laravel passport auth code - asking to grant permissions, is it nessecarry?-CodePudding

I am looking for some clarification as for how exactly to proceed with Oauth auth code PKCE grant when it comes to authorizing my own SPA.

So I get this when I am redirected from my SPA to backend (after I log in of course):

Now I get this, makes sense if I want to login into my app with google or twitter for example.

But If I want to log in to the backend app to get the token with my SPA - is there a way to avoid that every time a user logs in? Does it make sense?

I would like to have it from user perspective like this:

click login
redirect to backend pretending to be SPA (visually)
login
go straight back to SPA without having to confirm that stuff

I just mainly want to understand the process for SPA. I assume and suspect that what I want is simply not possible?

CodePudding user response：

Yes you can :)

Create your own Passport client.

<?php

declare(strict_types=1);

namespace App\Models;

class PassportClient extends \Laravel\Passport\Client
{
    /**
     * Determine if the client should skip the authorization prompt.
     *
     * @return bool
     */
    public function skipsAuthorization()
    {
        // todo: add some checks, e.g. $this->name === 'spa-client'
        return true;
    }
}

And update your App\Providers\AuthServiceProvider.

public function boot()
{
    // ...

    Passport::useClientModel(PassportClient::class);
}