Laravel 没有 oAuth 的护照
Laravel Passport without oAuth
我想使用 laravel 通行证来保护我的 api 通话。但是我不想使用连接到用户的access_tokens。
我想创建一个客户端 (artisan passport:client) 并使用 ID 和密码来授权我的请求。我只是不知道它应该如何工作,或者它是否可能。
有人知道如何实现吗?
我想在 php 中使用 guzzle 进行 API 调用。
嗯,您可以使用 Passport 的 Client Credentials Grant Tokens。来自文档:
Client Credentials Grant Tokens
The client credentials grant is suitable for machine-to-machine
authentication. For example, you might use this grant in a scheduled
job which is performing maintenance tasks over an API.
Before your application can issue tokens via the client credentials
grant, you will need to create a client credentials grant client. You
may do this using the --client option of the passport:client
command:
php artisan passport:client --client
Next, to use this grant type, you need to add the
CheckClientCredentials middleware to the $routeMiddleware property
of your app/Http/Kernel.php file:
use Laravel\Passport\Http\Middleware\CheckClientCredentials;
protected $routeMiddleware = [
'client' => CheckClientCredentials::class,
];
Then, attach the middleware to a route:
Route::get('/orders', function (Request $request) {
...
})->middleware('client');
To restrict access to the route to specific scopes you may provide a
comma-delimited list of the required scopes when attaching the
client middleware to the route:
Route::get('/orders', function (Request $request) {
...
})->middleware('client:check-status,your-scope');
Retrieving Tokens
To retrieve a token using this grant type, make a request to the
oauth/token endpoint:
$guzzle = new GuzzleHttp\Client;
$response = $guzzle->post('http://your-app.com/oauth/token', [
'form_params' => [
'grant_type' => 'client_credentials',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'scope' => 'your-scope',
],
]);
return json_decode((string) $response->getBody(), true)['access_token'];
我想使用 laravel 通行证来保护我的 api 通话。但是我不想使用连接到用户的access_tokens。
我想创建一个客户端 (artisan passport:client) 并使用 ID 和密码来授权我的请求。我只是不知道它应该如何工作,或者它是否可能。
有人知道如何实现吗?
我想在 php 中使用 guzzle 进行 API 调用。
嗯,您可以使用 Passport 的 Client Credentials Grant Tokens。来自文档:
Client Credentials Grant Tokens
The client credentials grant is suitable for machine-to-machine authentication. For example, you might use this grant in a scheduled job which is performing maintenance tasks over an API.
Before your application can issue tokens via the client credentials grant, you will need to create a client credentials grant client. You may do this using the
--clientoption of thepassport:clientcommand:php artisan passport:client --clientNext, to use this grant type, you need to add the
CheckClientCredentialsmiddleware to the$routeMiddlewareproperty of yourapp/Http/Kernel.phpfile:use Laravel\Passport\Http\Middleware\CheckClientCredentials; protected $routeMiddleware = [ 'client' => CheckClientCredentials::class, ];Then, attach the middleware to a route:
Route::get('/orders', function (Request $request) { ... })->middleware('client');To restrict access to the route to specific scopes you may provide a comma-delimited list of the required scopes when attaching the
clientmiddleware to the route:Route::get('/orders', function (Request $request) { ... })->middleware('client:check-status,your-scope');Retrieving Tokens
To retrieve a token using this grant type, make a request to the
oauth/tokenendpoint:$guzzle = new GuzzleHttp\Client; $response = $guzzle->post('http://your-app.com/oauth/token', [ 'form_params' => [ 'grant_type' => 'client_credentials', 'client_id' => 'client-id', 'client_secret' => 'client-secret', 'scope' => 'your-scope', ], ]); return json_decode((string) $response->getBody(), true)['access_token'];