×ðÁú¿­Ê±

  1. ×ðÁú¿­Ê±ÂËÓÍ»úÊ×Ò³
  2. ×ÊÖúÖÐÐÄ

Laravel¿ª·¢£ºÔõÑùʹÓÃLaravel PassportÖÎÀíOAuth2 £¿

ȪԴ£º×ðÁú¿­Ê±ÂËÓÍ»úÍø ÔðÈα༭£º¶÷СÊÏ Ê±¼ä£º2024Äê9ÔÂ19ÈÕ 0

ÔÚwebÓ¦ÓóÌÐò¿ª·¢ÖУ¬¾­³£ÐèҪʹÓÃoauth2ЭÒé¾ÙÐÐÓû§Éí·ÝÑéÖ¤ºÍÊÚȨ£¬ÒÔ±ãÓû§¿ÉÒÔÇå¾²µØʹÓõÚÈý·½Ð§ÀÍ ¡£Í¨¹ýʹÓÃlaravel passport£¬Äã¿ÉÒÔÀû±ãµØ´¦Öóͷ£oauth2ЭÒ飬ʵÏÖÔÚlaravelÓ¦ÓóÌÐòÖеÄÉí·ÝÑéÖ¤ºÍÊÚȨ ¡£

Laravel PassportÊÇÒ»¸ö¿ªÔ´Èí¼þ°ü£¬ÌṩÁËÒ»¸öÍêÕûµÄOAuth2ЧÀÍÆ÷ʵÏÖ£¬°üÀ¨TokenÌìÉú¡¢TokenÖÎÀí¡¢×÷ÓÃÓòµÈ¹¦Ð§£¬Ê¹µÃOAuth2ЭÒéÔÚLaravelÓ¦ÓóÌÐòÖеÄʵÏÖ±äµÃºÜÊÇÈÝÒ× ¡£

±¾ÎĽ«ÏòÄãÏÈÈÝÔõÑùʹÓÃLaravel PassportÀ´ÖÎÀíOAuth2ЭÒé ¡£

ʹÓÃLaravel PassportÌìÉúAPIÃÜÔ¿

ÔÚʹÓÃOAuth2ЭÒé֮ǰ£¬ÎÒÃÇÐèÒªÌìÉúAPIÃÜÔ¿ ¡£APIÃÜÔ¿½«×÷ΪOAuth2¿Í»§¶ËIDºÍÃÜԿʹÓ㬲¢ÓÃÓÚ»ñÈ¡»á¼ûÁîÅÆ ¡£ÎÒÃÇ¿ÉÒÔʹÓÃLaravel PassportÌṩµÄartisanÏÂÁîÌìÉúAPIÃÜÔ¿ ¡£

Ê×ÏÈ£¬Ê¹ÓÃcomposer×°ÖÃLaravel Passport£º

composer require laravel/passport

µÇ¼ºó¸´ÖÆ

È»ºó£¬ÔËÐÐǨáãÏÂÁ

php artisan migrate

µÇ¼ºó¸´ÖÆ

½ÓÏÂÀ´£¬Ê¹ÓÃPassportµÄclient:secretÏÂÁîÌìÉúAPIÃÜÔ¿£º

php artisan passport:client --password

µÇ¼ºó¸´ÖÆ

Õ⽫ÌìÉúÒ»¸ö¿Í»§¶ËIDºÍÒ»¸ö¿Í»§¶ËÃÜÔ¿ ¡£

ÉèÖÃOAuth2ЧÀÍ

ÔÚÌìÉúAPIÃÜÔ¿Ö®ºó£¬ÎÒÃÇÐèÒªÉèÖÃOAuth2ЧÀÍ ¡£Laravel PassportÌṩÁËһЩÉèÖÃÑ¡Ï¿ÉÒÔͨ¹ýÐÞ¸ÄLaravelÓ¦ÓóÌÐòµÄconfig/auth.phpÎļþÀ´ÉèÖÃÕâЩѡÏî ¡£

