montross50 / passport-consumer Goto Github PK

This package lets you consume laravel passport local or remote with either the password grant flow or the authorization code flow. The aim is to allow you to focus on your app and leave oauth to passport and the consumption of said oauth to this package.

composer require montross50/passport-consumer

Publish the config file:

php artisan vendor:publish --provider="Montross50\PassportConsumer\PassportConsumerServiceProvider" --tag=config

There are a LOT of config options. Probably too many. The package should work out of the box with a default laravel install aside from defining the required env variables somewhere. The main config options to take note of are:

• enable_pg
  • If set to true then the password grant routes are loaded.
• enable_access
  • If set to true then the authorization code routes are loaded
• passport_location
  • If set to local then it is assumed the given app is the app with passport installed. If not it is expected that this value is your passport server url.
• log_user_in
  • If set to true the following happens:
    • User is retrieved from user_endpoint
    • If remote passport:
      • Find local user for remote user
      • Create local user using defaults and data from remote if not found
    • Log user in using session guard
    • The access_token and refresh_token will be in the session.

Required env variables:

• PC_PASSPORT_SECRET_PG
  • The passport secret access key for you password grant client
• PC_PASSPORT_SECRET_ACCESS
  • The passport secret access key for you authorization code client
• PC_PASSPORT_ID_PG
  • The passport client id for your password grant client
• PC_PASSPORT_ID_ACCESS
  • The passport client id for you authorization code client

If you are working with a remote passport install then add the Montross50\PassportConsumer\HasRemoteTokens Trait to your Users model.

The log_user_in functionality will create users to pair with a remote user if the local user cannot be found. Default values and fields are defined on the trait and must be overridden if you need to add more defaults for new user.

This package adds an api_token and configurable remote_user_id field to your users model. This only happens if you have your package configured for remote passport.

php artisan migrate

Please see CHANGELOG for more information what has changed recently.

Please see CONTRIBUTING and CONDUCT for details.

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

• Trent Schmidt

The MIT License (MIT). Please see License File for more information.