使用Laravel Passport Client应用程序中的访问令牌获取用户数据 [英] Get user data using access token in laravel passport client app
问题描述
我已经使用 Laravel Passport文档成功创建了 server.app 和 client.app .一切都按预期进行.
I have successfully created server.app and client.app using Laravel Passport documentation. Everything works as expected.
client.app路由:
Route::get('callback', function (Request $request) {
$http = new GuzzleHttp\Client;
$response = $http->post('http://server.app/oauth/token', [
'form_params' => [
'grant_type' => 'authorization_code',
'client_id' => 3,
'client_secret' => 'secret',
'redirect_uri' => 'http://client.app/callback',
'code' => $request->code
]
]);
return json_decode((string) $response->getBody(), true)['access_token'];
});
默认情况下,此路由返回 access_token ,我可以使用该路由执行我想做的任何事情.
By default, this route returns access_token, with which i can do whatever i want.
请求:
http://server.app/oauth/authorize?client_id=3&redirect_uri=http%3A%2F%2Fclient.app%2Fcallback&response_type=code&scope=
返回:
http://client.app/callback?code=access_token
问题:
如何使用给定的 client.app 中的access_token向 server.app 发出正确的请求,以获取例如用户的电子邮件 strong>.
How to make correct request to server.app with given access_token in client.app to get for example user(s) email(s).
我应该使用:http://server.app/api/user
请求获取数据吗?如果是,我该怎么做?如有可能,请编写代码.
Should i use: http://server.app/api/user
request to get data? If yes, how i can do that? If possible, please write a code.
感谢您的回答.
推荐答案
我一直在疯狂地对待这个问题!对于为什么在尝试连接诸如/api/user
之类的路线时为什么会不断吐出愚蠢的Unauthenticated
错误,这并没有什么奇怪的意义.经过大量搜索(MUCH搜索),我终于找到了答案.如果您从《拉拉卡斯特》中看到这个铁杆,那您就是我的英雄!
I've been going absolutely insane about this issue! It just made no freaking sense as to why it kept spitting out the stupid Unauthenticated
error when trying to hit-up a route such as /api/user
. After much searching (MUCH searching), I finally found the answer. If you see this fero from Laracasts, you're my hero!
您检查了
app\Providers\RouteServiceProvider.php
吗?
在mapApiRoutes()
中,您可以设置中间件.检查以确保
其auth:api
.如果不是,请更改它.另外,删除auth
路径api.php
文件中的中间件.
in the mapApiRoutes()
you can set the middleware. check to make sure
its auth:api
. if its not, change it. also, remove the auth
middleware from the route api.php
file.
对上述app\Providers\RouteServiceProvider.php
进行更改后,请继续以下示例.
Once you've made the change to the app\Providers\RouteServiceProvider.php
mentioned above, proceed with the below example.
首先,我们需要检索一个新的access_token
.为此,我使用了密码 grant_type
(更多信息: https://laravel.com/docs/5.4/passport#password-grant-tokens )
First things first, we need to retrieve a fresh access_token
. To do this, I'm using the password grant_type
(more info: https://laravel.com/docs/5.4/passport#password-grant-tokens)
要检索新的access_token
,我在routes/web.php
上创建了一条新路线并将其命名为/connect
.然后,将上面链接中的代码放入其中:
To retrieve a fresh access_token
, I've created a new route on routes/web.php
and called it /connect
. I've then placed the code from the above link into it:
Route::get('connect', function (Request $request) {
$http = new GuzzleHttp\Client;
$response = $http->post('http://example.com/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => $request->client_id,
'client_secret' => $request->client_secret,
'username' => $request->username,
'password' => $request->password,
'scope' => ''
],
]);
return json_decode((string) $response->getBody(), true);
});
使用 Chrome邮递员,您需要:>
Using Chrome Postman, you need to:
- 将方法设置为
GET
- 输入具有相关参数的连接URL,即标题"标签(位于授权"旁边),添加键
Accept
和值application/json
- 点击发送"按钮