ÔÚauth.phpÎļþÖУ¬ÎÒÃÇÐèÒªÉèÖÃapiÇý¶¯³ÌÐòΪPassportÇý¶¯³ÌÐò£¬ÕâÑùLaravel¾Í»áʹÓÃPassportÀ´´¦Öóͷ£Óû§Éí·ÝÑéÖ¤ºÍÊÚȨ ¡£

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'api' => [
        'driver' => 'passport',
        'provider' => 'users',
        'hash' => false,
    ],
],

µÇ¼ºó¸´ÖÆ

½¨ÉèOAuth2·ÓÉ

½ÓÏÂÀ´£¬ÎÒÃÇÐèÒªÔÚÓ¦ÓóÌÐòÖн¨ÉèһЩOAuth2·ÓÉ£¬ÕâЩ·Óɽ«ÓÃÓÚ´¦Öóͷ£OAuth2ÇëÇó ¡£ÎÒÃÇ¿ÉÒÔʹÓÃLaravel PassportÌṩµÄ×Ô¶¯ÌìÉú·ÓɵÄartisanÏÂÁîÀ´½¨ÉèÕâЩ·ÓÉ ¡£

php artisan passport:routes

µÇ¼ºó¸´ÖÆ

Õ⽫×Ô¶¯ÌìÉúÒÔÏ·ÓÉ£º

+-----------+------------------------+-------------------------------------------------+---------------------------------+------------------------------------------------------------------+------------------------+
| Method    | URI                    | Name                                            | Action                          | Middleware                                                       | In                                                                                                             |
+-----------+------------------------+-------------------------------------------------+---------------------------------+------------------------------------------------------------------+------------------------+
| GET|HEAD  | oauth/authorize        | passport.authorizations.authorize              | LaravelPassportHttpControllersAuthorizationController@show   | web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:view-authorizations                                |
| POST      | oauth/authorize        | passport.authorizations.approve                | LaravelPassportHttpControllersApproveAuthorizationController | web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:approve-authorizations                             |
| DELETE    | oauth/authorize        | passport.authorizations.deny                   | LaravelPassportHttpControllersDenyAuthorizationController    | web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:deny-authorizations                               |
| POST      | oauth/clients          | passport.clients.store                          | LaravelPassportHttpControllersClientController@store          | web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:create-clients                                      |
| GET|HEAD  | oauth/clients          | passport.clients.index                          | LaravelPassportHttpControllersClientController@forUser        | web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:view-clients                                        |
| PUT       | oauth/clients/{client} | passport.clients.update                        | LaravelPassportHttpControllersClientController@update         | web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:update-clients                                      |
| DELETE    | oauth/clients/{client} | passport.clients.destroy                       | LaravelPassportHttpControllersClientController@destroy        | web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:delete-clients                                      |
| POST      | oauth/token           | passport.token                                  | LaravelPassportHttpControllersAccessTokenController@issueToken| throttle                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:issue-tokens                                        |
| POST      | oauth/token/refresh   | passport.token.refresh                          | LaravelPassportHttpControllersTransientTokenController@refresh | throttle                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:refresh-tokens                                      |
| DELETE    | oauth/tokens/{token}  | passport.tokens.destroy                         | LaravelPassportHttpControllersAuthorizedAccessTokenController@destroy | web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,throttle:60,1,oauth                                                                  |
| GET|HEAD  | oauth/tokens          | passport.tokens.index                           | LaravelPassportHttpControllersAuthorizedAccessTokenController@forUser  | web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:view-tokens                                        |
| DELETE    | oauth/tokens          | passport.tokens.destroy.all                     | LaravelPassportHttpControllersAuthorizedAccessTokenController@destroyAll| web,auth                                                         | LaravelPassportHttpMiddlewareCheckClientCredentials,can:delete-tokens                                      |
+-----------+------------------------+-------------------------------------------------+---------------------------------+------------------------------------------------------------------+------------------------+

