问题描述
我已经使用 Laravel Passport 文档 成功创建了 server.app 和 client.app.一切都按预期进行.
I have successfully created server.app and client.app using Laravel Passport documentation. Everything works as expected.
client.app 路由:
Route::get('callback', function (Request $request) {
$http = new GuzzleHttpClient;
$response = $http->post('http://server.app/oauth/token', [
'form_params' => [
'grant_type' => 'authorization_code',
'client_id' => 3,
'client_secret' => 'secret',
'redirect_uri' => 'http://client.app/callback',
'code' => $request->code
]
]);
return json_decode((string) $response->getBody(), true)['access_token'];
});
默认情况下,这条路由返回access_token,我可以用它做任何我想做的事.
By default, this route returns access_token, with which i can do whatever i want.
请求:
http://server.app/oauth/authorize?client_id=3&redirect_uri=http%3A%2F%2Fclient.app%2Fcallback&response_type=code&scope=
退货:
http://client.app/callback?code=access_token
问题:
如何使用 client.app 中的给定 access_token 向 server.app 发出正确请求,以获取例如用户电子邮件强>.
How to make correct request to server.app with given access_token in client.app to get for example user(s) email(s).
我应该使用:http://server.app/api/user
请求来获取数据吗?如果是,我该怎么做?如果可能,请写一个代码.
Should i use: http://server.app/api/user
request to get data? If yes, how i can do that? If possible, please write a code.
感谢您的回答.
推荐答案
我对这个问题已经快疯了!当尝试访问诸如 /api/user
之类的路由时,它为什么一直吐出愚蠢的 Unauthenticated
错误,这完全没有意义.经过多次搜索(大量搜索),我终于找到了答案.如果你从 Laracasts 看到这个 fero,你就是我的英雄!
I've been going absolutely insane about this issue! It just made no freaking sense as to why it kept spitting out the stupid Unauthenticated
error when trying to hit-up a route such as /api/user
. After much searching (MUCH searching), I finally found the answer. If you see this fero from Laracasts, you're my hero!
您是否检查了 appProvidersRouteServiceProvider.php
?
在mapApiRoutes()
中,您可以设置中间件.检查以确保它的 auth:api
.如果不是,请更改它.另外,删除 auth
中间件来自路由api.php
文件.
in the mapApiRoutes()
you can set the middleware. check to make sure its auth:api
. if its not, change it. also, remove the auth
middleware from the route api.php
file.
一旦您对上述 appProvidersRouteServiceProvider.php
进行了更改,请继续执行以下示例.
Once you've made the change to the appProvidersRouteServiceProvider.php
mentioned above, proceed with the below example.
首先,我们需要检索一个新的access_token
.为此,我使用了 password grant_type
(更多信息:https://laravel.com/docs/5.4/passport#password-grant-tokens)
First things first, we need to retrieve a fresh access_token
. To do this, I'm using the password grant_type
(more info: https://laravel.com/docs/5.4/passport#password-grant-tokens)
为了检索新的access_token
,我在routes/web.php
上创建了一个新路由,并将其命名为/connect
.然后我将上面链接中的代码放入其中:
To retrieve a fresh access_token
, I've created a new route on routes/web.php
and called it /connect
. I've then placed the code from the above link into it:
Route::get('connect', function (Request $request) {
$http = new GuzzleHttpClient;
$response = $http->post('http://example.com/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => $request->client_id,
'client_secret' => $request->client_secret,
'username' => $request->username,
'password' => $request->password,
'scope' => ''
],
]);
return json_decode((string) $response->getBody(), true);
});
使用 Chrome Postman,您需要:>
Using Chrome Postman, you need to:
- 设置方法为
GET
- 输入带有相关参数的连接 URL,即 http://example.com/connect?client_id=1&client_secret=W2zogh7tiBh2jfHleYuzpViv7dqynDYQ6O07DKLj&[email protected]&password=123456
- 点击headers标签(它在授权旁边),添加一个
Accept
的键和application/json
的值 - 点击发送按钮
