laravel5.3-第11章-passport laravel5.3-第11章-passport

2023-06-30

一、passport

composer create-project laravel/laravel=5.3.* laravel5.3_passport

新建数据库 laravel5.3_passport

修改 .evn 配置文件

APP_URL=http://passport.com

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel5.3_passport
DB_USERNAME=laravel5.3_passport
DB_PASSWORD=laravel5.3_passport

修改中国时区,在 config/app.php 中修改

'timezone' => 'PRC',

切换目录

cd laravel5.3_passport

通过 composer 下载 passport

composer require laravel/passport=~1.0

passport 专注于实现 OAuth2.0 服务端,官网:https://laravel.com/docs/5.3/passport

至于什么是 OAuth2.0,可以看这篇文章:https://lulublog.cn/p/7tObm1

在 config/app.php 中配置 passport:在 providers 参数中新增

\Laravel\Passport\PassportServiceProvider::class,

执行数据迁移

php artisan migrate

生成加密 key

php artisan passport:install

配置 User 模型的 HasApiTokens

use Laravel\Passport\HasApiTokens;

use HasApiTokens, Notifiable;

添加 passport 路由:修改 app/Providers/AuthServiceProvider.php

use Laravel\Passport\Passport;

public function boot()
{
    $this->registerPolicies();
    Passport::routes();
}

修改 config/auth.php 中的 guards 参数

'api' => [
    'driver' => 'passport',
    'provider' => 'users',
],

注册用户

php artisan make:auth

配置本地域名:passport.com

生成用户:访问 http://passport.com/register

https://file.lulublog.cn/images/3/2023/06/qr9LTtWTxItzMP1rzv5H5X8vnTwW8T.jpg

生成前端组件

php artisan vendor:publish --tag=passport-components

注册前端组件:resources/assets/js/app.js 新增以下代码

Vue.component(
    'passport-clients',
    require('./components/passport/Clients.vue')
);

Vue.component(
    'passport-authorized-clients',
    require('./components/passport/AuthorizedClients.vue')
);

Vue.component(
    'passport-personal-access-tokens',
    require('./components/passport/PersonalAccessTokens.vue')
);

执行 npm install

npm install

执行 gulp

gulp

如果报错

https://file.lulublog.cn/images/3/2023/07/w7mQu5tdlIgqULU7qttQ7L9TGZP7kx.jpg

修改 package.json

"bootstrap-sass": "3.4.1",

然后重新执行命令

npm install

gulp

注册组件:修改 resources/views/home.blade.php

https://file.lulublog.cn/images/3/2023/07/SjWjD87Pa8d7J878GG0a5jcCd8GzY7.jpg

登录后打开:http://passport.com/home

https://file.lulublog.cn/images/3/2023/07/Hl75r5Ve6TePVoEpeE5Pe6e74EDsT7.jpg

点击 Create New Client

Name:passport-client

Redirect URL:http://passport-client.com/callback

点击 Create 进行保存

二、passport_client

新建一个 passport_client 的项目

composer create-project laravel/laravel=5.3.* laravel5.3_passport_client

修改 .evn 配置文件

APP_URL=http://passport-client.com

切换目录

cd laravel5.3_passport_client

安装 guzzlehttp/guzzle

composer require guzzlehttp/guzzle

配置本地域名:passport-client.com

修改 routes/web.php

Route::get('/oauth', function () {
    $query = http_build_query([
        'client_id' => 3,
        'redirect_uri' => 'http://passport-client.com/callback',
        'response_type' => 'code',
        'scope' => '',
    ]);

    return redirect('http://passport.com/oauth/authorize?'.$query);
});

Route::get('callback', 'OAuthController@oauth');

创建控制器

php artisan make:controller OAuthController

修改 app/Http/Controllers/OAuthController.php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Arr;

class OAuthController extends Controller
{
    public function oauth(Request $request)
    {
        $http = new \GuzzleHttp\Client;
        $response = $http->post('http://passport.com/oauth/token', [
            'form_params' => [
                'grant_type' => 'authorization_code',
                'client_id' => 3,
                'client_secret' => 'RXvEYrWCCXnDcRfqzEVtKzBP4EGpnwIPLy7VwVmM',
                'redirect_uri' => 'http://passport-client.com/callback',
                'code' => $request->code,
            ],
        ]);
        $accessToken = Arr::get(json_decode((string) $response->getBody(), true), 'access_token');
        return $this->getUserByToken($accessToken);
    }

    private function getUserByToken($accessToken)
    {
        $http = new \GuzzleHttp\Client;
        $headers = [
            'Authorization' => 'Bearer '.$accessToken
        ];
        $request = new \GuzzleHttp\Psr7\Request('Get', 'http://passport.com/api/user', $headers);
        $response = $http->send($request);
        return json_decode((string) $response->getBody(), true);
    }
}

