从oauth_access_tokens表中按令牌ID检索访问令牌

时间:2019-05-21 11:13:55

标签: laravel oauth laravel-passport

尝试查找已添加到数据库的用户有效访问令牌时遇到麻烦。 这是Bearer访问令牌的示例:

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjhjM2NlYmYyY2NiNjU4NzRlYjA2ZWFjOTFiOWEyZjJjMjMyNjRhMjFkOTZlNDU5MzFjZWMzMjU1MWIwMjRlZGVmMTIyNmI2NTI5ZDA4ZGQzIn0.eyJhdWQiOiIxIiwianRpIjoiOGMzY2ViZjJjY2I2NTg3NGViMDZlYWM5MWI5YTJmMmMyMzI2NGEyMWQ5NmU0NTkzMWNlYzMyNTUxYjAyNGVkZWYxMjI2YjY1MjlkMDhkZDMiLCJpYXQiOjE1NTgzNzQ0MjcsIm5iZiI6MTU1ODM3NDQyNywiZXhwIjoxNTg5OTk2ODI3LCJzdWIiOiIxNCIsInNjb3BlcyI6WyIqIl19.RKR62AvgYpW66pOu0lX9BdYx4JEyFQCfC8ULrWHFteKpH8EMzUsxGRpRmW1rj3cclE9Ieu3L-c_25tLB4WPBQ37h9a47qDSe60EAUIR84qoRaBCuhmyrehftMnDYtb1VROz2N1J4ab8Pq28Eq8r5ZrGHOSniiGmSZ0SSsrCWamrI82PNJEP4cwkoMx7rGZ_rBBNKrzJGsEK44bkocaipo75YhmADg3qA6n0XWM9UpSm735WEdTKtmXmdsbokK0n-Y-rrzFwSnCnOPFg139Co2lGBto4h1k70e9mI_e82XCBz_JBPJ77sbznQh_ce7uzZ9IyZldVjU6kONJbEZcHJOk1PhTjMtF_nQjvb_F2ZEFwX2dMryF5FM4mktiylBgS0_s-XwO9oOLzkd-CdT-0C_0TjxVa2_fSaZQXDIclYg5kf4n4tduZEIa-r4Fdt9PEBSA0dS7J6RPKwUmI0qLpOyK5ZD1k0AXwnDa2fk71Tp36BUmuo1qSBaUKn4JoIgXPcfN1PhAikp3t7N1WkB8BFbSRXm1OKUBz20ow9V0IL3Gcw88XE6A3EUZxAfAnaoXfC_dVyZModRRbYvb77JGx1JL7tMg5WLb-lI1wZjpNlFhEeeIN0VNDGcwMWcNN8LCcOKK45FqINpWrAtsiHc1cYenZl3nWRqQ3OAwCxM7UQ1t0

这是它(或任何其他令牌)存储在数据库中的方式:

8c3cebf2ccb65874eb06eac91b9a2f2c23264a21d96e45931cec32551b024edef1226b6529d08dd3

试图将其用作访问令牌,但不走运。 这是我的代码示例,如果用户已经存在访问令牌,我想将其发送回去(使用facebook oauth获取我的API访问令牌):

    public function callback(SocialAccountService $service)
    {
        try {
            $facebookData = Socialite::driver($this->provider)->user();

        } catch (\Exception $e) {

            return $this->redirect();
        }

        $user = $service->createOrGetUser($facebookData, $this->provider);

        $token = $user->tokens->filter(function ($token) {
            return $token->revoked !== true;
        })->first();

        if (!$token) {
            $token = $user->createToken('new-token', ['*']);
        }

        return new OauthTokenResource($token);
    }

因此,如果用户存在并且在数据库中找到令牌的情况下,我将无法生成(获取)这样的真实访问令牌:

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjhjM2NlYmYyY2NiNjU4NzRlYjA2ZWFjOTFiOWEyZjJjMjMyNjRhMjFkOTZlNDU5MzFjZWMzMjU1MWIwMjRlZGVmMTIyNmI2NTI5ZDA4ZGQzIn0

仅获取不能用作访问令牌的令牌ID。希望对您有帮助。

0 个答案:

没有答案