douyu4822 2016-09-16 07:26

已采纳

Laravel的5.3护照和api路线

I'm using Laravel Framework version 5.3.9, fresh download nothing added on via composer(except "laravel/passport": "^1.0").

I did all the things suggested in the docs. Tables are created, routes are up, everything works fine. However I need passport for an API.

My routes look like so:

+--------+----------+-----------------------------------------+----------------------+----------------------------------------------------------------------------+------------+
| Domain | Method   | URI                                     | Name                 | Action                                                                     | Middleware |
+--------+----------+-----------------------------------------+----------------------+----------------------------------------------------------------------------+------------+
|        | GET|HEAD | /                                       |                      | Closure                                                                    | web        |
|        | GET|HEAD | api/v1/users/register                   | api::users::register | App\Http\Controllers\Api\V1\SocialController@register                      | api,auth   |
|        | POST     | oauth/authorize                         |                      | \Laravel\Passport\Http\Controllers\ApproveAuthorizationController@approve  | web,auth   |
|        | GET|HEAD | oauth/authorize                         |                      | \Laravel\Passport\Http\Controllers\AuthorizationController@authorize       | web,auth   |
|        | DELETE   | oauth/authorize                         |                      | \Laravel\Passport\Http\Controllers\DenyAuthorizationController@deny        | web,auth   |
|        | GET|HEAD | oauth/clients                           |                      | \Laravel\Passport\Http\Controllers\ClientController@forUser                | web,auth   |
|        | POST     | oauth/clients                           |                      | \Laravel\Passport\Http\Controllers\ClientController@store                  | web,auth   |
|        | PUT      | oauth/clients/{client_id}               |                      | \Laravel\Passport\Http\Controllers\ClientController@update                 | web,auth   |
|        | DELETE   | oauth/clients/{client_id}               |                      | \Laravel\Passport\Http\Controllers\ClientController@destroy                | web,auth   |
|        | GET|HEAD | oauth/personal-access-tokens            |                      | \Laravel\Passport\Http\Controllers\PersonalAccessTokenController@forUser   | web,auth   |
|        | POST     | oauth/personal-access-tokens            |                      | \Laravel\Passport\Http\Controllers\PersonalAccessTokenController@store     | web,auth   |
|        | DELETE   | oauth/personal-access-tokens/{token_id} |                      | \Laravel\Passport\Http\Controllers\PersonalAccessTokenController@destroy   | web,auth   |
|        | GET|HEAD | oauth/scopes                            |                      | \Laravel\Passport\Http\Controllers\ScopeController@all                     | web,auth   |
|        | POST     | oauth/token                             |                      | \Laravel\Passport\Http\Controllers\AccessTokenController@issueToken        |            |
|        | POST     | oauth/token/refresh                     |                      | \Laravel\Passport\Http\Controllers\TransientTokenController@refresh        | web,auth   |
|        | GET|HEAD | oauth/tokens                            |                      | \Laravel\Passport\Http\Controllers\AuthorizedAccessTokenController@forUser | web,auth   |
|        | DELETE   | oauth/tokens/{token_id}                 |                      | \Laravel\Passport\Http\Controllers\AuthorizedAccessTokenController@destroy | web,auth   |
+--------+----------+-----------------------------------------+----------------------+----------------------------------------------------------------------------+------------+

All the web routes are there, there are no api related routes, since Passport doesn't provide anything of that sort out of the box.

The API itself is intended to be used by a trusted client, it's made for a mobile application that does require a login however, said login will bypass a few steps.

Once a user access the /register route, the registration process itself is quite simple: access the user's facebook account an grab a few fields - email, facebook id, name an profile picture and from that point onwards the users is considered registered. But the user will NOT login with facebook(this is a very important aspect). The consumer app will be issued a token and use that token to access various endpoints of the api(that require a token to use).

So it boils down to this. I need to issue an access token to the consumer app that access the API. The API itself will only have one client, that is the mobile app itself. Users that use the app are not considered clients of the API but clients of the mobile app itself.

So far Passport is a headache to work with when it comes to implementing API related stuff, either that or I can't figure out how to make it work properly.

