I am having an issue and I hope you can help:)
I am using Laravel Passport in order to handle Authentication for my webApp. I am able to generate Access Tokens and Refresh Tokens with no issues.
The problem comes when I am trying to refresh my token. I wrote the code according to Laravel's Documentation:
public function refresh_token(Request $request){
$refresh_token = $request->cookie('refresh_token');
$http = new \GuzzleHttp\Client([
'base_uri' => env('OAUTH_PWD_GRANT_BASE_URL'),
'http_errors' => false
]);
$response = $http->post('/oauth/token', [
'form_params' => [
'grant_type' => 'refresh_token',
'refresh_token' => $refresh_token,
'client_id' => env('OAUTH_PWD_GRANT_CLIENT_ID'),
'client_secret' => env('OAUTH_PWD_GRANT_CLIENT_SECRET'),
'scope' => '',
],
]);
return $this->login_helper(json_decode((string) $response->getBody(), true));
}
Here is my problem: I want my new access token to have the same scope as the provided refresh_token
(or, more precisely, as the access_token
associated with the refresh_token
).
How can I do it?
I have tried to look at the database in order to find my refresh_token
, and get the associated access_token
, but it is unclear how to access the refresh_token
(the refresh_token that I have set in my Cookies does not appear in the database - I do not understand the mechanics behind it).
Thank you very much for your help!
OK, after testing, I realized that when you put 'scope' => ''
in the request to refresh the token, you get the same scope. :-)
I should have checked before (I thought it was returning an empty scope - this is a weird implementation though - very helpful, but weird)^^
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.