[英]PHP Laravel Passport OAuth2 Always returns Unauthenticated on a Protected Route
I am running Laravel v5.3 on my localhost with a domain mapped to bookmarkapi.dev 我在本地主机上运行Laravel v5.3,其域映射到bookmarkapi.dev
1) 1)
In my routes file /routes/web.php
I have these routes: 在我的路线文件/routes/web.php
我有以下路线:
// http://bookmarkapi.dev/callback
Route::get('/callback', function (Request $request) {
$http = new GuzzleHttp\Client;
$response = $http->post('http://bookmarkapi.dev/oauth/token', [
'form_params' => [
'grant_type' => 'authorization_code',
'client_id' => 1,
'client_secret' => 'dc2lGvM2L6lOyANVN8YPuzpsy4LnxhuT8v9aTBdn',
'redirect_uri' => 'http://bookmarkapi.dev/callback',
'code' => $_GET['code'],
//'code' => $request->code, I use $_GET['code'] ass laravel says it cannot find $request->code
],
]);
return json_decode((string) $response->getBody(), true);
});
// http://bookmarkapi.dev/redirect
Route::get('/redirect', function () {
$query = http_build_query([
'client_id' => 1,
'redirect_uri' => 'http://bookmarkapi.dev/callback',
'response_type' => 'code',
'scope' => 'crud-bookmark-collections crud-bookmark-tags crud-bookmarks',
]);
return redirect('http://bookmarkapi.dev/oauth/authorize?'.$query);
});
2) 2)
When I access http://bookmarkapi.dev/callback It redirects to: 当我访问http://bookmarkapi.dev/callback时,它重定向到:
http://bookmarkapi.dev/oauth/authorize?client_id=1&redirect_uri=http%3A%2F%2Fbookmarkapi.dev%2Fcallback&response_type=code&scope=crud-bookmark-collections+crud-bookmark-tags+crud-bookmarks
and shows this: 并显示以下内容:
3) 3)
Clicking Authorize button then redirects to this URL: 单击授权按钮,然后重定向到以下URL:
http://bookmarkapi.dev/callback?code=wBa9765%2FOnbjT2brMKdxEkxavROg0k5wJ6bZ3h5OZVI%2BMF5%2BAHs2j9ghpgI%2FRJRnC0hCYrGRyQvSLZmnnqASSmO4%2BAn8yXU0TNgJiC2p4kvCHrwA4Vy6va8rRwnFRNcbDOGapEAvoC%2Ba4A6iMAd1EXdvWK8Ur%2B8N5jKNQQrUd45hFMNzohWq2WPXd9Q1IbuNoKZoq0h%2BWtAHB6M07QH27a0kTCBVQ9K%2B7msjKuQRSmQSTfWRoKW0al6OSNo%2Fqo3Gx9EnCct%2BgEVuO3LvLJXRWGA9cns7LnLPJMCmUbQeaPY88F3%2BRhHRcfLYnZJthvxnuOLI2RtIKszjyEstdam%2Blgme60Ml0aGvfQy3ZgsoHwsHnYVBi%2BNiy9W3zWY0CHzDEVjtMyEjTqLPFoVNUSV2BVrclZrGsCOSXXinZsZHc4h1nxU6yuLdf%2F8O4eIHZh%2BNbbxBH1usbZfMlv2POSUW%2FfW0g1wRwWnu%2BO0FEhjJtgAfCnSpoSZQ6M72ecGAODHojvRCnJLARQESp4VGsElclXxmILNq5gwXKkIpY2k%2FqMsXCLcDB%2BaPZOCttlykk%2BiCIFYVN2H0Cze8HfYxDn5tubb3kWy%2Fi4ZxGp5rFwBPkJ5C3p3H3KNjShZmmJZ1l6xn9oXB2Q0H9zFTjMxkDH4zQAUqIMBa52ZmyQcmojv%2BqYs%3D
and shows this: 并显示以下内容:
{
"token_type": "Bearer",