- Set the method to
GET
- Enter the connect URL with the relevant params i.e. http://example.com/connect?client_id=1&client_secret=W2zogh7tiBh2jfHleYuzpViv7dqynDYQ6O07DKLj&username=test@test.com&password=123456
- Click the headers tab (it's next to Authorization), add a key of
Accept
and value ofapplication/json
- Hit the Send button
结果示例:
{
"token_type": "Bearer",
"expires_in": 31535999,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImE0MmFiYjZkNTQ5M2ZjMGQxYzVmM2E3MDFlOTNjMTRlOTQxMTBmNWQ5NmI1ODI0NTBmMmEyM2MwMzQ5OTMwODdiZGUwYTI5ZDU5N2VjYTExIn0.eyJhdWQiOiIxIiwianRpIjoiYTQyYWJiNmQ1NDkzZmMwZDFjNWYzYTcwMWU5M2MxNGU5NDExMGY1ZDk2YjU4MjQ1MGYyYTIzYzAzNDk5MzA4N2JkZTBhMjlkNTk3ZWNhMTEiLCJpYXQiOjE0OTE0Njg4ODIsIm5iZiI6MTQ5MTQ2ODg4MiwiZXhwIjoxNTIzMDA0ODgxLCJzdWIiOiI3NWNlZDUwMC0xNTQ0LTExZTctOWE4ZS1hZDVmMWFlZTM4OWUiLCJzY29wZXMiOltdfQ.dV3DKDM7IN-oGnZ_Rw10VnYkh9ySlz5i859yO0roZLAYwgmsmEEZK_vpttudUoKmYenqibZQXg6HG4KHRd-cgas_2DpO-7UCkXQYNTriUUAQ4XM6To86EOaf2BW1a07kdVGXTdo_ETQc7heUG0NWQ8-Hrr2NHkSyDULupDs8gDg_fg6xSVsFUEDZB32UIGwquAHT1Y21ZpTdQar0Rag9qOLeZYTR05ro0v9_rQbSoDgJiZE3KT9GbqwU_BegWRmAwY6LmxG4raZpSMgqYEMo3D9D0lJiomOLK4pSjqmi0EVti04zZ6Vg4GHE6S1TgC6IlakV2bMItXTWuZT6T0jEba-3ctaC4K2T8F4P8J6t-99mKY-_zSwgfGm1FErK09qixJlZ4zFsCCT7MgNQVoyu7GkJdTJVlpL1QXLc1QhfrtW11a4gg4Nlja_VyRdB9fZHomgMLpvm_HvSlqEvpeWb8wGkCts9w7ivSNLim-LuFgswGNhTZZqLEbuwB6sJV-l1V0MJCq7_h0yTmLlBdoUkxCaDJJvkUSLk0MUaalAAzY1OCxm-tJcKn31m4yOwf25ZDWf8tWuOTKarEbFyxjB0elkxXQXGe7J7TJAg0tuIEQ8YTL3ExJQ6I7zwtCL83bPOWYRGlJrsX6Lsf0qB-xMVD2DzA3JKDKvZTp5x92kP821",
"refresh_token": "ArOWW0glHjflLpL4fKOsrNUXT5v91u+CjwcE8LBvH7GJsaM0gWaFe8GH9zXjh8SHew+cg7v1IMiIPLYSVdf7h8oOeV7wgwjChI9YM0Kt6iE4wOXJuy0VwPSCj+danHDuWC3nJWYLrPydTE3h/jgFNjWEPfgXGLfiRWjWQMozddz5EWd4pvUI7J64Lw6cMCg/BslZLHtfN7IWoC1RQGp5K0cGO0QmZfsGMSzsoSUNFjv16BXiKSqlNvs5aGhxErFY4wEOKqBifXUkb3SwnK/iHKg3irmqj4fOf/aKNyCdd/PJCHrRPocrW83oM1sjq7eDufEIlgxmy7uRset8GLAWjx/n6rzkxz2QM0/9Lyc/XN9OL00XBYjA47a1wL55qUUUYWevaFwxWX8LG2UjBf9Vv2lfvLcBBkbgqpalePMDh6wb8IDyJek4BbvZtJ1VZ/l+A9XXY9rQt/hIDdoOAtib8CGr9/CERFIrByZa3TEJBCLAa2FvJSIhHVnKvnuvZX3e9qhTkgHqowJrWg2C3VyPDQYAdIhdpTEvs0pcGSAZWhwXfu9xKQOeyRTEScbLKQmuW+sGbwU+qfdLgh/BR5kW4TMer4TIzWKSuHsqmibgiUwaQkwTrtjH2Xz9Z9XmAbVzJ8pqbEZPe7t5whXDoRSnAwWymdxk2E7SiSsVUA3kX39="
}
突出显示access_token
字符串并将其复制到文本编辑器.
Highlight the access_token
string and copy it to a text editor.
然后,您需要在routes/api.php
中创建一条新路线.下面的路由将仅输出当前API用户的信息:
You'll then need to create a new route in routes/api.php
. The route below will simply output the current API users' info:
Route::group(['prefix' => 'user'], function() {
Route::get('/', function() {
return response()->json(request()->user());
});
});
完成上述操作后,对邮递员进行以下更改:
Once you've done the above, make these changes to Postman:
- 将方法设置为
GET
- 更改URL以指向API路由,即 http://example.com/api/user
- 再次单击标题标签,并添加一个新的键
Authorization
和值Bearer access_token_here
(用先前复制的访问令牌替换access_token_here
) - 点击发送"按钮
- Set the method to
GET
- Change the URL to point to the API route i.e. http://example.com/api/user
- Click on the headers tab again and add a new key of
Authorization
and value ofBearer access_token_here
(replaceaccess_token_here
with the access token you copied earlier) - Hit the Send button
示例输出:
{
"id": "75ced500-1544-11e7-9a8e-ad5f1aee389e",
"name": "test test",
"email": "test@test.com",
"created_at": "2017-03-30 23:29:03",
"updated_at": "2017-03-30 23:29:03"
}
这篇关于使用Laravel Passport Client应用程序中的访问令牌获取用户数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!