Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a Laravel Passport Provider #157

Merged
merged 6 commits into from
Apr 28, 2018
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/SUMMARY.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
* [Facebook](providers/facebook.md)
* [Github](providers/github.md)
* [Google](providers/google.md)
* [Laravel Passport](providers/passport.md)
* API
* [Auth](api/auth.md)
* [Storage](api/storage.md)
Expand Down
32 changes: 32 additions & 0 deletions docs/providers/passport.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
# Laravel Passport

[Source Code](https://github.com/nuxt-community/auth-module/blob/dev/lib/providers/passport.js)

## Usage

```js
auth: {
strategies: {
'laravel.passport': {
url: '...',
client_id: '...',
client_secret: '...'
},
}
}
```

## Usage

Anywhere in your application logic:

```js
this.$auth.loginWith('passport')
```

💁 This provider is based on [oauth2 scheme](../schemes/oauth2.md) and supports all scheme options.

### Obtaining `url`, `client_id` and `client_secret`

These options are **REQUIRED**. The `url` is the location of your Laravel application. To obtain the `client_id` and `client_secret`, create a new client app in your [Laravel app](https://laravel.com/docs/5.6/passport#managing-clients).

79 changes: 79 additions & 0 deletions lib/providers/laravel.passport.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
const axios = require('axios')
const bodyParser = require('body-parser')
const { assignDefaults } = require('./_utils')

module.exports = function laravelPassport (strategy) {
assignDefaults(strategy, {
_scheme: 'oauth2',
_name: 'laravel.passport',
authorization_endpoint: `${strategy.url}/oauth/authorize`,
token_endpoint: `${strategy.url}/oauth/token`,
token_key: 'access_token',
token_type: 'Bearer',
response_type: 'code',
grant_type: 'authorization_code',
scope: '*'
})

// Get client_secret, client_id and token_endpoint
const clientSecret = strategy.client_secret
const clientID = strategy.client_id
const tokenEndpoint = strategy.token_endpoint

// IMPORTANT: remove client_secret from generated bundle
delete strategy.client_secret

// Endpoint
const endpoint = `/_auth/oauth/${strategy._name}/authorize`
strategy.access_token_endpoint = endpoint

// Set response_type to code
strategy.response_type = 'code'

// Form parser
const formMiddleware = bodyParser.urlencoded()

// Register endpoint
this.options.serverMiddleware.unshift({
path: endpoint,
handler: (req, res, next) => {
if (req.method !== 'POST') {
return next()
}

formMiddleware(req, res, () => {
const {
code,
redirect_uri: redirectUri = strategy.redirect_uri,
response_type: responseType = strategy.response_type,
grant_type: grantType = strategy.grant_type
} = req.body

if (!code) {
return next()
}

axios
.request({
method: 'post',
url: tokenEndpoint,
data: {
client_id: clientID,
client_secret: clientSecret,
grant_type: grantType,
response_type: responseType,
redirect_uri: redirectUri,
code
},
headers: {
Accept: 'application/json'
}
})
.then(response => {
res.end(JSON.stringify(response.data))
})
.catch(error => next(error))
})
}
})
}
1 change: 1 addition & 0 deletions lib/schemes/oauth2.js
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,7 @@ export default class Oauth2Scheme {
const data = await this.$auth.request({
method: 'post',
url: this.options.access_token_endpoint,
baseURL: false,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This may introduce breaking changes! Why we need to disable axios baseURL?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So currently, if you add a baseURL to the main axios module config it will prepend it to all request to relative paths. If you provide a full URL, this is ignored.

For hitting external sites like Google or Facebook, the baseURL is ignored because they would use a full URL. However, with the addAuthorize method, we add a serverMiddleware that will append the client secret and proxy the authentication request. If there is a baseURL set in the axios module config, this request will go to that URL instead of the nuxt.js server. Setting baseURL: false just tells axios to ignore the default baseURL and send it relative to the current page.

Basically, if we are serving our site from example.com and axios has baseURL: 'api.example.com' set, the auth request would go to something like api.example.com/_auth/oauth/passport/authorize which may or may not exist. If we set the baseURL to false, the auth request would go to example.com/_auth/oauth/passport/authorize where the Nuxt server would handle it with the serverMiddleware.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for detailed explanation. Seems reasonable.

data: encodeQuery({
code: parsedQuery.code,
client_id: this.options.client_id,
Expand Down