Skip to content

Instantly share code, notes, and snippets.

@messi89

messi89/\Laravel\Passport\Http\Controllers\AccessTokenController

Last active October 25, 2025 21:00
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save messi89/489473c053e3ea8d9e034b0032effb1d to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save messi89/489473c053e3ea8d9e034b0032effb1d to your computer and use it in GitHub Desktop.
Download ZIP
Laravel Passport - Customize The Token Response
Raw
\Laravel\Passport\Http\Controllers\AccessTokenController
<?php
/**
* Laravel Passport - Customize Token response.
*
* @author Messi89 OVERGEN <@messi89minou>
* @link https://github.com/messi89
*/
namespace App\Http\Controllers\Api;
use App\Models\User;
use Exception;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use League\OAuth2\Server\Exception\OAuthServerException;
use Psr\Http\Message\ServerRequestInterface;
use Response;
class AccessTokenController extends \Laravel\Passport\Http\Controllers\AccessTokenController
{
public function issueToken(ServerRequestInterface $request)
{
try {
//get username (default is :email)
$username = $request->getParsedBody()['username'];
//get user
$user = User::where('email', '=', $username)->firstOrFail();
//issuetoken
$tokenResponse = parent::issueToken($request);
//convert response to json string
$content = $tokenResponse->getBody()->__toString();
//convert json to array
$data = json_decode($content, true);
if(isset($data["error"]))
throw new OAuthServerException('The user credentials were incorrect.', 6, 'invalid_credentials', 401);
//add access token to user
$user = collect($user);
$user->put('access_token', $data['access_token']);
return Response::json(array($user));
}
catch (ModelNotFoundException $e) { // email notfound
//return error message
}
catch (OAuthServerException $e) { //password not correct..token not granted
//return error message
}
catch (Exception $e) {
////return error message
}
}
}
@xlcrr
Copy link
Copy Markdown

xlcrr commented Jan 5, 2019
edited
Loading

Thanks for the solution!

@leandroruel

for some reason, when add the route with the custom controller in 5.5 mess up when you type: php artisan route:list, he literally prints the router class at console

You can find the new route at /api/oauth/token

@juanm18
Copy link
Copy Markdown

juanm18 commented Mar 7, 2019
edited
Loading

is there a way to override the original AccessTokenController so that i do not have to create a new api/oauth/token route?
i just want to override the issueToken method in AccessTokenController so that i still hit the oauth/token endpoint. I have already created a new class AccessTokenController that extends from \Laravel\Passport\Http\Controllers\AccessTokenController but that does not override the method.. am i missing something? @messi89

@rubanraj54
Copy link
Copy Markdown

rubanraj54 commented May 14, 2019

The best way I have found to do this is by extending the BearerTokenResponse class - see this answer on stack overflow

I would say, this is a clean solution. I tested in laravel 5.8 and it is working.

@mikizdr
Copy link
Copy Markdown

mikizdr commented Dec 1, 2019

Hello everybody.
Please give an answer you are 100% sure is a real, well tested and accepted solution. Otherwise you make a mess and confusion among people who wants to learn implementing OAuth in a good and secure way. Some writings make a lot of confusion and misunderstanding. All things related to implementation and customizing OAuth token are already present in laravel/passports package. You need nothing more than that. Just exam the package and documentation on Laravel official site.

@chakravarthykalyan90
Copy link
Copy Markdown

chakravarthykalyan90 commented May 27, 2021

Hi Messi, it worked for me. Thanks for the help.

@bakiro
Copy link
Copy Markdown

bakiro commented Oct 9, 2021

Hi there ๐Ÿ‘‹, Laravel 8.54 with Passport 10.1, nice job Messi!!!

<?php

namespace App\Http\Controllers\Auth;

use Exception;
use App\Models\User;
use Psr\Http\Message\ServerRequestInterface;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Laravel\Passport\Exceptions\OAuthServerException;
use Laravel\Passport\Http\Controllers\AccessTokenController as AuthController;


class AccessTokenController extends AuthController
{
    public function issueToken(ServerRequestInterface $request)
    {
        try {

            $data = json_decode(parent::issueToken($request)->content(), true);

            $user = User::select(["name", "email"])
                ->where('email', '=', $request->getParsedBody()['username'])
                ->firstOrFail()
                ->toArray();

            return response()->json(array_merge(["user" => $user], $data));

        } catch (ModelNotFoundException $e) {
            return response()->json(array(
                'error' => array(
                    'msg' => $e->getMessage(),
                    'code' => $e->getCode(),
                ),
            ), 401);
        } catch (OAuthServerException $e) {
            return response()->json(array(
                'error' => array(
                    'msg' => $e->getMessage(),
                    'code' => $e->getCode(),
                ),
            ), 401);
        } catch (Exception $e) {
            return response()->json(array(
                'error' => array(
                    'msg' => $e->getMessage(),
                    'code' => $e->getCode(),
                ),
            ), 500);
        }
    }
}

@zendi014
Copy link
Copy Markdown

zendi014 commented Mar 29, 2023

@bakiro is that running on Laravel 8.83.27? the route on /oauth/token always retrun null

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment