I try to implement oauth authentication with passport but I can't make it work as expected.
I want to keep my api working with simple jwt and to add an other oauth-api for third party applications.
My problem is when I try to access any of oauth/*
routes (for example oauth/authorize
), I get the response {"message":"Unauthorized.","success":false}
I don't know what is wrong in my implementation and I'm stuck in this error for a day.
My guards:
'guards' => [
'web' => [
'driver' => 'jwt',
'provider' => 'myappprovider',
],
'api' => [
'driver' => 'jwt',
'provider' => 'myappprovider',
],
'oauth-api' => [
'driver' => 'passport',
'provider' => 'myappprovider'
]
],
Here is my AuthServiceProvider:
class AuthServiceProvider extends ServiceProvider{
/**
* Register any application authentication / authorization services.
*
* @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @return void
*/
public function boot(GateContract $gate)
{
Passport::routes();
// Create auth user provider
Auth::provider('myapp', function($app)
{
$repository = app()->make('\MyApp\User\Repository\UserRepository');
return new AuthUserProvider($repository);
});
// Create auth driver
Auth::extend('jwt', function($app, $name, array $config)
{
$provider = Auth::createUserProvider($config['provider']);
return new JwtAuthGuard($name, $provider);
});
parent::registerPolicies($gate);
}}
AppKernel:
class Kernel extends HttpKernel{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
//
'api' => [
//'throttle:60,1',
'auth:api'
],
'web' => [
'language' => \App\Http\Middleware\Language::class
],
'oauth-api' => [
'auth:oauth-api'
]
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'role' => \App\Http\Middleware\RoleMiddleware::class,
'session' => \Illuminate\Session\Middleware\StartSession::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'ip' => \App\Http\Middleware\IPMiddleware::class
];}
My Authenticate class:
class Authenticate{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->guest())
{
return response()->json([
'message' => 'Unauthorized.',
'success' => false
], 401);
}
return $next($request);
}}
OAuth2 works with the consent of the user, that's why it has web and auth middleware. Do
php artisan route:list
it will show you list of routes with middlewares. Following link better explain it https://stackoverflow.com/a/40999998/3377733
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.