3

In my application, I am using Passport for Authentication. I have created a Password grant client for generating access tokens for our mobile and web app.

Now I have to add a third-party client that can access some of our resources. For this, I created a client.

Now for a user that can authorize this third-party client for access the resources on behalf of him have to come to our website and login and then needs to authorize to get the authorization code. This I want to do in our own web app. For that, I need to create an API where as a request I will receive client_id, client_secret, grant_type, redirect_url, scopes, etc and return the authorization code.

But nowhere I see an option to create a custom API for generating the authorization code?

-- Edited

https://laravel.com/docs/9.x/passport#approving-the-request

As mentioned here Passport will automatically display a template to the user allowing them to approve or deny the authorization request

We have our own SPA, we can't use the template provided by Passport. Somehow we need to override this and create an API that our SPA can call for authoring or denying the authorization request.

Improve this question
1
  • In a doc, that you shared it's mentioned that you can override that view component. To override you need to publish passport views using php artisan vendor:publish --tag=passport-views command. After that modify it as you wanted. Commented May 20, 2022 at 10:57

2 Answers 2

Reset to default
0

To create custom api for authorization, you'll need to override default Passport routes in AuthServiceProvider.php

app/Providers/AuthServiceProvider.php

use Illuminate\Support\Facades\Route;

public function boot()
{
    $this->registerPolicies();

    Passport::routes();

    Route::post('<route_you_want_to_override>', [
        'uses' => '<YourCustomAuthorizationController@Method>',
        'as' => 'passport.token',
    ]);
}

Once done make sure to clear the route cache

php artisan route:clear

And to override Passport default template, you'll first to need to publish the passport views so that required views are available at resources/views/vendor/passport path and you can modify the required view

php artisan vendor:publish --tag=passport-views
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

We had a similar need in our app a while ago.
We ended up using passport api for our need (with password grant) and we have put in place Sanctum for our end user/customer. For customer, is much simpler/easy to get a unique token from Sanctum and then make api call with it.
The good part, is that you will have two separate system dedicated to two separate needs (yours and your customer).
I hope this helps you.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.