[英]get password client from access token passport laravel
i use passport in laravel and after user verification i want to generate a token for them with refresh token .我在 laravel 中使用护照,在用户验证后我想用刷新令牌为他们生成一个令牌。 for get refresh token i have to send curl request with
password
grant_type .要获取刷新令牌,我必须使用
password
grant_type 发送 curl 请求。 after generate access token i want to get Password Grant Client
from database and pass it to my curl body .生成访问令牌后,我想从数据库中获取
Password Grant Client
并将其传递给我的 curl 正文。 i fount this code snippet:我找到了这个代码片段:
$tokenId = (new Parser(new JoseEncoder()))->parse($token)->claims()->get('jti');
$client = \Laravel\Passport\Token::find($tokenId)->client;
and the problem result of client variable is Personal Access Client
not Password Grant Client
and get this error because of its personal type
:并且客户端变量的问题结果是
Personal Access Client
而不是Password Grant Client
,并且由于其personal type
而出现此错误:
{
"error": "invalid_client",
"error_description": "Client authentication failed",
"message": "Client authentication failed"
}
this is my code:这是我的代码:
$token = $user->createToken(Config::get('auth.guards.api.token_name'))->accessToken;
$tokenId = (new Parser(new JoseEncoder()))->parse($token)->claims()->get('jti');
$client = \Laravel\Passport\Token::find($tokenId)->client;
$http = new \GuzzleHttp\Client();
try {
$response = $http->request('POST', url("/oauth/token"), [
'form_params' => [
'grant_type' => 'password',
'client_id' => $oClient->id,
'client_secret' => $oClient->secret,
'username' => $username,
'password' => $password,
'scope' => '*',
],
]);
} catch (\Exception $exception) {
}
how can i deal with this?我该如何处理?
For obtaining the client_id
and client_secret
for Password Grant Client
you need to run the following command on your authorization server (OAuth server) as stated here https://laravel.com/docs/9.x/passport#creating-a-password-grant-client要获取
Password Grant Client
的client_id
和client_secret
,您需要在授权服务器(OAuth 服务器)上运行以下命令,如此处所述https://laravel.com/docs/9.x/passport#creating-a-password-授予客户
php artisan passport:client --password
The above command is not necessary to run if you already ran passport:install
.如果您已经运行了
passport:install
,则不需要运行上述命令。 The easiest way is to check your oauth_clients
table for the column password_client
there should be a row that has this value set to 1 (enabled).最简单的方法是检查
oauth_clients
表中的password_client
列,应该有一行将此值设置为 1(启用)。
It seems from your question that you are trying to obtain the client_id
and client_secret
programmatically from your client.从您的问题看来,您正试图以编程方式从您的客户端获取
client_id
和client_secret
。 This is not the correct way of doing it.这不是正确的做法。 Basically after you run the above command to generate your
client_id
and client_secret
you need to hard code them in your .env and use them in you CURL such as:基本上,在您运行上述命令生成您的
client_id
和client_secret
之后,您需要在 .env 中对它们进行硬编码并在 CURL 中使用它们,例如:
$response = Http::asForm()->post('http://passport-app.test/oauth/token', [
'grant_type' => 'password',
'client_id' => env('OAUTH_CLIENT_ID'),
'client_secret' => env('OAUTH_CLIENT_SECRET'),
'username' => $username,
'password' => $password,
'scope' => '*',
]);
return $response->json();
You can obtain your client_id
and client_secret
from the oauth_clients
table.您可以从
oauth_clients
表中获取您的client_id
和client_secret
。 Just make sure to copy the values where the password_client
column is set to 1.只需确保复制
password_client
列设置为 1 的值。
There should not be any security concern if your client is storing these credentials in the backend and doing the CURL from the backend.如果您的客户端将这些凭据存储在后端并从后端执行 CURL,则不应存在任何安全问题。
In the case you are trying to do this from a mobile app and you might not have a way to securely store the client_id
and client_secret
.如果您尝试从移动应用程序执行此操作,并且您可能无法安全地存储
client_id
和client_secret
。 In this case you should not be using the Password Grant Client
flow but instead the Authorization Code Grant with PKCE
: https://laravel.com/docs/9.x/passport#code-grant-pkce在这种情况下,您不应该使用
Password Grant Client
流程,而是Authorization Code Grant with PKCE
: https ://laravel.com/docs/9.x/passport#code-grant-pkce
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.