使用Laravel Passport Client应用程序中的访问令牌获取用户数据 [英] Get user data using access token in laravel passport client app

问题描述

我已经使用 Laravel Passport文档成功创建了 server.app 和 client.app .一切都按预期进行.

I have successfully created server.app and client.app using Laravel Passport documentation. Everything works as expected.

client.app路由:

Route::get('callback', function (Request $request) {
   $http = new GuzzleHttp\Client;
   $response = $http->post('http://server.app/oauth/token', [
    'form_params' => [
        'grant_type' => 'authorization_code',
        'client_id' => 3,
        'client_secret' => 'secret',
        'redirect_uri' => 'http://client.app/callback',
        'code' => $request->code
    ]
   ]);
   return json_decode((string) $response->getBody(), true)['access_token'];
});

默认情况下，此路由返回 access_token ，我可以使用该路由执行我想做的任何事情.

By default, this route returns access_token, with which i can do whatever i want.

请求:

http://server.app/oauth/authorize?client_id=3&redirect_uri=http%3A%2F%2Fclient.app%2Fcallback&response_type=code&scope=

返回:

http://client.app/callback?code=access_token

问题:

如何使用给定的 client.app 中的access_token向 server.app 发出正确的请求，以获取例如用户的电子邮件 strong>.

How to make correct request to server.app with given access_token in client.app to get for example user(s) email(s).

我应该使用:http://server.app/api/user请求获取数据吗?如果是，我该怎么做?如有可能，请编写代码.

Should i use: http://server.app/api/user request to get data? If yes, how i can do that? If possible, please write a code.

感谢您的回答.

推荐答案

我一直在疯狂地对待这个问题！对于为什么在尝试连接诸如/api/user之类的路线时为什么会不断吐出愚蠢的Unauthenticated错误，这并没有什么奇怪的意义.经过大量搜索(MUCH搜索)，我终于找到了答案.如果您从《拉拉卡斯特》中看到这个铁杆，那您就是我的英雄！

I've been going absolutely insane about this issue! It just made no freaking sense as to why it kept spitting out the stupid Unauthenticated error when trying to hit-up a route such as /api/user. After much searching (MUCH searching), I finally found the answer. If you see this fero from Laracasts, you're my hero!

您检查了app\Providers\RouteServiceProvider.php吗?

在mapApiRoutes()中，您可以设置中间件.检查以确保 其auth:api.如果不是，请更改它.另外，删除auth 路径api.php文件中的中间件.

in the mapApiRoutes() you can set the middleware. check to make sure its auth:api. if its not, change it. also, remove the auth middleware from the route api.php file.

https://laracasts.com/discuss/channels/laravel/laravel-53-passport-api-unauthenticated-in-postman-using-personal-access-tokens

对上述app\Providers\RouteServiceProvider.php进行更改后，请继续以下示例.

Once you've made the change to the app\Providers\RouteServiceProvider.php mentioned above, proceed with the below example.

首先，我们需要检索一个新的access_token.为此，我使用了密码 grant_type(更多信息: https://laravel.com/docs/5.4/passport#password-grant-tokens )

First things first, we need to retrieve a fresh access_token. To do this, I'm using the password grant_type (more info: https://laravel.com/docs/5.4/passport#password-grant-tokens)

要检索新的access_token，我在routes/web.php上创建了一条新路线并将其命名为/connect.然后，将上面链接中的代码放入其中:

To retrieve a fresh access_token, I've created a new route on routes/web.php and called it /connect. I've then placed the code from the above link into it:

Route::get('connect', function (Request $request) {
    $http = new GuzzleHttp\Client;

    $response = $http->post('http://example.com/oauth/token', [
        'form_params' => [
            'grant_type' => 'password',
            'client_id' => $request->client_id,
            'client_secret' => $request->client_secret,
            'username' => $request->username,
            'password' => $request->password,
            'scope' => ''
        ],
    ]);

    return json_decode((string) $response->getBody(), true);
});

使用 Chrome邮递员，您需要:

Using Chrome Postman, you need to:

1. 将方法设置为GET
2. 输入具有相关参数的连接URL，即标题"标签(位于授权"旁边)，添加键Accept和值application/json
3. 点击发送"按钮

1. Set the method to GET
2. Enter the connect URL with the relevant params i.e. http://example.com/connect?client_id=1&client_secret=W2zogh7tiBh2jfHleYuzpViv7dqynDYQ6O07DKLj&username=test@test.com&password=123456
3. Click the headers tab (it's next to Authorization), add a key of Accept and value of application/json
4. Hit the Send button

结果示例:

