search

dusterio / lumen-passport

Making Laravel Passport work with Lumen
MIT License
654 stars 141 forks source link

Customize response for API Provided #7

Closed paolopiccinini closed 2 years ago

paolopiccinini commented 8 years ago

Hi, thanks for your great work. If i want to customize the default response returned by passport (i just want to add more attribute on response), do you think i've to register an after middelware in PassportServiceProvider? I just want to add my default info on responses in my rest api and i've not control of responses returned by passport.

Do you tink it's a good solution?

dusterio commented 8 years ago

@paolopiccinini I actually have a similar task myself (I want to include some basic user info along with token), I'll propose a solution shortly!

paolopiccinini commented 8 years ago

If i can help in any way, please let me know. Thanks

DCdeBrabander commented 7 years ago

@paolopiccinini @dusterio have you solved this already? If you mean put the token-response side-by-side your own stuff, just call lumen-passport routes via a 'proxy' method (implementing Guzzle) and send back the response you want. 😄

paolopiccinini commented 7 years ago

@DCdeBrabander what is the difference in using a proxy vs middelware? (i'm asking your point of view). In both case i've to get response content, add my own content and set the new content. It's sounds like a workaround not a real solution. Don't you think?

DCdeBrabander commented 7 years ago

@paolopiccinini Can you give an example of your implemented middleware? I maybe do not fully understand what you are going for. The proxy method allows me to implement custom responses, but more importantly, it (apparently) shields client_id and secret from headers.

(example of) the call to the 'proxy' method, in this case the password grant:

return $this->access('password', [
                'username'  => $request->username,
                'password'  => $request->password,
                'scope'     => $User->type
            ]);

the 'proxy' method called access(), here it uses Guzzle to call to the lumen-passport's routes:

private function access($grantType, array $data = []) {
        try {
            $config = app()->make('config');

            // Currently fetch client_id and client_secret from config since Api is its own client
            // and other 'users' are used/found via oauth_users table
            $data = array_merge([
                'client_id'     => $config->get('oauth_client.clients.client_id'),
                'client_secret' => $config->get('oauth_client.clients.client_secret'),
                'grant_type'    => $grantType,
            ], $data);
.....
     }catch(....){....}

        // Get body of response
        $response = json_decode($guzzleResponse->getBody());
.....
                $response = Response::success([
                    'refresh_token' => $response->refresh_token,
                    'access_token'  => $response->access_token,
                    'token_type'    => $response->token_type,
                    'expires_in'    => $response->expires_in
                ]);
.....

     return $response;
}

where Response::success(); is a method I implemented to give back a response with status 'code' of API and stuff..

I hope this helps you a bit further in a way. 😄

paolopiccinini commented 7 years ago

@DCdeBrabander this example maybe helps you:

1) My Middelware: public function handle($request, Closure $next) {

    `$response = $next($request);`

    `$data = json_decode($response->getContent(), true);`

    `$data['outcome'] = ($response->getStatusCode() === 200) ? true : false;`

    `$response->setContent(json_encode($data));`

   ` return $response;`

}

2) register this middelware in PassportServiceProvider for example: public function forAccessTokens() { $this->app->post('/oauth/token', [ 'middleware' => ['myCustomMiddelware'], 'uses' => '\Dusterio\LumenPassport\Http\Controllers\AccessTokenController@issueToken' ]); ttp\Controllers\AccessTokenController@issueToken' ]);

paolopiccinini commented 7 years ago

@DCdeBrabander maybe i've not fully understand your example. are you making two different request to get the token? you can always register a middelware to retrive the config client_id, client_secret add them to the headers and then pass the request to passport. am i missing something?

dusterio commented 7 years ago

I'm trying to find a clean way to add integrations tests for controller (the problem is that full Lumen/Laravel app is not included in the package), once it's done - I will add this feature

GalawynRM commented 5 years ago

I would add the user information to the response of oauth/token,

I'm creating a middleware

public function handle($request, Closure $next, $guard = null) { $response = $next($request); $data = json_decode($response->getContent(), true); $data['user'] = Auth::user(); $response->setContent(json_encode($data)); return $response; }

but Auth::user() is always null in the middleware (just after oauth/token, it does work in the next requests), indeed is working in a controller (but i would love to avoid a second http request to get the user)

Is there a way to get user information at the token creation?