Skip to content

Separating resource & authorisation server roles #24

Closed
@AP-Hunt

Description

@AP-Hunt

Hi Laravel Passport contributors,

I'm glad to see Laravel now has an official, integrated oauth 2 implementation. However, I notice that right now there is no way to separate the resource server and authorisation roles (as defined in the oauth 2 spec). That is to say, Passport cannot be setup purely to be a resource server which accepts and validates JWTs against a known authorisation sever's public key/certificate*.

Is this something that is envisioned in any roadmap of the package? (I don't see one documented anywhere, so perhaps those plans are in somebody's head?) I would be interested in contributing to the splitting of those roles, because I see this as a shortcoming of many other like packages.

Regards,
Andy

*Unless I'm very much mistaken. If somebody could point me in the right direction, that would be appreciated

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions