护照认证不验证请求

时间:2018-07-26 15:30:54

标签: php laravel-5 oauth laravel-passport

人们原谅我的英语,

这些上周,我不得不从此oauth lucadegasperi / oauth2-server-laravel更改为通向laravel 5.6的通行证。但是,在我的身份验证中,oauth总是使我拒绝访问,我的中间件软件是这样的。

use Closure;
use Illuminate\Http\Request;
use Response;
use Input;
use Hash;
use App\Usuarios;
use Lang;
use Auth;

use Laravel\Passport\TokenRepository;
use League\OAuth2\Server\ResourceServer;
use League\OAuth2\Server\Exception\OAuthServerException;
use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;


class OAuth2Middleware {


protected $server;
protected $tokens;

public function __construct(ResourceServer $server, TokenRepository $tokens) {
    $this->server = $server;
    $this->tokens = $tokens;
}



/**
 * Handle an incoming request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Closure  $next
 * @return mixed
 */
public function handle($request, Closure $next)
{

    try {
        if( $this->validateToken( $request) === null ){

            return $next($request);
        }
    }
    catch (Exception\InvalidRequestException $e) { }
    catch (Exception\AccessDeniedException $e) { }

    $http_codigo = 499;
    $retorno['tipo'] = 'erro';
    $retorno['mensagem'] = Lang::get('webservice.acesso_negado');

    return response( json_encode( $retorno ) , $http_codigo);
}



public function validateToken(Request $request, $localCall = false) {

    try {
        $psr = (new DiactorosFactory)->createRequest($request);
        $psr = $this->server->validateAuthenticatedRequest($psr);

        $token = $this->tokens->find(
            $psr->getAttribute('oauth_access_token_id')
        );

        $currentDate = new DateTime();
        $tokenExpireDate = new DateTime($token->expires_at);

        $isAuthenticated = $tokenExpireDate > $currentDate ? true : false;

        if($localCall) {
            return $isAuthenticated;
        }
        else {
            return json_encode(array('authenticated' => $isAuthenticated));
        }
    } catch (OAuthServerException $e) {
        if($localCall) {
            return false;
        }
        else {
            return json_encode(array('error' => 'Algo ocorreu de errado com a autenticação'));
        }
    }
}

}

但是当您运行此方法validateAuthenticatedRequest()时,永远不会授权!该请求是正确的,带有承载者和其他信息,根据发布的代码可能会出什么问题?欢迎任何帮助,我不知道该怎么办。

Tks

0 个答案:

没有答案