"expires_in": 1295999,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImM4MTI3YzFkNDc1YTRlOTY3ZmQyOGMxOWI0ODFiNzJlODQzZDYwNGI0NTE1ZThhYjc4ZjkyZjVmNDczZDM4MGMyNjExYzAxZGRmMDYwMzFlIn0.eyJhdWQiOiIxIiwianRpIjoiYzgxMjdjMWQ0NzVhNGU5NjdmZDI4YzE5YjQ4MWI3MmU4NDNkNjA0YjQ1MTVlOGFiNzhmOTJmNWY0NzNkMzgwYzI2MTFjMDFkZGYwNjAzMWUiLCJpYXQiOjE0ODA0Mzk4MTAsIm5iZiI6MTQ4MDQzOTgxMCwiZXhwIjoxNDgxNzM1ODA5LCJzdWIiOiI0Iiwic2NvcGVzIjpbImNydWQtYm9va21hcmstY29sbGVjdGlvbnMiLCJjcnVkLWJvb2ttYXJrLXRhZ3MiLCJjcnVkLWJvb2ttYXJrcyJdfQ.kfuF4QJyX1IXv7gx0ZsxURlnBa8DP6u9elj0QAF82FYZfIlOwCAzSsrpDb9XEB3kEkbnXZAsIyrMe7nY5nV_7T9_kdODOqfA2r93zqLKg-I_UMMyTtI6UZJWNVGXsO2K25GQD2AJXodI2T9gW-zyUIuj5tjzRrpXAv047WcuIGr9ghG3qpaYlrZyT7lKuV6aBrhnPYk8gU8gHZAAx0nw457vRePs_bis3KbkF62HRfgYIXSIG2i6al-gYAEtejKAXGpZkeIiuoOnkqsxt9WdNJKqsfDvlwZ4P_-3YfFgvjfGn3O5hkRIghyc7BwG8vShE28s_PPl91aHwbaAEfWDLePTHGQrUJXCpMdnuk8owqdbSfrU8BJtByONNk9Plj0RLY445LxmqDWt1Er36JvzoQObOy0YrB1tqbVg19_tA_xyKdZkQIwbeE0hlZV7kuUPMjur0n0jBpoXIaZRVHP7fOT5iIiMFiB8V882L8lrrO14_ebYQ8z-mAi7k_7P1cJwahtpbSg2L96ZlY6zGM1dWwX9GFDivlTSBqAJjkAumU9731jn83_BJrSGKwh5rIt-ckccdKWppuDHqpH8OOUJpozpljdSfuUwBoYX4QlJkq2jgw_Gu1hbeNdKhtinuUQ18DGs7WEP4WY9BZQwu-YXLCWDYf-a6Az6AJ64xWjggA0",
"refresh_token": "MGFQoiIFVO2+RVZ1DuijU6DKAc+h7I8cIj+cP9W0LMAhOHZVrr0rUT6AvrY+BL6lCS9HPPkcRaaniiI02xG4af5DzdwXLLeRq4TfbZ+L1I0jZeqcLemOOvrh6ri9lPuOsbfVBEtJBHcZBCoby00p33ZBvIGQgXqo+iQZw1c6M3J4gbBOJIEVPKrSpuOEPoOdU6taDRaslaeP6E2wqJ7y2DTjObUiBb4TQwpJL6H+3JoJgjEjpKQihIZ99KgwrVFcnKrxOd/ZqVdnf+xYRfWxsL5YzD/k/L/0r0Y9TINPcqUt+m2diiIcikTS76g9qkrNQ5/yTMhYhDAMmF7MK1IQAAOQf23aq4C09Nj+PbjPnQmsR84Kz+A9psb0WsFKTMrzRrjXPrgv+YR3eu8zdBKC1vyc59O4wfAc0zGNe9TnnQ+oUF0dKIr2XbKDDtlUX8Ko5u0qIEMjePV/lnkloKoxIYcRrlVfA8Gvihwldi47fvmcS7wqSVLlwawSXeBK68Ah7AMkCu4VIjQuIHv8C5M6Yzgy5ede5Lrf3kk7hFmWilTFY5igMQiFLOYyQCbb7n4A7/5tMWy6r2iKMbhc1ua6V1+S/ki7PKCP2utFpolXZcc0haU94NEbtoUROJ+TpaWQYKypFu3OcinfRYTpvVDkzR08F+Fest8Wcdvxqby09po="
}
4) 4)
In the file routes/api.php I have all these test routes for the API just trying different things in hopes that 1 would work!: 在文件route / api.php中,我具有所有这些API的测试路由,只是尝试了不同的尝试,希望1可以工作!:
Route::any('/user', function (Request $request) {
echo 'api user';
})->middleware('auth:api', 'cors');
Route::get('/user2', function (Request $request) {
print_r($request);
//return $request->user();
})->middleware('auth:api', 'cors');
// OAuth Scopes
// crud-bookmark-collections' => 'Create/Edit/Delete/View Bookmark Collections',
// crud-bookmark-tags' => 'Create/Edit/Delete/View Bookmark Tags',
// crud-bookmarks
Route::any('/whatever1', function () {
// do stuff
return 'hi';
})->middleware('anyScope:crud-bookmark-collections', 'cors');;
// Any of the given scopes
Route::any('/whatever2', function () {
// do stuff
})->middleware('anyScope:crud-bookmark-collections,crud-bookmark-tags,crud-bookmarks', 'cors');
// All of the given scopes
Route::any('/whatever3', function () {
// do stuff
echo 'test';
})->middleware('allScopes:crud-bookmark-collections,crud-bookmark-tags,crud-bookmarks', 'cors');