备注:这里的 client_secret 是 passport.com 生成的

三、access_token

3.1、Authorize

访问:http://passport-client.com/oauth,会跳转 http://passport.com/oauth/authorize?client_id=3&redirect_uri=http%3A%2F%2F127.0.0.1%3A8001%2Fcallback&response_type=code&scope=

https://file.lulublog.cn/images/3/2023/07/NjZTgjYt1jJ1T5GjAzjG57jgo71Kf0.jpg

在 windows 平台下,使用laraval/passport包,报错如下

"oauth-public.key" permissions are not correct, should be 600 or 660 instead of 666

修改 passport 项目 vendor/league/oauth2-server/src/AuthorizationServer.php

use Laravel\Passport\Passport;

$privateKey = new CryptKey($privateKey);
修改为
$privateKey = new CryptKey('file://' . Passport::keyPath('oauth-private.key'),null,false);

$publicKey = new CryptKey($publicKey);
修改为
$publicKey = new CryptKey('file://' . Passport::keyPath('oauth-public.key'),null,false);

如果 laravel-passport 报错

Replicating claims as headers is deprecated and will removed from v4.0. Please man

解决命令:在 passport 项目下执行

composer require lcobucci/jwt=3.3.3

点击 Authorize 会跳转 http://passport-client.com/callback

https://file.lulublog.cn/images/3/2023/07/S0VUeS0Y9TueT9szEwfzd4yyhUfydD.jpg

3.2、Personal Access Tokens

访问 http://passport.com/home,点击 Create New Token

https://file.lulublog.cn/images/3/2023/07/lM2oOkfn2HT01Z0Mt8828kTtD3KOfj.jpg

打开 postman

https://file.lulublog.cn/images/3/2023/07/NE09MPE8G709RezRP4e2eZ02g08NEp.jpg

3.3、CreateFreshApiToken

修改 passport 项目 resources/assets/js/components/Example.vue

export default {
    mounted() {
      this.$http.get('/api/user').then(response => {
        console.log(response.data);
      });
    }
}

执行 gulp

gulp

resources/views/home.blade.php 引入 Example.vue

https://file.lulublog.cn/images/3/2023/07/gT2v0Qqd8v81NBHAQzOiDaa1OQhv2b.jpg

打开 http://passport.com/home,强制刷新,在控制台可以看到

https://file.lulublog.cn/images/3/2023/07/A17y7Yz1zjc88pS1q1KpJzsKhJP111.jpg

 可能会报错,需要在 app/Http/Kernel.php 的 middlewareGroups 的 web 引入 CreateFreshApiToken

\Laravel\Passport\Http\Middleware\CreateFreshApiToken::class

3.4、password granted

在 passport 项目生成 password granted

php artisan passport:client --password

password-granted

https://file.lulublog.cn/images/3/2023/07/w2ebF2PrF4Gt3B3EZ4H6H247BShsxR.jpg

修改 passport-client 项目的 app/Http/Controllers/OAuthController.php

namespace App\Http\Controllers;

use GuzzleHttp\Client;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;

class OAuthController extends Controller
{
    protected $http;

    public function __construct(Client $http)
    {
        $this->http = $http;
    }

    public function oauth(Request $request)
    {
        $response = $this->http->post('http://passport.com/oauth/token', [
            'form_params' => [
                'grant_type' => 'password',
                'client_id' => 4,
                'client_secret' => 'rF0izYUKUJUZ01G0exfydwn2J5rXLg7iIFkg8Iaa',
                'username' => 'alulubin@gmail.com',
                'password' => '123456',
                'scope' => '',
            ],
        ]);
        $accessToken = Arr::get(json_decode((string) $response->getBody(), true), 'access_token');
        return $this->getUserByToken($accessToken);
    }

    private function getUserByToken($accessToken)
    {
        $headers = [
            'Authorization' => 'Bearer '.$accessToken
        ];
        $request = new \GuzzleHttp\Psr7\Request('Get', 'http://passport.com/api/user', $headers);
        $response = $this->http->send($request);
        return json_decode((string) $response->getBody(), true);
    }
}

访问 http://passport-cilent.com/callback

https://file.lulublog.cn/images/3/2023/07/S0VUeS0Y9TueT9szEwfzd4yyhUfydD.jpg

阅读 506

laravel5.3文章

带到手机上看