我目前正在开发一个API并且已经打了一堵砖墙。我正在使用带有“密码”授权类型的Passport。
我想通过访问令牌返回用户信息,但是,我不知道如何。
我可以实现,编辑或扩展哪个类来获取它?。
我希望将其退回:
{
"token_type": "Bearer",
"expires_in": 31536000,
"access_token": "lalalalalal",
"refresh_token": "lalalallala",
"user": {
"username": "a username",
"user_type": "admin"
}
}
提前致谢。
答案 0 :(得分:5)
BearerTokenResponse类(League / oauth2-server软件包的一部分)中提示了有关如何执行此操作的说明。
在Laravel 5.7上进行了测试。
1。扩展BearerTokenResponse类,在响应中添加所需的额外参数。
namespace App\Auth;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
class BearerTokenResponse extends \League\OAuth2\Server\ResponseTypes\BearerTokenResponse
{
/**
* Add custom fields to your Bearer Token response here, then override
* AuthorizationServer::getResponseType() to pull in your version of
* this class rather than the default.
*
* @param AccessTokenEntityInterface $accessToken
*
* @return array
*/
protected function getExtraParams(AccessTokenEntityInterface $accessToken): array
{
return [
'user_id' => $this->accessToken->getUserIdentifier(),
];
}
}
2。创建您自己的PassportServiceProvider类并覆盖makeAuthorizationServer()方法,以便传递您自己的BearerTokenResponse类。
namespace App\Providers;
use App\Auth\BearerTokenResponse;
use Laravel\Passport\Bridge;
use League\OAuth2\Server\AuthorizationServer;
class PassportServiceProvider extends \Laravel\Passport\PassportServiceProvider
{
/**
* Make the authorization service instance.
*
* @return \League\OAuth2\Server\AuthorizationServer
*/
public function makeAuthorizationServer()
{
return new AuthorizationServer(
$this->app->make(Bridge\ClientRepository::class),
$this->app->make(Bridge\AccessTokenRepository::class),
$this->app->make(Bridge\ScopeRepository::class),
$this->makeCryptKey('private'),
app('encrypter')->getKey(),
new BearerTokenResponse() // <-- The class you created above
);
}
}
3。将您的提供者添加到config/app.php
/*
* Application Service Providers...
*/
App\Providers\PassportServiceProvider::class,
4。从composer.json
这将阻止加载默认的PassportServiceProvider类。
"extra": {
"laravel": {
"dont-discover": [
"laravel/passport"
]
}
},
然后运行composer install。
答案 1 :(得分:2)
来自网络的另一个更好的答案
自定义Laravel Passport BearerTokenResponse
https://gist.github.com/messi89/489473c053e3ea8d9e034b0032effb1d
答案 2 :(得分:1)
两个步骤。
<强> 1 即可。 在路线文件中添加新路线。
// routes/api.php
Route::post('oauth/token', 'AuthController@auth');
请注意,这会改变将令牌从/oauth/token转移到/api/oauth/token的路线。
<强> 2 即可。 添加控制器方法。
<?php
// app/Http/Controllers/AuthController.php
namespace App\Http\Controllers;
use App\User;
use Psr\Http\Message\ServerRequestInterface;
use \Laravel\Passport\Http\Controllers\AccessTokenController;
class AuthController extends AccessTokenController
{
public function auth(ServerRequestInterface $request)
{
$tokenResponse = parent::issueToken($request);
$token = $tokenResponse->getContent();
// $tokenInfo will contain the usual Laravel Passort token response.
$tokenInfo = json_decode($token, true);
// Then we just add the user to the response before returning it.
$username = $request->getParsedBody()['username'];
$user = User::whereEmail($username)->first();
$tokenInfo = collect($tokenInfo);
$tokenInfo->put('user', $user);
return $tokenInfo;
}
}
答案 3 :(得分:1)
要向您的Passport令牌添加自定义声明,以下是结合使用Passport 8和Laravel 6的要点
https://gist.github.com/onamfc/0422da15743918e653888441ba6226ca
答案 4 :(得分:0)
我正在使用Multi-Auth with passport,因此先前的答案对我没有帮助。
经过数小时的“搜索”,我找到了这个答案(after-) middleware。
我的中间件基本上获得了Passport auth的结果,检查内部是否有Bearer并将更多数据附加到内容中。
<?php
namespace App\Http\Middleware;
use Closure;
class AppendTokenResponse
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$response = $next($request);
$content = json_decode($response->content(), true);
if (!empty($content['access_token'])) {
$content['moredata'] = 'some data';
$response->setContent($content);
}
return $response;
}
}
现在将新的中间件放在App / Http / Kernel.php的$ routemiddleware中
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'cors' => \App\Http\Middleware\Cors::class,
'multiauth' => \SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'oauth.providers' => \SMartins\PassportMultiauth\Http\Middleware\AddCustomProvider::class,
'append_auth' =>\App\Http\Middleware\AppendTokenResponse::class,
];
然后只需将此中间件注册到Providers / AuthServiceProvider.php中的Passport Routes
使用Multiauth:
Route::group(['middleware' => ['oauth.providers','append_auth']], function () {
Passport::routes(function ($router) {
return $router->forAccessTokens();
});
});
我认为应该对普通护照进行检查(未经测试)
Route::group(['middleware' => ['append_auth']], function () {
Passport::routes();
});