µÇ¼ºó¸´ÖÆ

ÕâЩ·Óɶ¼ÊÇPassportÄÚÖõÄ·ÓÉ£¬²¢Ê¹ÓÃpassport.ǰ׺Ãû³Æ ¡£

½ç˵OAuth2¿Í»§¶Ë

ÏÖÔÚÎÒÃÇÒѾ­×¼±¸ºÃÁË£¬¿ÉÒÔ×îÏȽç˵OAuth2¿Í»§¶ËÁË ¡£ÎÒÃÇ¿ÉÒÔʹÓÃÏÈËÞÊÀ³ÉµÄAPIÃÜÔ¿À´½¨ÉèOAuth2¿Í»§¶Ë ¡£

ÔÚÊý¾Ý¿âÖн¨ÉèÒ»¸öеÄOAuth2¿Í»§¶Ë ¡£ÎÒÃÇ¿ÉÒÔÊÖ¶¯½¨ÉèËü£¬»òʹÓÃLaravel PassportÌṩµÄartisanÏÂÁîpassport:clientÀ´½¨ÉèËü ¡£

ÔÚ½¨ÉèÀú³ÌÖУ¬ÎÒÃÇÐèÒªÖ¸¶¨¿Í»§¶ËµÄÃû³Æ¡¢ÃÜÔ¿¡¢»Øµ÷URLµÈ ¡£

ÊÖ¶¯½¨É裺

INSERT INTO `oauth_clients` (`id`, `user_id`, `name`, `secret`, `redirect`, `revoked`, `personal_access_client`, `password_client`, `updated_at`, `created_at`) 
VALUES (1, NULL, 'My Client', 'my-client-secret', 'http://localhost/callback', 0, 0, 1, '2021-10-01 00:00:00', '2021-10-01 00:00:00');

µÇ¼ºó¸´ÖÆ

ÓÃartisan½¨É裺

php artisan passport:client --client --name="My Client"

µÇ¼ºó¸´ÖÆ

ÔËÐдËÏÂÁîºó£¬Ëü½«×Ô¶¯ÌìÉúOAuth2¿Í»§¶Ë£¬²¢ÏÔʾ¿Í»§¶ËIDºÍÃÜÔ¿ ¡£

ÌìÉúOAuth2»á¼ûÁîÅÆ

ÏÖÔÚÎÒÃÇÒѾ­×¼±¸ºÃÁËOAuth2¿Í»§¶Ë£¬²¢½ç˵ÁËOAuth2·ÓÉ£¬ÎÒÃÇ¿ÉÒÔ×îÏÈʹÓÃOAuth2ЭÒéÀ´ÌìÉú»á¼ûÁîÅÆ ¡£

ÎÒÃÇ¿ÉÒÔʹÓÃpassport:clientÏÂÁîÌìÉú»á¼ûÁîÅÆ£º

php artisan passport:client --client --password

µÇ¼ºó¸´ÖÆ

ÔËÐдËÏÂÁîºó£¬Ëü½«ÌìÉúÒ»¸öOAuth2¿Í»§¶Ë²¢×Ô¶¯Îª¸Ã¿Í»§¶ËÌìÉúÒ»¸ö»á¼ûÁîÅÆ ¡£

ʹÓÃOAuth2»á¼ûÁîÅƾÙÐÐAPIŲÓÃ

×îºóÒ»²½ÊÇʹÓÃOAuth2»á¼ûÁîÅƾÙÐÐAPIŲÓà ¡£ÎÒÃÇ¿ÉÒÔʹÓÃLaravel×Ô´øµÄGuzzleÀ´·¢ËÍHTTPÇëÇ󣬲¢½«»á¼ûÁîÅÆ×÷ΪAuthorization Header·¢ËÍ ¡£

use GuzzleHttpClient;

$client = new Client();

$response = $client->request('GET', 'http://localhost/api/user', [
    'headers' => [
        'Authorization' => 'Bearer '.$accessToken,
    ],
]);