{
  "token_type": "Bearer",
  "expires_in": 31535999,
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImE0MmFiYjZkNTQ5M2ZjMGQxYzVmM2E3MDFlOTNjMTRlOTQxMTBmNWQ5NmI1ODI0NTBmMmEyM2MwMzQ5OTMwODdiZGUwYTI5ZDU5N2VjYTExIn0.eyJhdWQiOiIxIiwianRpIjoiYTQyYWJiNmQ1NDkzZmMwZDFjNWYzYTcwMWU5M2MxNGU5NDExMGY1ZDk2YjU4MjQ1MGYyYTIzYzAzNDk5MzA4N2JkZTBhMjlkNTk3ZWNhMTEiLCJpYXQiOjE0OTE0Njg4ODIsIm5iZiI6MTQ5MTQ2ODg4MiwiZXhwIjoxNTIzMDA0ODgxLCJzdWIiOiI3NWNlZDUwMC0xNTQ0LTExZTctOWE4ZS1hZDVmMWFlZTM4OWUiLCJzY29wZXMiOltdfQ.dV3DKDM7IN-oGnZ_Rw10VnYkh9ySlz5i859yO0roZLAYwgmsmEEZK_vpttudUoKmYenqibZQXg6HG4KHRd-cgas_2DpO-7UCkXQYNTriUUAQ4XM6To86EOaf2BW1a07kdVGXTdo_ETQc7heUG0NWQ8-Hrr2NHkSyDULupDs8gDg_fg6xSVsFUEDZB32UIGwquAHT1Y21ZpTdQar0Rag9qOLeZYTR05ro0v9_rQbSoDgJiZE3KT9GbqwU_BegWRmAwY6LmxG4raZpSMgqYEMo3D9D0lJiomOLK4pSjqmi0EVti04zZ6Vg4GHE6S1TgC6IlakV2bMItXTWuZT6T0jEba-3ctaC4K2T8F4P8J6t-99mKY-_zSwgfGm1FErK09qixJlZ4zFsCCT7MgNQVoyu7GkJdTJVlpL1QXLc1QhfrtW11a4gg4Nlja_VyRdB9fZHomgMLpvm_HvSlqEvpeWb8wGkCts9w7ivSNLim-LuFgswGNhTZZqLEbuwB6sJV-l1V0MJCq7_h0yTmLlBdoUkxCaDJJvkUSLk0MUaalAAzY1OCxm-tJcKn31m4yOwf25ZDWf8tWuOTKarEbFyxjB0elkxXQXGe7J7TJAg0tuIEQ8YTL3ExJQ6I7zwtCL83bPOWYRGlJrsX6Lsf0qB-xMVD2DzA3JKDKvZTp5x92kP821",
  "refresh_token": "ArOWW0glHjflLpL4fKOsrNUXT5v91u+CjwcE8LBvH7GJsaM0gWaFe8GH9zXjh8SHew+cg7v1IMiIPLYSVdf7h8oOeV7wgwjChI9YM0Kt6iE4wOXJuy0VwPSCj+danHDuWC3nJWYLrPydTE3h/jgFNjWEPfgXGLfiRWjWQMozddz5EWd4pvUI7J64Lw6cMCg/BslZLHtfN7IWoC1RQGp5K0cGO0QmZfsGMSzsoSUNFjv16BXiKSqlNvs5aGhxErFY4wEOKqBifXUkb3SwnK/iHKg3irmqj4fOf/aKNyCdd/PJCHrRPocrW83oM1sjq7eDufEIlgxmy7uRset8GLAWjx/n6rzkxz2QM0/9Lyc/XN9OL00XBYjA47a1wL55qUUUYWevaFwxWX8LG2UjBf9Vv2lfvLcBBkbgqpalePMDh6wb8IDyJek4BbvZtJ1VZ/l+A9XXY9rQt/hIDdoOAtib8CGr9/CERFIrByZa3TEJBCLAa2FvJSIhHVnKvnuvZX3e9qhTkgHqowJrWg2C3VyPDQYAdIhdpTEvs0pcGSAZWhwXfu9xKQOeyRTEScbLKQmuW+sGbwU+qfdLgh/BR5kW4TMer4TIzWKSuHsqmibgiUwaQkwTrtjH2Xz9Z9XmAbVzJ8pqbEZPe7t5whXDoRSnAwWymdxk2E7SiSsVUA3kX39="
}

突出显示access_token字符串并将其复制到文本编辑器.

Highlight the access_token string and copy it to a text editor.

然后，您需要在routes/api.php中创建一条新路线.下面的路由将仅输出当前API用户的信息:

You'll then need to create a new route in routes/api.php. The route below will simply output the current API users' info:

Route::group(['prefix' => 'user'], function() {
    Route::get('/', function() {
        return response()->json(request()->user());
    });
});

完成上述操作后，对邮递员进行以下更改:

Once you've done the above, make these changes to Postman:

1. 将方法设置为GET
2. 更改URL以指向API路由，即 http://example.com/api/user
3. 再次单击标题标签，并添加一个新的键Authorization和值Bearer access_token_here(用先前复制的访问令牌替换access_token_here)
4. 点击发送"按钮

1. Set the method to GET
2. Change the URL to point to the API route i.e. http://example.com/api/user
3. Click on the headers tab again and add a new key of Authorization and value of Bearer access_token_here (replace access_token_here with the access token you copied earlier)
4. Hit the Send button

示例输出:

{
  "id": "75ced500-1544-11e7-9a8e-ad5f1aee389e",
  "name": "test test",
  "email": "test@test.com",
  "created_at": "2017-03-30 23:29:03",
  "updated_at": "2017-03-30 23:29:03"
}

这篇关于使用Laravel Passport Client应用程序中的访问令牌获取用户数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！