流明护照返回未经授权的错误

时间:2019-08-12 12:19:56

标签: laravel laravel-5 lumen laravel-passport

Lumen auth:api always comes back Unauthorized

https://github.com/dusterio/lumen-passport软件包。

然后他迈出了一步。令牌也会生成。

$app->group(['middleware' => 'auth:api'], function () use ($app){
        $app->get('all_languages',  ['uses' => 'ListController@getAllLanguages']);
});

但总是出现未经授权的错误。

令牌也传入标题。

enter image description here

2 个答案:

答案 0 :(得分:0)

不是将令牌放入Headers,而是单击Authorization标签旁边左侧的Headers标签,然后在其中选择Type (令牌类型)为Bearer,然后将令牌粘贴到此处。现在发送请求。

以下是操作方法的屏幕截图 enter image description here

答案 1 :(得分:0)

问题解决了。

流明护照,其中提供了多种授予类型,请参见下面的文档参考。链接

https://oauth.net/2/grant-types/

我的问题是生成 client_credentials ,该令牌在身份验证令牌中使用,因此始终返回未经授权错误。

所以我使用了密码授予类型并生成令牌,该令牌在api中使用,它将起作用。

http://localhost/api/public/oauth/token 

{
 "grant_type": "password",
 "scope": "*",
 "client_id": "client_id",
 "client_secret": "client_secret",
 "username":"username,
 "password":"password"
}

输出为

{
    "token_type": "Bearer",
    "expires_in": 31622400,
    "access_token": "token_here",
    "refresh_token": "refresh_token"
}

和api中使用的access_token一样可以正常工作。

client_credentials 授予类型在流明护照中不可用

但是使用laravel护照,您可以实现这一目标。

App \ Http \ Middleware \ CheckClientCredentials.php 创建文件

<?php

namespace App\Http\Middleware;

use Closure;
use League\OAuth2\Server\ResourceServer;
use Illuminate\Auth\AuthenticationException;
use Laravel\Passport\Exceptions\MissingScopeException;
use League\OAuth2\Server\Exception\OAuthServerException;
use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;

class CheckClientCredentials
{
    /**
     * The Resource Server instance.
     *
     * @var \League\OAuth2\Server\ResourceServer
     */
    private $server;

    /**
     * Create a new middleware instance.
     *
     * @param  \League\OAuth2\Server\ResourceServer  $server
     * @return void
     */
    public function __construct(ResourceServer $server)
    {
        $this->server = $server;
    }

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  mixed  ...$scopes
     * @return mixed
     * @throws \Illuminate\Auth\AuthenticationException
     */
    public function handle($request, Closure $next, ...$scopes)
    {
        $psr = (new DiactorosFactory)->createRequest($request);

        try {
            $psr = $this->server->validateAuthenticatedRequest($psr);
        } catch (OAuthServerException $e) {
            //throw new AuthenticationException;
            return response('Unauthorized.', 401);            
        }

        $this->validateScopes($psr, $scopes);
        return $next($request);
    }

    /**
     * Validate the scopes on the incoming request.
     *
     * @param  \Psr\Http\Message\ResponseInterface $psr
     * @param  array  $scopes
     * @return void
     * @throws \Laravel\Passport\Exceptions\MissingScopeException
     */
    protected function validateScopes($psr, $scopes)
    {
        if (in_array('*', $tokenScopes = $psr->getAttribute('oauth_scopes'))) {
            return;
        }

        foreach ($scopes as $scope) {
            if (! in_array($scope, $tokenScopes)) {
                throw new MissingScopeException($scope);
            }
        }
    }
}

bootstrap \ app.php 更改文件

$app->routeMiddleware([
        'auth' => App\Http\Middleware\Authenticate::class,      
        'client_credentials' => App\Http\Middleware\CheckClientCredentials::class
]);

web.php 

 $app->group(['middleware' => 'client_credentials'], function () use ($app) {
        $app->get('/user', ['uses' => 'UserController@getAllUser']);            
    });

和令牌

http://localhost/api/public/oauth/token 

{
  "grant_type": "client_credentials",
  "client_id": "client_id",
  "client_secret": "client_secret"
}

输出

{
    "token_type": "Bearer",
    "expires_in": 5400,
    "access_token": "access_token_here"
}

该令牌使用标头,它将对我有用。

相关问题
最新问题