Skip to content

Instantly share code, notes, and snippets.

@minhloc2011
Forked from onamfc/AccessToken.php
Created October 6, 2022 01:08
Show Gist options
  • Save minhloc2011/3012fbebf346c62b819f4f2b75a40954 to your computer and use it in GitHub Desktop.
Save minhloc2011/3012fbebf346c62b819f4f2b75a40954 to your computer and use it in GitHub Desktop.
Add Custom Claims to Passport 8 / Laravel 6
<?php
namespace App\Passport;
use App\User;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Key;
use League\OAuth2\Server\CryptKey;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use Laravel\Passport\Bridge\AccessToken as BaseToken;
class AccessToken extends BaseToken {
private $privateKey;
/**
* Generate a string representation from the access token
*/
public function __toString() {
return (string) $this->convertToJWT( $this->privateKey );
}
/**
* Set the private key used to encrypt this access token.
*/
public function setPrivateKey( CryptKey $privateKey ) {
$this->privateKey = $privateKey;
}
public function convertToJWT( CryptKey $privateKey ) {
$builder = new Builder();
$builder->permittedFor( $this->getClient()->getIdentifier() )
->identifiedBy( $this->getIdentifier(), true )
->issuedAt( time() )
->canOnlyBeUsedAfter( time() )
->expiresAt( $this->getExpiryDateTime()->getTimestamp() )
->relatedTo( $this->getUserIdentifier() )
->withClaim( 'iss', 'http://localhost:8080/' )
->withClaim( 'scopes', $this->getScopes() );
if ( $user = User::find( $this->getUserIdentifier() ) ) {
$builder
->withClaim( 'uid', $user->id );
// Include additional user claims for user here
}
return $builder
->getToken( new Sha256(), new Key( $privateKey->getKeyPath(), $privateKey->getPassPhrase() ) );
}
}
<?php
namespace App\Repositories;
use App\Passport\AccessToken;
use Laravel\Passport\Bridge\AccessTokenRepository as BaseRepository;
use League\OAuth2\Server\Entities\ClientEntityInterface;
class AccessTokenRepository extends BaseRepository {
public function getNewToken( ClientEntityInterface $clientEntity, array $scopes, $userIdentifier = null ) {
return new AccessToken( $userIdentifier, $scopes, $clientEntity );
}
}
// located in config/app.php
'providers' => [
...
/*
* Application Service Providers...
*/
App\Providers\PassportServiceProvider::class,
],
<?php
namespace App\Providers;
use App\Repositories\AccessTokenRepository;
use Laravel\Passport\Bridge\ClientRepository;
use Laravel\Passport\Bridge\ScopeRepository;
use League\OAuth2\Server\AuthorizationServer;
class PassportServiceProvider extends \Laravel\Passport\PassportServiceProvider {
public function makeAuthorizationServer() {
return new AuthorizationServer(
$this->app->make( ClientRepository::class ),
$this->app->make( AccessTokenRepository::class ),
$this->app->make( ScopeRepository::class ),
$this->makeCryptKey( 'private' ),
app( 'encrypter' )->getKey()
);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment