Laravel Passport is an authentication package for Laravel. It is used by a lot of Laravel apps to authenticate users before accessing any resources. Basically, it generates an access token
which you can then use on every request to provide identification to the OAuth Server
.
One of Laravel Passport's mostly used authentication methods is the Password Grant Tokens
grant type. It is a stateless way to get access tokens
and refresh tokens
from the OAuth Server
.
Take a look at contributing.md if you want to contribute to this project.
Via Composer
// Install the package
$ composer require luchavez/passport-pgt-client
// Publish the config
$ php artisan pgt:client:install
- Add these variables to
.env
file if you want to override the default values.
Variable Name | Default Value | Description |
---|---|---|
PASSPORT_URL |
config('app.url') |
URL of Authentication Server |
PASSPORT_PASSWORD_GRANT_CLIENT_ID |
null | Password grant client's ID |
PASSPORT_PASSWORD_GRANT_CLIENT_SECRET |
null | Password grant client's secret |
The package provides a service called PassportPgtClient which you can use by calling its helper functions:
passportPgtClient()
passport_pgt_client()
Here's the list of its available methods.
Method Name | Return Type | Description |
---|---|---|
getPassportUrl |
string |
gets the URL of Authentication Server |
getPasswordGrantClientId |
string or int or null |
gets the Password Grant Client's id |
getPasswordGrantClientSecret |
string or null |
gets the Password Grant Client's secret |
register |
Luchavez\ApiSdkKit\Models\AuditLog or Illuminate\Http\Client\Response |
sends POST request to Auth Server's /oauth/token to login |
login |
Luchavez\ApiSdkKit\Models\AuditLog or Illuminate\Http\Client\Response |
sends POST request to Auth Server's /oauth/token to login |
refreshToken |
Luchavez\ApiSdkKit\Models\AuditLog or Illuminate\Http\Client\Response |
sends POST request to Auth Server's /oauth/token to refresh tokens |
logout |
Luchavez\ApiSdkKit\Models\AuditLog or Illuminate\Http\Client\Response |
sends POST request to Auth Server's /api/oauth/logout to logout |
getSelf |
Luchavez\ApiSdkKit\Models\AuditLog or Illuminate\Http\Client\Response |
sends GET request to Auth Server's /api/oauth/me to get user info |
Here's the list of routes that this package provides.
Method | Route | Description |
---|---|---|
POST | /api/register |
This route sends POST request to Auth Server's /api/oauth/register to register. |
POST | /api/login |
This route sends POST request to Auth Server's /oauth/token to login. |
POST | /api/refresh-token |
This route sends POST request to Auth Server's /oauth/token to refresh tokens. |
POST | /api/logout |
This route sends POST request to Auth Server's /api/oauth/logout to logout. |
GET | /api/me |
This route sends GET request to Auth Server's /api/oauth/me to get user info. |
Note: If you wish to override the login, refresh token, logout, or get self logic, feel free to do so by updating the published passport-pgt-client
config file.
- Logging in a user
- Refreshing tokens
- Getting user's information based on access token
- Logging out a user
Please see the changelog for more information on what has changed recently.
$ composer test
Please see contributing.md for details and a todolist.
If you discover any security related issues, please email jamescarloluchavez@gmail.com instead of using the issue tracker.
MIT. Please see the license file for more information.