How to override AuthCodeGrant?

[gssj85]

I need to override functionality of: vendor/league/oauth2-server/src/Grant/AuthCodeGrant.php to add another information on the authorization code (the tenant id), will also have to decrypt it later but for now I would be very happy to know how to override this one first.

So far I can say I have no idea how to do this, used some GPT help on a service provider but no success:

public function register(): void
    {
        Passport::ignoreRoutes();

        // Bind the AuthCodeRepositoryInterface to an implementation
        $this->app->bind(AuthCodeRepositoryInterface::class, AuthCodeRepository::class);

        // Optionally bind the RefreshTokenRepositoryInterface if you haven't done so
        $this->app->bind(RefreshTokenRepositoryInterface::class, RefreshTokenRepositoryInterface::class);

        parent::register();

        $this->app->extend(AuthorizationServer::class, function (AuthorizationServer $server) {
            $grant = new MyCustomAuthCodeGrant(
                $this->app->make(AuthCodeRepositoryInterface::class),
                $this->app->make(RefreshTokenRepositoryInterface::class),
                new \DateInterval('PT10M')
            );

            $server->enableGrantType($grant, new \DateInterval('PT1H'));

            return $server;
        });
    }

Those bind didnt help at all, got this error message:

Target [League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface] is not instantiable while building [Laravel\Passport\Http\Controllers\AuthorizationController].

[mazesec]

To override the AuthCodeGrant functionality in Laravel Passport and add custom information like a tenant ID, you can create your own custom grant class that extends the existing AuthCodeGrant. Here’s a step-by-step guide to help you do this.

Step 1: Create Your Custom Grant Class

First, create a new class that extends AuthCodeGrant. You’ll want to customize the respondToAuthorizationRequest method (or any other relevant method) to include your tenant ID.

namespace App\OAuth;

use League\OAuth2\Server\Grant\AuthCodeGrant as BaseAuthCodeGrant;
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;

class MyCustomAuthCodeGrant extends BaseAuthCodeGrant
{
    public function __construct(AuthCodeRepositoryInterface $authCodeRepository, RefreshTokenRepositoryInterface $refreshTokenRepository, \DateInterval $refreshTokenTTL)
    {
        parent::__construct($authCodeRepository, $refreshTokenRepository, $refreshTokenTTL);
    }

    protected function respondToAuthorizationRequest($request, $response, $grantType, array $options = [])
    {
        // Your custom logic here to handle tenant ID
        // You can access request data and add tenant ID to the authorization code
        // Example: 
        $tenantId = $request->get('tenant_id'); // assuming tenant_id is passed in request
        
        // Process the request as usual
        return parent::respondToAuthorizationRequest($request, $response, $grantType, $options);
    }

    // Add any additional methods as needed
}

Step 2: Register Your Custom Grant in a Service Provider

Next, you need to register your custom grant in a service provider, similar to what you've done already. Make sure to remove any bindings that cause issues.

namespace App\Providers;

use Illuminate\Support\ServiceProvider;
use Laravel\Passport\Passport;
use League\OAuth2\Server\AuthorizationServer;
use App\OAuth\MyCustomAuthCodeGrant; // Import your custom grant class
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;

class AuthServiceProvider extends ServiceProvider
{
    public function register(): void
    {
        Passport::ignoreRoutes();

        // Bind your repositories
        $this->app->bind(AuthCodeRepositoryInterface::class, YourAuthCodeRepositoryImplementation::class);
        $this->app->bind(RefreshTokenRepositoryInterface::class, YourRefreshTokenRepositoryImplementation::class);

        parent::register();

        // Extend the Authorization Server with your custom grant
        $this->app->extend(AuthorizationServer::class, function (AuthorizationServer $server) {
            $grant = new MyCustomAuthCodeGrant(
                $this->app->make(AuthCodeRepositoryInterface::class),
                $this->app->make(RefreshTokenRepositoryInterface::class),
                new \DateInterval('PT10M')
            );

            $server->enableGrantType($grant, new \DateInterval('PT1H'));

            return $server;
        });
    }
}

Step 3: Handle Tenant ID in Your Implementation

Make sure your AuthCodeRepository implementation can handle the additional tenant ID. You might need to store it with the authorization code or in a related table.

Step 4: Testing

After implementing the above steps, test your changes thoroughly to ensure that the tenant ID is correctly included in the authorization code and that you can later decrypt it as needed.

Troubleshooting

If you encounter the "not instantiable" error again, check the following:

1. Ensure you have implemented the repository interfaces (AuthCodeRepositoryInterface and RefreshTokenRepositoryInterface) correctly.
2. Ensure that these implementations are properly bound in the service container.

This should give you a good starting point to override the functionality you need. Let me know if you have further questions!

[gssj85]

Thank you my friend I have found my way but it's along with your solution, thanks again!