您可以编写自己的Controller和Routes ...

You can write your own Controller and Routes...

Passport有一个已定义的"Laravel \ Passport \ Http \ Controllers \ AccessTokenController"，还有一个名为"issueToken()"的方法.

Passport has a defined "Laravel\Passport\Http\Controllers\AccessTokenController" and there is a method called "issueToken()".

如果您看到下面的方法，它将调用函数"revokeOtherAccessTokens()"，并且此删除或 使用以下所有"access_tokens" "Laravel \ Passport \ TokenRepository"

If you see the method below it calls the function "revokeOtherAccessTokens()", and this deletes or revoke all "access_tokens" using the "Laravel\Passport\TokenRepository"

所以您可以做的是编写自己的控制器，并防止调用"revokeOtherAccessTokens()"

您必须牢记的事实是，访问令牌将永远不会被修剪或吊销，至少不会发出刷新令牌或手动将其删除.

发出刷新令牌时，刷新令牌和访问令牌被吊销，因为方法"respondToAccessTokenRequest()"中的"League \ OAuth2 \ Server \ Grant \ RefreshTokenGrant"，它已经吊销了旧的"access_token"和"refresh_token"，因此在这种情况下，我们不必担心撤销或删除它们.

Refresh tokens and access tokens are revoked when refresh token is issued, because the "League\OAuth2\Server\Grant\RefreshTokenGrant" in method "respondToAccessTokenRequest()", it already revoke old "access_token" and "refresh_token", so we don't have to worry about revoke or delete them in this case.

...
// Expire old tokens
$this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);
$this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']);
...

这是一个示例实现，希望对您有所帮助:

Here is an sample implementation, hope it helps:

路线:

Route::post('oauth/access_token', 'Auth\OAuth2Controller@issueToken');

自定义控制器:

<?php

namespace App\Http\Controllers\Auth;

use Laravel\Passport\Http\Controllers\HandlesOAuthErrors;

use Zend\Diactoros\Response as Psr7Response;
use Psr\Http\Message\ServerRequestInterface;
use League\OAuth2\Server\AuthorizationServer;

use App\Http\Controllers\Controller;

class OAuth2Controller extends Controller
{
    use HandlesOAuthErrors;

    /**
     * The authorization server.
     *
     * @var AuthorizationServer
     */
    protected $server;

    /**
     * Create a new controller instance.
     *
     * @param  AuthorizationServer  $server
     * @return void
     */
    public function __construct(AuthorizationServer $server)
    {
        $this->server = $server;
    }

    /**
     * Authorize a client to access the user's account.
     *
     * @param  ServerRequestInterface  $request
     * @return Response
     */
    public function issueToken(ServerRequestInterface $request)
    {
        return $this->withErrorHandling(function () use ($request) {
            return $this->server->respondToAccessTokenRequest($request, new Psr7Response);
        });
    }
}