServer()
{
return new TokenServer(
$this->app->make(\Laravel\Passport\Bridge\ClientRepository::class),
$this->app->make(\Laravel\Passport\Bridge\AccessTokenRepository::class),
$this->app->make(\Laravel\Passport\Bridge\ScopeRepository::class),
'file://'.storage_path('oauth-private.key'),
'file://'.storage_path('oauth-public.key')
);
}
}
And then make the following change in your config/app.php file:
/*
* Package Service Providers...
* We extend the packaged PassportServiceProvider with our own customization
*/
// Laravel\Passport\PassportServiceProvider::class,
App\Providers\PassportServiceProvider::class,