- Set the method to
GET
- Enter the connect URL with the relevant params i.e. http://example.com/connect?client_id=1&client_secret=W2zogh7tiBh2jfHleYuzpViv7dqynDYQ6O07DKLj&[email protected]&password=123456
- Click the headers tab (it's next to Authorization), add a key of
Accept
and value ofapplication/json
- Hit the Send button
示例结果:
{
"token_type": "Bearer",
"expires_in": 31535999,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImE0MmFiYjZkNTQ5M2ZjMGQxYzVmM2E3MDFlOTNjMTRlOTQxMTBmNWQ5NmI1ODI0NTBmMmEyM2MwMzQ5OTMwODdiZGUwYTI5ZDU5N2VjYTExIn0.eyJhdWQiOiIxIiwianRpIjoiYTQyYWJiNmQ1NDkzZmMwZDFjNWYzYTcwMWU5M2MxNGU5NDExMGY1ZDk2YjU4MjQ1MGYyYTIzYzAzNDk5MzA4N2JkZTBhMjlkNTk3ZWNhMTEiLCJpYXQiOjE0OTE0Njg4ODIsIm5iZiI6MTQ5MTQ2ODg4MiwiZXhwIjoxNTIzMDA0ODgxLCJzdWIiOiI3NWNlZDUwMC0xNTQ0LTExZTctOWE4ZS1hZDVmMWFlZTM4OWUiLCJzY29wZXMiOltdfQ.dV3DKDM7IN-oGnZ_Rw10VnYkh9ySlz5i859yO0roZLAYwgmsmEEZK_vpttudUoKmYenqibZQXg6HG4KHRd-cgas_2DpO-7UCkXQYNTriUUAQ4XM6To86EOaf2BW1a07kdVGXTdo_ETQc7heUG0NWQ8-Hrr2NHkSyDULupDs8gDg_fg6xSVsFUEDZB32UIGwquAHT1Y21ZpTdQar0Rag9qOLeZYTR05ro0v9_rQbSoDgJiZE3KT9GbqwU_BegWRmAwY6LmxG4raZpSMgqYEMo3D9D0lJiomOLK4pSjqmi0EVti04zZ6Vg4GHE6S1TgC6IlakV2bMItXTWuZT6T0jEba-3ctaC4K2T8F4P8J6t-99mKY-_zSwgfGm1FErK09qixJlZ4zFsCCT7MgNQVoyu7GkJdTJVlpL1QXLc1QhfrtW11a4gg4Nlja_VyRdB9fZHomgMLpvm_HvSlqEvpeWb8wGkCts9w7ivSNLim-LuFgswGNhTZZqLEbuwB6sJV-l1V0MJCq7_h0yTmLlBdoUkxCaDJJvkUSLk0MUaalAAzY1OCxm-tJcKn31m4yOwf25ZDWf8tWuOTKarEbFyxjB0elkxXQXGe7J7TJAg0tuIEQ8YTL3ExJQ6I7zwtCL83bPOWYRGlJrsX6Lsf0qB-xMVD2DzA3JKDKvZTp5x92kP821",
"refresh_token": "ArOWW0glHjflLpL4fKOsrNUXT5v91u+CjwcE8LBvH7GJsaM0gWaFe8GH9zXjh8SHew+cg7v1IMiIPLYSVdf7h8oOeV7wgwjChI9YM0Kt6iE4wOXJuy0VwPSCj+danHDuWC3nJWYLrPydTE3h/jgFNjWEPfgXGLfiRWjWQMozddz5EWd4pvUI7J64Lw6cMCg/BslZLHtfN7IWoC1RQGp5K0cGO0QmZfsGMSzsoSUNFjv16BXiKSqlNvs5aGhxErFY4wEOKqBifXUkb3SwnK/iHKg3irmqj4fOf/aKNyCdd/PJCHrRPocrW83oM1sjq7eDufEIlgxmy7uRset8GLAWjx/n6rzkxz2QM0/9Lyc/XN9OL00XBYjA47a1wL55qUUUYWevaFwxWX8LG2UjBf9Vv2lfvLcBBkbgqpalePMDh6wb8IDyJek4BbvZtJ1VZ/l+A9XXY9rQt/hIDdoOAtib8CGr9/CERFIrByZa3TEJBCLAa2FvJSIhHVnKvnuvZX3e9qhTkgHqowJrWg2C3VyPDQYAdIhdpTEvs0pcGSAZWhwXfu9xKQOeyRTEScbLKQmuW+sGbwU+qfdLgh/BR5kW4TMer4TIzWKSuHsqmibgiUwaQkwTrtjH2Xz9Z9XmAbVzJ8pqbEZPe7t5whXDoRSnAwWymdxk2E7SiSsVUA3kX39="
}
突出显示 access_token
字符串并将其复制到文本编辑器.
Highlight the access_token
string and copy it to a text editor.
然后您需要在 routes/api.php
中创建一个新路由.下面的路由将简单地输出当前 API 用户的信息:
You'll then need to create a new route in routes/api.php
. The route below will simply output the current API users' info:
Route::group(['prefix' => 'user'], function() {
Route::get('/', function() {
return response()->json(request()->user());
});
});
完成上述操作后,对 Postman 进行以下更改:
Once you've done the above, make these changes to Postman:
- 设置方法为
GET
- 将 URL 更改为指向 API 路由,即 http://example.com/api/user
- 再次点击headers标签,添加一个新的
Authorization
键和Bearer access_token_here
的值(替换access_token_here
code> 使用您之前复制的访问令牌) - 点击发送按钮
- Set the method to
GET
- Change the URL to point to the API route i.e. http://example.com/api/user
- Click on the headers tab again and add a new key of
Authorization
and value ofBearer access_token_here
(replaceaccess_token_here
with the access token you copied earlier) - Hit the Send button
示例输出:
{
"id": "75ced500-1544-11e7-9a8e-ad5f1aee389e",
"name": "test test",
"email": "[email protected]",
"created_at": "2017-03-30 23:29:03",
"updated_at": "2017-03-30 23:29:03"
}
这篇关于在 laravel 护照客户端应用程序中使用访问令牌获取用户数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!