I'm trying to create an API that servers a mobile application. I'm using Laravel 5.3 with Passport.
The flow itself is like this. The mobile app will provide the API a facebook access token which will be used to grab some information about the user(facebook id, name, profile picture and email). At that point the backend will insert, if it doesn't already exist, above information into the users table, basically creating a new user. Notice that nowhere does the backend login into facebook in anyway, as the access token is already granted by the mobile app.
After that what needs to happen is the backend will provide an access token to the mobile app that will be used to access other routes from the API itself. This should be done via Passport. As far as I can tell via Passport a new client needs to be created for each user, but I'm not looking for that since the mobile app is the only "client" that the API will have. The users created via facebook are actually users of the mobile app not the API itself. The schema for the oauth_clients
is:
CREATE TABLE `oauth_clients` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`user_id` int(11) DEFAULT NULL,
`name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`secret` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`redirect` text COLLATE utf8_unicode_ci NOT NULL,
`personal_access_client` tinyint(1) NOT NULL,
`password_client` tinyint(1) NOT NULL,
`revoked` tinyint(1) NOT NULL,
`created_at` timestamp NULL DEFAULT NULL,
`updated_at` timestamp NULL DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `oauth_clients_user_id_index` (`user_id`)
) ENGINE=InnoDB AUTO_INCREMENT=9 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci
I didn't modify this in any way, it's the default schema.
Which makes no sense for my needs, I don't want a bunch of clients, I want just one client. The mobile app itself.
I of course could create a user just for the mobile app itself and the facebook users will be always assigned the mobile app user_id
in the oauth_clients
table, but that just seems wrong.