Laravel Passport:如何从Bearer Token获得访问令牌

时间:2018-10-21 05:30:27

标签: laravel laravel-5 oauth-2.0 laravel-passport

我要求了如下Client_credentials:

{
    "grant_type": "client_credentials",
    "client_id": 8,
    "client_secret": "XXNKXXqJjfzG8XXSvXX1Q4pxxnkXmp8tT8TXXKXX",
    "redirect_uri": "",
    "scope": "*"
}

然后在下面收到响应:

{
    "token_type": "Bearer",
    "expires_in": 31536000,
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGcXXXJSUzI1NiIsImp0aSI6ImEzYjJhZmU5OTYzMTE5MDAyZDAwZmEzNzU0ZGY3ZTRkMTgwYzhlYWRmNGQyOGU5MTI4YjAyYjJmYWQxZjY1NjUzMzAyZjNlZTI4MTgxMDFhIn0.eyJhdWQiOiI4IiwianRpIjoiYTNiMmFmZTk5NjMxMTkwMDJkMXXXYTM3XXXkZjdlNGQxODBjOGVhZGY0ZDI4ZTkxMjhiMDJiMmZhZDFmNjU2NTMzMDJmM2VlMjgxODEwMWEiLCJpYXQiOjE1NDAwMTQxNTUsIm5iZiI6MTU0MDAxNDE1NSwiZXhwIjoxNTcxNTUwMTU1LCJzdWIiOiIiLCJzY29wZXMiOltdfQ.sNSYywfBf27yAojqZclpjliysbQARlYFktzanTMecXXXIai5DgJY0sKhGpHktP5cqirYdemoFKy2nOxzZ8g29gCQQ63zmxe3vpbDz1GAdrjCDWoUlwSXXXHx4VIsdSIzVdi9XyvPKaLKMdoL6nFeWgpgXKGIvHKdiHjKgQbY_08Qa6JMN5Up27qmIOQoXJNAf1nuXvBMabUU_Js7VNspwPfdC8nMZ5zhK1A_c32_lDRtHqkhDfqqBXdUB-inx-zixhn2ODC4b4tkdj7XXXXlVKFxHxKM3aVOMFlmKhypSDwIUB0dPsN8iHcLzkl1yjzRQcOvQEj5BXWLkLCPdkiX2YJuFiWGUm_nxiYoIRV3ptJDeBI5OJI870JTOwBfJePrHTbXmhbjNSQSflLtiOV34wbPQZWH3KMKcsGVYvXXX3rcO5cbZWeeJLGPPYYO-_AWDmdAm-Qsb6Tw1sPxEZRw0dw3zBHnLVrEK9GXXXN2U5wE9Ka3id8ecOJSXSD39X1PyZUB9dJTidmbiWYWgskSTsqLuWfzXXXtlXkb1iOO37kT_Y5zr71Wp1RJ1Fp38yIyHI6fR9hKqeNALSqhv2ALmcSMQsFGTtPG98lGulu-vRJJhgMJ3C3fSTljN7o9BM7Jz-h0ymxC8sSMSNsXakK1qu40vD40zRJMB09sBPjIAVo"
}

在数据库中,它将在oauth_access_tokens表中创建记录,如下所示:

id: 53ad95f4438e0f30769fa7e642e9c5b2fbd994fb3a95ece4a86578b07d2d72e61c01301df37e9bdb
user_id: NULL
client_id: 8
name: NULL
scopes: []
revoked: 0
etc...

然后我将使用上面给出的LONG访问令牌来使用我的API:

通过发送请求标头,如下:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGcXXXJSUzI1NiIsImp0aSI6ImEzYjJhZmU5OTYzMTE5MDAyZDAwZmEzNzU0ZGY3ZTRkMTgwYzhlYWRmNGQyOGU5MTI4YjAyYjJmYWQxZjY1NjUzMzAyZjNlZTI4MTgxMDFhIn0.eyJhdWQiOiI4IiwianRpIjoiYTNiMmFmZTk5NjMxMTkwMDJkMXXXYTM3XXXkZjdlNGQxODBjOGVhZGY0ZDI4ZTkxMjhiMDJiMmZhZDFmNjU2NTMzMDJmM2VlMjgxODEwMWEiLCJpYXQiOjE1NDAwMTQxNTUsIm5iZiI6MTU0MDAxNDE1NSwiZXhwIjoxNTcxNTUwMTU1LCJzdWIiOiIiLCJzY29wZXMiOltdfQ.sNSYywfBf27yAojqZclpjliysbQARlYFktzanTMecXXXIai5DgJY0sKhGpHktP5cqirYdemoFKy2nOxzZ8g29gCQQ63zmxe3vpbDz1GAdrjCDWoUlwSXXXHx4VIsdSIzVdi9XyvPKaLKMdoL6nFeWgpgXKGIvHKdiHjKgQbY_08Qa6JMN5Up27qmIOQoXJNAf1nuXvBMabUU_Js7VNspwPfdC8nMZ5zhK1A_c32_lDRtHqkhDfqqBXdUB-inx-zixhn2ODC4b4tkdj7XXXXlVKFxHxKM3aVOMFlmKhypSDwIUB0dPsN8iHcLzkl1yjzRQcOvQEj5BXWLkLCPdkiX2YJuFiWGUm_nxiYoIRV3ptJDeBI5OJI870JTOwBfJePrHTbXmhbjNSQSflLtiOV34wbPQZWH3KMKcsGVYvXXX3rcO5cbZWeeJLGPPYYO-_AWDmdAm-Qsb6Tw1sPxEZRw0dw3zBHnLVrEK9GXXXN2U5wE9Ka3id8ecOJSXSD39X1PyZUB9dJTidmbiWYWgskSTsqLuWfzXXXtlXkb1iOO37kT_Y5zr71Wp1RJ1Fp38yIyHI6fR9hKqeNALSqhv2ALmcSMQsFGTtPG98lGulu-vRJJhgMJ3C3fSTljN7o9BM7Jz-h0ymxC8sSMSNsXakK1qu40vD40zRJMB09sBPjIAVo

问题:如何基于分配给服务器的Bearer令牌在控制器的表oauth_access_tokens(列ID)中获取access_token?

