Passport: Dynamic Client Registration

Created on 23 Aug 2018  ·  6Comments  ·  Source: laravel/passport

Would support for Dynamic Client Registration be considered within the scope of this package? Of course, it would be disabled by default and could be enabled like so:

Passport::enableDynamicClientRegistration();

Similar to how implicit grant is enabled. This is useful in order to provide authentication for SPAs who don't have a backend and can't be trusted with client secrets, so a dynamic registration is provided and authentication is performed only with a client_id unique to each instance. More details can be read on the specification: RFC 7951 - OAuth 2.0 Dynamic Client Registration Protocol

enhancement
Source
picture NoelDeMartin
👍21

Most helpful comment

Heya, going to close this as you've created an issue at oauth2-server: https://github.com/thephpleague/oauth2-server/issues/934

Let us know how it goes and we might also be able to provide support for this once it's merged in oauth2-server! :)

picture driesvints on 15 Oct 2018
👍21

All 6 comments

We could probably add this into the OAuth2-Server if you want to raise an issue there?

Sephster picture Sephster on 24 Aug 2018

@Sephster I can open it if you want, but I was not aware that OAuth2-Server handled client registration. For what I have seen in this repository, client registration is implemented here: https://github.com/laravel/passport/blob/7.0/src/ClientRepository.php#L102..L117 And ClientRepositoryInterface from OAuth2-Server is only used to retrieve clients, not create them.

NoelDeMartin picture NoelDeMartin on 24 Aug 2018

The server is intentionally flexible so we haven't defined client registration to leave it up to the implementer. If this is required to support the dynamic registration rfc though, we could probably add it in. Thanks for raising the issue so we can track it.

Sephster picture Sephster on 26 Aug 2018

Heya, going to close this as you've created an issue at oauth2-server: https://github.com/thephpleague/oauth2-server/issues/934

Let us know how it goes and we might also be able to provide support for this once it's merged in oauth2-server! :)

driesvints picture driesvints on 15 Oct 2018
👍21

Going to re-open this to keep track of it here as well.

driesvints picture driesvints on 10 Dec 2018

Closing this again until OAuth2 Server has implemented this.

driesvints picture driesvints on 7 Aug 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rudolfdobias picture rudolfdobias  ·  3Comments
gbgelado picture gbgelado  ·  3Comments
cookiejarblush picture cookiejarblush  ·  4Comments
parth-vora-7 picture parth-vora-7  ·  4Comments
SwiTool picture SwiTool  ·  3Comments