Search code examples
phplaraveloauthlaravel-passport

How can I get user_id with access token in laravel passport api?

I am creating mobile application and for login I am using oauth.

For url like http://localhost/darkhwast/public/oauth/token it gives me output json as below:

{
  "token_type": "Bearer",
  "expires_in": 31536000,
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjIyZWQ5YWFjY2U4MDVjYzc4NzUzMWM5NjVkMjdiZDZkNTIwOTQ5NGYxMTllN2Q3YWYyZDQyYWI5MjRjZjYyNTk0ZjhiNTBjNzMyNWMyYjlkIn0.eyJhdWQiOiIyIiwianRpIjoiMjJlZDlhYWNjZTgwNWNjNzg3NTMxYzk2NWQyN2JkNmQ1MjA5NDk0ZjExOWU3ZDdhZjJkNDJhYjkyNGNmNjI1OTRmOGI1MGM3MzI1YzJiOWQiLCJpYXQiOjE0OTgxMzQ1MjAsIm5iZiI6MTQ5ODEzNDUyMCwiZXhwIjoxNTI5NjcwNTIwLCJzdWIiOiIzIiwic2NvcGVzIjpbIioiXX0.CdhOhJ_6wb_KphCbnQEwI8iw94MmvlwCnG8PGPSEcm-YoXeaw2WoXiYRizbkhiXIP84BReRVIXxI-Rug6GUWwT1W8cjrvJinQT2UghCcUMqQ6nQlBingKUUlqyaww5rbcIj6RNDVuRtGnVhpSl6g1wsBz534GmNJyaY5F7t9ZJlf4Q80Cay9mV_YcLVnlOTZqTfGaujo6OM24pG6EoCiyOEF-4Vyd4Naov5O_AswuouCT7kuFdMbNYwNu6hB9_swf7yek_-shqgPk3AGJsnkavCI5Mgj3xQdhhtxoy6IxFcebBZ1iI6V_yd0-UDzHHsVZf2bVk4Hx0j84vA4ZkXXDkc85Lxqpafd31i51eXGPaW308VH2EPV9QwNOxNwNF9nl6uAlkcvfhfNBnNx_QGMALmyuNQf1CXY_rkA72pYkekTe4LQGX48dpIJUnFgnj8Jwsfjrda1D6_N5JvrnbvJkVZbCCgOD9vhJUGnVw6PyEcXldWHiW7EJZkAX9XYB571vzN__qkbM--UpU1fMY13HvWe6qTRSPt4NdZudg1zmQOCn0TpvonP4FGGeB_ldEA488LASAAtQdwHQryw4oZvcb1BSDrvw7IVpGva5ky8aIoeQIORPn2Ehg_I1X9q1Yy3UI8iBPQBWgAnGnyoPYhtIvXYNWLUQJaaocLe3eE7osU",
  "refresh_token": "Mrd+2d8KbLMMbT9bRbxS4YjGUp2nCB092HLaJAxnNIAabDTDfOncYFNAMiCsp/Lc96cLfF8/nE4vAq4DNnpbM8ITCswQLo4/0cY0+e/wgdAhv5ZguPOXmVsOakRT1vymWVj+DH7m1ZlynwD+hMiwVP439iEP66qS6UZqZQ+k+s4SVfMFOE0MUynEFxb27Z8zgeV8Tbw/wA67QlQxXYWWuRL809QQQsFYnmttL71nYqn23TN12iV3/Fmol8S4Kc4ODk3eSFd8C5UUPbTYSdPDOOUUt+v/yrwJgIuZG5PSybG27iPKKkMbI3JgLQc25cAsJUHtkciAn3BVnEV4K2C6hwRM91vGvljB2siblgGw3RooHdYkfZQgCP8zrBvLY9daDKFEuP1QCk8mfpI1kAhhqe3pgDpbIVDlNau+SQXiGMizcMKg/YhnLJpNlU8eqIksLIEEQmFUBfizPmEpyb+KqqhpbfPciGU4LgmwZknferEuAqLS3yzrfWkML5CGYALVWrmo8r2va/qn7yEWY3lYcpcwSXPQiG3TkNKaupfKPQ/i/+aDRb0MOEc68rRkBrSFcOhR0HUgXg+Ev1mNqwuKyu3oGJwYSEGuGEggu/0Ekd1Qem8t7WZAQ245YEj8DpiJcFLX7E9fL1Bo5yuBn9vzTcqRa+kKC7725ayaX3nzxhY="
}

But how can I get user_id in response?

Solution

  • Your OAuth server should have an authenticated API endpoint (using passport), something like /api/user or /api/me. You use the provided access_token to authenticate yourself to retrieve the authenticated user details:

    $response = $client->request('GET', '/api/user', [
    'headers' => [
        'Accept' => 'application/json',
        'Authorization' => 'Bearer ' . $access_token,
    ],
]);

$body = (string) $response->getBody();
$remoteUser = json_decode($body);

    Once you've retrieved the user details, you should have enough to register the user account locally within the client app's database (if required).

    You should encrypt the tokens before storing them on the user record.

    Use encrypt() and decrypt() Laravel's reversible encryption helpers, so it's stored safely but can be decrypted for use later.