或如何在控制器中获取此值:

53ad95f4438e0f30769fa7e642e9c5b2fbd994fb3a95ece4a86578b07d2d72e61c01301df37e9bdb

基于以下给出的Bearer令牌:

Bearer eyJ0eXAiOiJKV1QiLCJhbGcXXXJSUzI1NiIsImp0aSI6ImEzYjJhZmU5OTYzMTE5MDAyZDAwZmEzNzU0ZGY3ZTRkMTgwYzhlYWRmNGQyOGU5MTI4YjAyYjJmYWQxZjY1NjUzMzAyZjNlZTI4MTgxMDFhIn0.eyJhdWQiOiI4IiwianRpIjoiYTNiMmFmZTk5NjMxMTkwMDJkMXXXYTM3XXXkZjdlNGQxODBjOGVhZGY0ZDI4ZTkxMjhiMDJiMmZhZDFmNjU2NTMzMDJmM2VlMjgxODEwMWEiLCJpYXQiOjE1NDAwMTQxNTUsIm5iZiI6MTU0MDAxNDE1NSwiZXhwIjoxNTcxNTUwMTU1LCJzdWIiOiIiLCJzY29wZXMiOltdfQ.sNSYywfBf27yAojqZclpjliysbQARlYFktzanTMecXXXIai5DgJY0sKhGpHktP5cqirYdemoFKy2nOxzZ8g29gCQQ63zmxe3vpbDz1GAdrjCDWoUlwSXXXHx4VIsdSIzVdi9XyvPKaLKMdoL6nFeWgpgXKGIvHKdiHjKgQbY_08Qa6JMN5Up27qmIOQoXJNAf1nuXvBMabUU_Js7VNspwPfdC8nMZ5zhK1A_c32_lDRtHqkhDfqqBXdUB-inx-zixhn2ODC4b4tkdj7XXXXlVKFxHxKM3aVOMFlmKhypSDwIUB0dPsN8iHcLzkl1yjzRQcOvQEj5BXWLkLCPdkiX2YJuFiWGUm_nxiYoIRV3ptJDeBI5OJI870JTOwBfJePrHTbXmhbjNSQSflLtiOV34wbPQZWH3KMKcsGVYvXXX3rcO5cbZWeeJLGPPYYO-_AWDmdAm-Qsb6Tw1sPxEZRw0dw3zBHnLVrEK9GXXXN2U5wE9Ka3id8ecOJSXSD39X1PyZUB9dJTidmbiWYWgskSTsqLuWfzXXXtlXkb1iOO37kT_Y5zr71Wp1RJ1Fp38yIyHI6fR9hKqeNALSqhv2ALmcSMQsFGTtPG98lGulu-vRJJhgMJ3C3fSTljN7o9BM7Jz-h0ymxC8sSMSNsXakK1qu40vD40zRJMB09sBPjIAVo

??

3 个答案:

答案 0 :(得分:1)

*如果你们有更好的解决方案,请告诉我...

到目前为止,这是我如何杀死它:

  1. 我覆盖CheckClientCredentials中间件:

    use Laravel\Passport\Http\Middleware\CheckClientCredentials as Middleware;

class CheckClientCredentials extends Middleware{

public function handle($request, Closure $next, ...$scopes){
    $psr = (new DiactorosFactory)->createRequest($request);

    try {
        $psr = $this->server->validateAuthenticatedRequest($psr);
    } catch (OAuthServerException $e) {
        throw new AuthenticationException;
    }

    $this->validateScopes($psr, $scopes);

    $request->attributes->set('oauth_access_token_id', $psr->getAttribute('oauth_access_token_id'));
    $request->attributes->set('oauth_client_id', $psr->getAttribute('oauth_client_id'));
    $request->attributes->set('oauth_user_id', $psr->getAttribute('oauth_user_id'));
    $request->attributes->set('oauth_scopes', $psr->getAttribute('oauth_scopes'));

    return $next($request);
}

    }

  2. 在控制器中访问它:

    dd($request->get('oauth_access_token_id'));

答案 1 :(得分:1)

要通过令牌吸引用户,您需要了解令牌是什么。

令牌被分为三个base64编码部分:标头,有效负载和签名,以句点分隔。在您的情况下,由于您只想查找用户,因此只需要标题

要获取标题,您可以执行以下操作:

$access_token = "eyJ0eXAiOiJKV1QiLCJhbGcXXXJSUzI......" 

// break up the string to extract only the token

$auth_header = explode(' ', $access_token);
$token = $auth_header[1];

// break up the token into its three respective parts
$token_parts = explode('.', $token);
$token_header = $token_parts[0];

// base64 decode to get a json string
$token_header_json = base64_decode($token_header);
// you'll get this with the provided token:



{"typ":"JWT","alg":"RS256","jti":"9fdb0dc4382f2833ce2d3993c670fafb5a7e7b88ada85f490abb90ac211802720a0fc7392c3f2e7c"}

// then convert the json to an array
$token_header_array = json_decode($token_header_json, true);

有了这个,您就可以在jti键中找到用户的令牌:

$user_token = $token_header_array['jti'];

我从@samsquanch中学到了这一点

答案 2 :(得分:-1)

您可以使用此插件获得所需的结果。 Github link to plugin

相关问题
最新问题