按照官方文檔配置和安裝好passport,文檔在這里 https://laravel.com/docs/5.6/passport渺杉,中文文檔看這里 http://laravelacademy.org/post/8909.html,當(dāng)然與官方有一點區(qū)別午衰,仔細(xì)看就會發(fā)現(xiàn)跃须。
前提已經(jīng)使用laravel開箱即用的auth
php artisan make:auth
重要:
$ php artisan passport:client
Which user ID should the client be assigned to?:
> 12
What should we name the client?:
> testwwww
Where should we redirect the request after authorization? [http://localhost/auth/callback]:
> http://127.0.0.1:8000/callback // 重要
New client created successfully.
Client ID: 12
Client secret: xxxxxxxx
這樣地址就會重定向到
http://127.0.0.1:8000/callback
在/routes/api.php中添加
Route::get('/redirect', function (){
$query = http_build_query([
'client_id' => '12',
'redirect_uri' => 'http://127.0.0.1:8000/callback',
'response_type' => 'code',
'scope' => '',
]);
return redirect('http://127.0.0.1:8000/oauth/authorize?' . $query);
});
我沒有配置 Frontend Quickstart ,直接跳到 Converting Authorization Codes To Access Tokens
官方配置例诀,添加代碼到:/routes/web.php
Route::get('/callback', function (Request $request) {
$http = new GuzzleHttp\Client;
$response = $http->post('http://your-app.com/oauth/token', [
'form_params' => [
'grant_type' => 'authorization_code',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'redirect_uri' => 'http://example.com/callback',
'code' => $request->code,
],
]);
return json_decode((string) $response->getBody(), true);
});
注意:要在/routes/web.php和/routes/api.php文件使用:
use Illuminate\Http\Request;
當(dāng)我按照上面配置測試時發(fā)現(xiàn)網(wǎng)頁一直加載,很久都沒有反應(yīng)裁着,這時需要強制關(guān)閉php連接服務(wù)繁涂,我想應(yīng)該是
$http = new GuzzleHttp\Client;
惹的禍,我們改用postman測試就好了
Laravel passport 一直加載無響應(yīng)?
Laravel passport authorize keeps loading?
mac 系統(tǒng)使用以下命令
mac 端口占用,我使用的是官方網(wǎng)頁服務(wù)命令啟動的(php artisan serve)二驰,會使用8000端口扔罪。
sudo lsof -i tcp:8000
kill pid xxx
殺掉這個進(jìn)程后再次啟動php連接服務(wù),php artisan serve
這次我們修改一下官方代碼
Route::get('/callback', function (Request $request) {
print_r($request->code);
exit;
});
如果沒有授權(quán)將顯示授權(quán)頁面桶雀,完成授權(quán)后將直接打印code矿酵,復(fù)制code,然后在postman或者其他的api調(diào)試工具測試獲取token
參數(shù)就是官方設(shè)置的那些參數(shù)矗积,
'grant_type' => 'authorization_code',
'client_id' => '12', // your client id
'client_secret' => 'xxxxxxxxxxxxxxx', // your client secret
'redirect_uri' => 'http://127.0.0.1:8000/callback',
'code' => copied code
這時就會獲取到授權(quán)碼token了
{
"token_type":"Bearer",
"expires_in":1296000,
"access_token":"xxxxxx",
"refresh_token":"xxxxxxx"
}
使用剛剛獲取到的access_token,在postmen api調(diào)試工具測試獲取用戶信息
在/routes/api.php文件添加下面代碼:
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
});
url
http://127.0.0.1:8000/api/user
header
accept: application/json
accept-encoding: gzip, deflate
accept-language: en-US,en;q=0.8
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 advanced-rest-client/ Safari/537.36
Authorization: Bearer xxxx
獲取結(jié)果:
{
"id": 1,
"name": "xxx",
"nick_name":"xxxx",
"user_info": "xxxxx",
"avatar_url": "xxxxxxx",
}
刷新令牌
如果應(yīng)用頒發(fā)的是短期有效的訪問令牌全肮,那么用戶需要通過訪問令牌頒發(fā)時提供的 refresh_token 刷新訪問令牌,在本例中漠魏,我們使用 Guzzle HTTP 庫來刷新令牌:
$http = new GuzzleHttp\Client;
$response = $http->post('http://blog.test/oauth/token', [
'form_params' => [
'grant_type' => 'refresh_token',
'refresh_token' => 'the-refresh-token',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'scope' => '',
],
]);
return json_decode((string) $response->getBody(), true);
/oauth/token 路由會返回一個包含 access_token 倔矾、 refresh_token 和 expires_in 屬性的 JSON 響應(yīng),同樣柱锹, expires_in 屬性包含訪問令牌過期時間(s)。
注意:我們這里只是參考它的form_params參數(shù)丰包,不使用GuzzleHttp\Client發(fā)送請求禁熏,前面提了,GuzzleHttp\Client導(dǎo)致網(wǎng)頁無響應(yīng)邑彪,我們使用postman發(fā)送瞧毙。
密碼授權(quán)模式:
新建密碼授權(quán)模式的客戶端信息,得到Client ID與Client Secret
XdeMac-mini:laravel_5.6 $ php artisan passport:client --password
What should we name the password grant client? [Laravel Password Grant Client]:
> pass client
Password grant client created successfully.
Client ID: 3
Client Secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
新建第三方授權(quán)模式的客戶端信息,觀察一下有什么不同:
得到user ID宙彪、Client ID與Client Secret三個值矩动,其中user ID是自己設(shè)置的,不能與其他客戶端user ID重復(fù)释漆。
XdeMac-mini:laravel_5.6 $ php artisan passport:client
Which user ID should the client be assigned to?:
> 4
What should we name the client?:
> san test client
Where should we redirect the request after authorization? [http://localhost/auth/callback]:
> http://127.0.0.1:8000/callback
New client created successfully.
Client ID: 4
Client secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
請求所有域
使用密碼授權(quán)的時候悲没,你可能想要對應(yīng)用所支持的所有域進(jìn)行令牌授權(quán),這可以通過請求 * 域來實現(xiàn)男图。如果你請求的是 * 域示姿,則令牌實例上的 can 方法總是返回 true,這個域只會分配給使用 password 授權(quán)的令牌:
$response = $http->post('http://your-app.com/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'username' => 'test@test.com',
'password' => 'my-password',
'scope' => '*',
],
]);
注意:grant_type為password逊笆,Client ID與Client secret必須匹配
填坑完成栈戳,不知是什么原因?qū)е戮W(wǎng)頁不斷加載的情況,如果哪位大俠知道难裆,煩請給我留言子檀,謝謝!