Reputation: 6693
Laravel Passport - How do you create a first-party client?
I'm currently reading the documentation on Laravel Passport on skipping the authorization prompt for a first-party client. I have protected routes based on the scopes the clients request which a typical user would authenticate however, I am using Laravel passport as a Single-Sign-On server for my first party applications as well as third party and to this effect want to skip authorization only for first-party clients.
It is key to note that the scopes should still apply with or without an authorization prompt. My first-party client will still send scopes relative to the user, I just want to skip the authorization prompt and instantly redirect after login.
I created a model as the documentation suggests:
namespace App\Models;
use Laravel\Passport\Client as BaseClient;
class Passport extends BaseClient
{
public function skipsAuthorization()
{
return $this->firstParty();
}
}
However, it doesn't not mention how to generate clients that are first-party, or how to upgrade a current client to a first-party client.
On inspection of the Database table oauth_clients there is no relative column or foreign table that would suggest a client is a first-party.
To this effect, I am under assumption that the $this->firstParty() needs to be implemented in the Passport class and a migration should be created to add a is_first_party column.
To this effect, the documentation further references Overriding default models however, the documentation shows that the Client class is the default value for Passport::useClientModel but the created model suggests extending BaseClient.
Any help appreciated.
Upvotes: 4
Views: 1506
Answers (1)
Reputation: 6693
After some ideas, I decided to check the Client class within Github for Laravel passport.
/**
* Determine if the client is a "first party" client.
*
* @return bool
*/
public function firstParty()
{
return $this->personal_access_client || $this->password_client;
}
It appears that the client must be of a Personal Access type in order for it to skip the authorization.
php artisan passport:client --personal
Extending Client and then Overriding the default model worked fine.
Passport::useClientModel(\App\Models\Passport::class);
My Passport Model now looks like this:
namespace App\Models;
use Laravel\Passport\Client;
class Passport extends Client
{
public function skipsAuthorization()
{
return $this->firstParty();
}
}
Upvotes: 2
Related Questions
- Passport - Create client credentials grant client programmatically
- Laravel Passport create clients programmatically
- Laravel Passport Client Credentials Grant
- Laravel Passport without oAuth
- How can I create a token for a Password Grant Client using Laravel Passport?
- Laravel Passport: Create access token manually
- Laravel 5.3 and Passport. Trying to create a single client for an API
- Laravel 5.3 : Passport Implementation - {"error":"invalid_client","message":"Client authentication failed"}
- Laravel Passport client_credentials
- Laravel passport client creation using code