Laravel 5.6通过OAuth /令牌挂起

时间:2018-06-23 11:07:12

标签: curl oauth laravel-5.6 laravel-passport

我使用Laravel Passport安装程序设置了新的laravel 5.6安装程序。如果我通过邮递员向http://127.0.0.1/oauth/token发送了投递请求,我将获得有效的令牌:

请求

POST /oauth/token HTTP/1.1
Host: 127.0.0.1:8000
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Cache-Control: no-cache
Postman-Token: 99529c07-0fe3-38a8-54cf-8b80a9dd5fbd

{ 
    "grant_type" : "password",
    "client_id" : 4, 
    "client_secret" : "Ib1UOS7BK12tFxOilqwea1XGJhrExbVYe8B7r8wK",
    "username" : "mail@mail.com",
    "password" : "password"
}

响应:

{
    "token_type": "Bearer",
    "expires_in": 31536000,
    "access_token": "eyJ0eXAiOiJKV1.....",
    "refresh_token": "def5020026dfeb6f91f6a9....."
}

我不希望我的用户直接访问它,所以我已经在routes / web.php文件中设置了一条路由:

Route::post('login', 'API\AuthController@login');

我的AuthController看起来像:

<?php

namespace App\Http\Controllers\API;

use App\OAuth;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller as Controller;
use Illuminate\Support\Facades\Auth;
use Carbon\Carbon;
use App\User;

class AuthController extends Controller
{

public function __construct()
{
    $this->middleware('auth:api', ['except' => ['login']]);
}

/**
 * Login user and create token
 *
 * @param  [string] email
 * @param  [string] password
 * @param  [boolean] remember_me
 * @return [string] access_token
 * @return [string] token_type
 * @return [string] expires_at
 */
public function login(Request $request)
{

    $request->validate([
        'username' => 'required|string|email',
        'password' => 'required|string'
    ]);

    $credentials = request(['username', 'password']);

    return OAuth::login($credentials['username'], $credentials['password']);

}

这将调用我的OAuth类的登录方法:

namespace App;

use GuzzleHttp;

class OAuth
{

public static function login($username, $password)
{
    $http = new GuzzleHttp\Client;

    $response = $http->post('http://127.0.0.1:8000/oauth/token', [
        'form_params' => [
            'grant_type' => 'password',
            'client_id' => 4,
            'client_secret' => 'Ib1UOS7BK12tFxOilqwea1XGJhrExbVYe8B7r8wK',
            'username' => $username,
            'password' => $password
        ],
    ]);

    return json_decode((string) $response->getBody(), true);
}

}

当我使用邮递员时,发出发布请求以获取令牌:

POST /login HTTP/1.1
Host: 127.0.0.1:8000
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Cache-Control: no-cache
Postman-Token: 94469bd8-a011-7e04-5f20-b835a5b1cac4

{
    "username" : "mail@mail.com",
    "password" : "password"
}

请求刚刚挂起。它不会以任何形式的响应或超时返回,它似乎可以永久加载。我不确定发生了什么问题。如果我向邮递员发出对oauth / token的发帖请求,那么它可以工作,但是如果我对控制器方法发出对postauth的发帖请求,而控制器方法又对oauth / token发出了发帖请求,那么它将不起作用。我什么也没回来。

2 个答案:

答案 0 :(得分:3)

我也尝试过从卷曲或食嘴产生令牌。尝试使用此代码对我有用。

function tokenRequest(Request $request){

  $request->request->add([
                "grant_type" => "password",
                "username" => $request->username,
                "password" => $request->password,
                "client_id"     => "2",
                "client_secret" => "VE5S97DfjNciEWJOL1gEZhVLEx2VAGJQEX1dK6cq",
        ]);

        $tokenRequest = $request->create(
                env('APP_URL').'/oauth/token',
                'post'
        );

        $instance = Route::dispatch($tokenRequest);

        return json_decode($instance->getContent());

}

答案 1 :(得分:3)

这是因为内置的PHP服务器是单线程。因此,您对OAuth服务器的第二个(内部)请求将杀死第一个请求。

请参阅我的评论here

相关问题
最新问题