5) 5)
When I do test post in a program like Postman with these headers: 当我在带有这些标头的Postman之类的程序中测试帖子时:
Accept: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjUxNDRjYTA4Nzg4MDBmNmRhNmY5NDEwNjI5OGMwMDFmZjMwODlmMjA0NjEwNTg5MGIwODBmZWFlY2Q3MjU4NDMwYjZjY2RmZjQxYTMwMWU1In0.eyJhdWQiOiIxIiwianRpIjoiNTE0NGNhMDg3ODgwMGY2ZGE2Zjk0MTA2Mjk4YzAwMWZmMzA4OWYyMDQ2MTA1ODkwYjA4MGZlYWVjZDcyNTg0MzBiNmNjZGZmNDFhMzAxZTUiLCJpYXQiOjE0ODA0Mzg5NzcsIm5iZiI6MTQ4MDQzODk3NywiZXhwIjoxNDgxNzM0OTc3LCJzdWIiOiI0Iiwic2NvcGVzIjpbImNydWQtYm9va21hcmstY29sbGVjdGlvbnMiLCJjcnVkLWJvb2ttYXJrLXRhZ3MiLCJjcnVkLWJvb2ttYXJrcyJdfQ.kLUZGJQOPfr_fRaMngrltHuiJDheOJHt3Q7AlvlV4dONkZ2TyX9PFFM7OOfTvxF9rUDdacPp6Z5r52Q25Tj0bJg4NjakGn31EQj8FBCqR36a31-SniC1ln0XlziiUH6F2LZSjHBojrSz3pOiUn4I0YhqoumTIlQ-FKCnWENhdCzG-KBqlJlKHrIBJAF1oXK4es28--8L9vTY9Mg57WiSuEmJ1LG_dt6d14dapj9oyZC8agIkToY4vosYAMCg2vMbqupfpkf-OjeZ9xswFC05qNhAMeonOsdBr-ppLG2CQXu42rp4bYC5fmDGERUzyia0S-YChzxmtbHdsYd_QKxoWtRUlOScduqKFJpNQVT_dByfvhRcF4pcce8EM25--K6a_qR7ThfkhmVBKluOto0e9VruSF1E4lSKksZWmH9AT7UrNSMwCHkXD-QBearOjRddn403YYmx8Sv3OsZhDqtFl1ULfnmxGa-HqrM_L8V49UFj4n6doJYYhdYRQ26j62ROgA4u_cwEUltrr3q4wHz9fLJJdsPkkUh43vPk_6QHOXxSVcCfc-7p_NoW1IVB-OwJQqp4eG971JJG6bwSHenmwYP-pTGdwTg8gCRuAfK17v1OWm9KThSsi8OWz9UHoPCZD1tZT5jQPHGCI83emXTDAgBbvukk_MzDsPQq2btWfsg
the result is always this: 结果总是这样:
{
"error": "Unauthenticated."
}
I am stuck. 我被困住了。 I cannot get any of my routes to show up using my OAuth token as they always show unauthenticated
我无法使用OAuth令牌显示任何路由,因为它们始终显示unauthenticated
身份unauthenticated
Any help would bve great please 任何帮助都将非常有用
After many weeks of trying things and researching I finally got this working! 经过数周的尝试和研究,我终于成功了!
In the file app\\Providers\\RouteServiceProvider.php
在文件app\\Providers\\RouteServiceProvider.php
in the function mapApiRoutes()
在函数mapApiRoutes()
I changed this: 我改变了这个:
protected function mapApiRoutes()
{
Route::group([
'middleware' => 'api',
'namespace' => $this->namespace,
'prefix' => 'api',
], function ($router) {
require base_path('routes/api.php');
});
}
into this: 到这个:
protected function mapApiRoutes()
{
Route::group([
'middleware' => 'auth:api',
'namespace' => $this->namespace,
'prefix' => 'api',
], function ($router) {
require base_path('routes/api.php');
});
}
notice this line 4 on the above: 'middleware' => 'api'
needed to be 'middleware' => 'auth:api'
注意上面的第4行: 'middleware' => 'api'
必须是'middleware' => 'auth:api'
This makes my protected API routes now work with my OAuth secret! 这使我受保护的API路由现在可以与我的OAuth密码一起使用! Very happy and maybe this will save someone else weeks and months of headbanging now! 非常高兴,也许这可以节省别人几个星期和几个月的沉重打击!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.