$body = $response->getBody()->getContents();

µÇ¼ºó¸´ÖÆ

ÐèҪעÖصÄÊÇ£¬¹ØÓÚÿ¸öÇëÇó£¬ÎÒÃǶ¼ÐèÒª·¢ËÍÓÐÓõĻá¼ûÁîÅÆ ¡£Õâ¿ÉÒÔͨ¹ýʹÓÃPassport::actingAsÒªÁìÀ´ÊµÏÖ£¬¸ÃÒªÁ콫ָ¶¨µÄÓû§IDÌ滻ΪÓÐÓõÄÊÚȨÁîÅÆ ¡£

use LaravelPassportPassport;

Passport::actingAs($user);

$response = $client->request('GET', 'http://localhost/api/user', [
    'headers' => [
        'Authorization' => 'Bearer '.$accessToken,
    ],
]);

µÇ¼ºó¸´ÖÆ

½áÂÛ

ÔÚ±¾ÎÄÖУ¬ÎÒÃÇÏÈÈÝÁËÔõÑùʹÓÃLaravel PassportÀ´ÖÎÀíOAuth2ЭÒé ¡£Ê¹ÓÃLaravel Passport¿ÉÒÔÇáËɵØÌìÉúAPIÃÜÔ¿¡¢ÉèÖÃOAuth2ЧÀÍ¡¢½¨ÉèOAuth2·ÓÉ¡¢½ç˵OAuth2¿Í»§¶Ë¡¢ÌìÉúOAuth2»á¼ûÁîÅÆÒÔ¼°Ê¹ÓÃËüÃÇÀ´¾ÙÐÐAPIŲÓà ¡£ÔÚ¿ª·¢WebÓ¦ÓóÌÐòʱʹÓÃOAuth2ЭÒ飬Laravel PassportÊÇÒ»¸öºÜÊǺõÄÑ¡Ôñ ¡£

ÒÔÉϾÍÊÇLaravel¿ª·¢£ºÔõÑùʹÓÃLaravel PassportÖÎÀíOAuth2 £¿µÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡

ÃâÔð˵Ã÷£ºÒÔÉÏչʾÄÚÈÝȪԴÓÚÏàÖúýÌå¡¢ÆóÒµ»ú¹¹¡¢ÍøÓÑÌṩ»òÍøÂçÍøÂçÕûÀí£¬°æȨÕùÒéÓë±¾Õ¾Î޹أ¬ÎÄÕÂÉæ¼°¿´·¨Óë¿´·¨²»´ú±í×ðÁú¿­Ê±ÂËÓÍ»úÍø¹Ù·½Ì¬¶È£¬Çë¶ÁÕß½ö×ö²Î¿¼ ¡£±¾ÎĽӴýתÔØ£¬×ªÔØÇë˵Ã÷À´ÓÉ ¡£ÈôÄúÒÔΪ±¾ÎÄÇÖÕ¼ÁËÄúµÄ°æȨÐÅÏ¢£¬»òÄú·¢Ã÷¸ÃÄÚÈÝÓÐÈκÎÉæ¼°ÓÐÎ¥¹«µÂ¡¢Ã°·¸Ö´·¨µÈÎ¥·¨ÐÅÏ¢£¬ÇëÄúÁ¬Ã¦ÁªÏµ×ðÁú¿­Ê±ÊµÊ±ÐÞÕý»òɾ³ý ¡£

ÉÏһƪ£º

ÏÂһƪ£º

Ïà¹ØÐÂÎÅ

ÁªÏµ×ðÁú¿­Ê±

18523999891

¿É΢ÐÅÔÚÏß×Éѯ

ÊÂÇéʱ¼ä£ºÖÜÒ»ÖÁÖÜÎ壬9:30-18:30£¬½ÚãåÈÕÐÝÏ¢

QR code
¡¾ÍøÕ¾µØͼ¡¿¡¾sitemap¡¿