I've created a test client in the oauth_clients table that looks like so:

I'm using Postman to access api/v1/users/register route that has the auth middleware with the following JSON application/json

{
    "grant_type" : "authorization_code",
    "client_id" : 5,
    "client_secet": "y5dvPIOxQJOjYn7w2zzg4c6TRrphsrNFWbG4gAUL"
}

Which of course will result in a

{"error":"Unauthenticated."}

It makes perfect sense. Out of pure curiosity I changed the /register route to this:

Route::group([
    'middleware' => [
    ],
], function ()
{
    Route::group([
        'prefix' => 'users',
        'as'     => 'users::',
    ], function ()
    {
//        Route::get('/register', ['as'   => 'register', 'uses' => 'Api\V1\SocialController@register',]);
        Route::post('/register', ['as'   => 'register', 'uses' => '\Laravel\Passport\Http\Controllers\AccessTokenController@issueToken',]);
    });

});

With the same json as before. That resulted in {"error":"invalid_client","message":"Client authentication failed"}.

I've tracked down the function that, I think, handles the validateClient part in vendor/leagueoauth2-server/src/Grant/AbstractGrant`.

The $client is null. Now this may or may not be related to Passport, since the documentation on it rather lacking and the thought of digging thru a monster of a package to track down the error that may be largely due to me not doing something right doesn't strike me as a good idea, I'm out of options. To be perfectly honest I don't even know what the problem is.

Really, at this point any sort pointing in the right direction is more than welcome.

The part in questions is

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

doyhq66282 2016-11-03 04:04

关注

The problem with Laravel 5.3 passport is that unlike previous OAuth 2.0 Server for Laravel library offered by lucadegasperi, it has no API to make clients directly. So as if now the client can only be made through the front-end. FYI we wanted to use laravel passport solely for our mobile app so while creating and registering user we would have only EMAIL & Password and in some cases only Facebook UserID for facebook sign-in. So the following approach worked pretty well for our case and might differ for your scenario but may help you in the longer term to play around with laravel passport.

Note: Before following the below its assumed you have enabled Password Grant in your application.

So the way we solved it for our project on laravel 5.3 is as follows:

in the oauth_clients convert the id field into a normal field i.e. remove it as being primary key and make the data type as varchar so that we can store email address as client_ids as they are also unique for your system. Incase of Facebook login we store Facebook user IDs here in this column which again will be unique for each our client. Also for other tables like: oauth_access_tokens, oauth_auth_codes & oauth_personal_access_clients change client_id to VARCHAR(255) so that it can store email addresses or Facebook User IDs.
Now go to your models and create a model for oauth_clients table so that you can create client programmatically from the code while creating users.
```
<?php
namespace App;


use Illuminate\Database\Eloquent\Model;

class OauthClient extends Model
{
    protected $table = 'oauth_clients';
}
```

Then in your api.php route file add the following route:

Route::post('/register-user', function (Request $request) {

    $name     = $request->input('name');
    $email    = $request->input('email'),
    $password = $request->input('password'),    

    // save new user
    $user = \App\User::create([
      'name'     => $name,
      'email'    => $email,
      'password' => bcrypt($password),
    ]);


    // create oauth client
    $oauth_client = \App\OauthClient::create([
        'user_id'                => $user->id,
        'id'                     => $email,
        'name'                   => $name,
        'secret'                 => base64_encode(hash_hmac('sha256',$password, 'secret', true)),
        'password_client'        => 1,
        'personal_access_client' => 0,
        'redirect'               => '',
        'revoked'                => 0,
    ]);


    return [
        'message' => 'user successfully created.'
    ];
});

In the above code snippet, you have to note that to generate the oauth_client secret you have to use some strong formula of encryption that you feel comfortable using it with your application. Also, use the same technique to generate the secret key on your mobile app for the respective client/user.

Now you can use the standard POST API offered by laravel passport to request access token through password grant using "oauth/token" using the following parameters:

grant_type : 'password'
client_id  : '<email with which the user is registered>'
client_secret : '<generate the client secret from the mobile app>'
username : '<email with which the user is registered>'
password : '<password entered by the user>'
scope : '<leave empty as default>'

The above will give you a response, if everything is correct, similar to :

