search

corbosman / laravel-passport-claims

Add claims to Laravel Passport JWT Tokens
MIT License
82 stars 11 forks source link

Refresh token with same custom claims #11

Closed timeisenhuth closed 3 years ago

timeisenhuth commented 3 years ago

This package is great thank you.

We have an issue though that when we refresh a token, we want to encode the same claims from the original access token into the new token. I can't find anything anywhere on how that might be possible. At the moment we are relying on passing the original access token with the refresh request and decoding it and applying the same claims to the new token. However passing the original access token with the refresh token doesn't seem to be a standard practice.

Are you aware of any way to do this? Our thinking was to persist the custom claims in the database. Perhaps adding a column to Passport's oauth_access_tokens table and storing them they way it does with scopes. Not ideal to hack around Passport though.

Is it something that this package could support? We'd be happy to contribute a PR

corbosman commented 3 years ago

Hi, maybe I don't understand what you're asking. I just tested the following:

  1. get a token from passport including custom claims
  2. refresh the token using the refresh_token from the token from 1.
  3. The resulting token I get back from that response includes my custom claims.

This seems to be what you want right? This should already work.

timeisenhuth commented 3 years ago

🤦 ok that seems to be working. Thanks!