{
  "token_type": "Bearer",
  "expires_in": 3155673600,
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjMwZmM0MDk1NWY5YjUwNDViOTUzNDlmZjc2M2ExNDUxOTAxZjc5YTA5YjE4OWM1MjEzOTJlZmNiMDgwOWQzMzQwM2ExZWI4ZmMyODQ1MTE3In0.eyJhdWQiOiJzaHVqYWhtQGdtYWlsLmNvbSIsImp0aSI6IjMwZmM0MDk1NWY5YjUwNDViOTUzNDlmZjc2M2ExNDUxOTAxZjc5YTA5YjE4OWM1MjEzOTJlZmNiMDgwOWQzMzQwM2ExZWI4ZmMyODQ1MTE3IiwiaWF0IjoxNDc4MTQ1NjMyLCJuYmYiOjE0NzgxNDU2MzIsImV4cCI6NDYzMzgxOTIzMiwic3ViIjoiMSIsInNjb3BlcyI6W119.dj3g9b2AdPCK-im5uab-01SP71S7AR96R0FQTKKoaZV7M5ID1pSXDlmZw96o5Bd_Xsy0nUqFsPNRQsLvYaOuHZsP8v9mOVirBXLIBvPcBc6lDRdNXvRidNqeh4JHhJu9a5VzNlJPm3joBYSco4wYzNHs2BPSxXuuD3o63nKRHhuUHB-HwjVxj2GDwzEYXdZmf2ZXOGRJ99DlWGDvWx8xQgMQtd1E9Xk_Rs6Iu8tycjBpKBaC24AKxMI6T8DpelnFmUbMcz-pRsgCWCF_hxv6FpXav3jr1CLhhT58_udBvXjQAXEbtHeB7W_oaMcaqezHdAeOWDcnqREZHsnXHtKt0JpymcTWBkS2cg7sJzy6P9mOGgQ8B4gb8wt44_kHTeWnokk4yPFRZojkHLVZb8YL6hZxLlzgV1jCHUxXoHNe1VKlHArdlV8LAts9pqARZkyBRfwQ8oiTL-2m16FQ_qGg-9vI0Suv7d6_W126afI3LxqDBi8AyqpQzZX1FWmuJLV0QiNM0nzTyokzz7w1ilJP2PxIeUzMRlVaJyA395zq2HjbFEenCkd7bAmTGrgEkyWM6XEq1P7qIC_Ne_pLNAV6DLXUpg9bUWEHhHPXIDYKHS-c3N9fPDt8UVvGI8n0rPMieTN92NsYZ_6OqLNpcm6TrhMNZ9eg5EC0IPySrrv62jE",
  "refresh_token": "BbwRuDnVfm7tRQk7qSYByFbQKK+shYPDinYA9+q5c/ovIE1xETyWitvq6PU8AHnI5FWb06Nl2BVoBwCHCUmFaeRXQQgYY/i5vIDEQ/TJYFLVPRHDc7CKILF0kMakWKDk7wJdl5J6k5mN38th4pAAZOubiRoZ+2npLC7OSZd5Mq8LCBayzqtyy/QA5MY9ywCgb1PErzrGQhzB3mNhKj7U51ZnYT3nS5nCH7iJkCjaKvd/Hwsx2M6pXnpY45xlDVeTOjZxxaOF/e0+VT2FP2+TZMDRfrSMLBEkpbyX0M/VxunriRJPXTUvl3PW0sVOEa3J7+fbce0XWAKz7PNs3+hcdzD2Av2VHYF7/bJwcDCO77ky0G4JlHjqC0HnnGP2UWI5qR+tCSBga7+M1P3ESjcTCV6G6H+7f8SOSv9FECcJ8J5WUrU+EHrZ95bDtPc9scE4P3OEQaYchlC9GHk2ZoGo5oMJI6YACuRfbGQJNBjdjxvLIrAMrB6DNGDMbH6UZodkpZgQjGVuoCWgFEfLqegHbp34CjwL5ZFJGohV+E87KxedXE6aEseywyjmGLGZwAekjsjNwuxqD2QMb05sg9VkiUPMsvn45K9iCLS5clEKOTwkd+JuWw2IU80pA24aXN64RvOJX5VKMN6CPluJVLdjHeFL55SB7nlDjp15WhoMU1A="
}

Its only a temporary solution till laravel supports an external API for applications which only has a mobile as the only possible interface for creating oAuth clients and user.

Hope it helps you! Cheers.

本回答被题主选为最佳回答 , 对您是否有帮助呢?

查看更多回答(1条)

报告相同问题？

关注问题

Laravel 5.3 API分页 laravel php
2017-01-21 16:05

回答 2 已采纳 You should use paginate() method instead of get(): $drivers = Driver::select('id', 'first_name',
Laravel 5.3和护照。尝试为API创建单个客户端 php
2016-09-16 12:57

回答 2 已采纳 The problem with Laravel 5.3 passport is that unlike previous OAuth 2.0 Server for Laravel library
Laravel 5.3中的奇怪登录问题 laravel php
2016-11-30 05:02

回答 1 已采纳 You gotta login the user using: \Auth::attempt($credentials)
Laravel 5.3 参考手册中文CHM版
2022-05-26 12:11

Laravel 5.3 在 5.2 的基础上继续进行优化，提供了大量新功能和新特性：基于驱动的通知系统；通过Laravel Echo提供强大的实时支持；通过Laravel Passport实现无痛的OAuth2服务器；通过Laravel Scout实现全文模型搜索...
Laravel 5.3和Vue 2 javascript laravel php vue.js
2016-10-13 18:02

回答 1 已采纳 The solution was to ignore the computed URL function and just do the following: <a :href="'/con
在Laravel 5.3中使用现有数据库 php
2017-04-19 09:06

回答 1 已采纳 Inside your project folder there is a file .env, in this file set the following DB details: DB_CO
Laravel 5.3 POST和tokenmismatch php
2017-04-06 01:29

回答 1 已采纳 Laravel makes it easy to protect your application from cross-site request forgery (CSRF) attacks.
基于Laravel5.3的后台基本管理系统.zip
2023-07-23 21:32

【标题】基于Laravel5.3的后台基本管理系统 ...通过学习和分析这个基于Laravel5.3的后台基本管理系统，开发者不仅可以掌握PHP和MySQL的基础知识，还能深入了解Laravel框架的应用，为今后的Web开发工作打下坚实基础。
Laravel 5.3 Slack集成 laravel php
2017-02-28 10:10

回答 1 已采纳 Assuming you have configured the providers & aliases correctly (in config/app.php), you need to ad
PDOConnection.php第24行Laravel 5.3中的FatalThrowableError laravel mysql php
2019-01-08 10:11

回答 2 已采纳 The error is happening at this line: public function __construct($dsn, $user = null, $password =
Laravel 5.3更改密码 laravel php
2016-11-12 15:00

回答 2 已采纳 You don't actually need to use the default password controller to achieve this, you can write your
laravel5.3 api.php,Laravel5.3 使用默认api验证登陆
2021-04-09 12:31

桑夷的博客讲道理config/auth.php里，默认guard有web和api'guards' => ['web' => ['driver' => 'session','provider' => 'users',],'api' => ['driver' => 'token','provider' => 'u...
基于Laravel5.3开发的考勤系统，毕业设计.zip
2023-12-28 22:34

基于Laravel5.3开发的考勤系统，毕业设计基于Laravel5.3开发的考勤系统，毕业设计基于Laravel5.3开发的考勤系统，毕业设计基于Laravel5.3开发的考勤系统，毕业设计基于Laravel5.3开发的考勤系统，毕业设计基于...
基于Laravel 5.3框架的PHP+Vue+JavaScript+CSS留言板系统设计源码
2024-09-29 02:28

该源码是基于Laravel 5.3框架开发的PHP+Vue+JavaScript+CSS留言板系统，包含210个文件，涵盖92个PHP文件、20个JavaScript文件、9个CSS文件以及44个PNG图片资源。项目结构合理，代码清晰，适用于构建功能完善的留言板...
laravel5.3
2017-11-22 20:36

Laravel 5.3 在 5.2 基础上进行了优化，新特性包括以下：消息通知 Laravel Notifications；事件广播 Laravel Echo； OAuth2 授权认证 Laravel Passport；全文搜索引擎 Laravel Scout； Laravel Elixir 开始支持 ...
没有解决我的问题, 去提问

悬赏问题

¥15 做个有关计算的小程序
¥15 MPI读取tif文件无法正常给各进程分配路径
¥15 如何用MATLAB实现以下三个公式（有相互嵌套）
¥30 关于#算法#的问题：运用EViews第九版本进行一系列计量经济学的时间数列数据回归分析预测问题求各位帮我解答一下
¥15 setInterval 页面闪烁，怎么解决
¥15 如何让企业微信机器人实现消息汇总整合
¥50 关于#ui#的问题：做yolov8的ui界面出现的问题
¥15 如何用Python爬取各高校教师公开的教育和工作经历
¥15 TLE9879QXA40 电机驱动
¥20 对于工程问题的非线性数学模型进行线性化

码龄粉丝数原力等级 --

Laravel的5.3护照和api路线

2条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

Laravel的5.3护照和api路线

2条回答 默认 最新

悬赏问题

2条回答默认最新