[英]What prevents the Auth0 authorization in this Laravel 8 API?
我正在研究 Laravel 8 API。 我使用 Auth0 進行用戶注冊和登錄。
我需要 Auth0 返回的用戶 ID 才能在我自己的應用程序中使用。
為此,我有代碼:
在routes\api.php :
// Public routes
Route::get('/authorize', [AuthController::class, 'authorize']);
// Protected routes
Route::group(['middleware' => ['jwt']], function () {
Route::get('/user-profile', [UserController::class, 'getUserId']);
// More routes
});
在AuthController 中:
namespace App\Http\Controllers;
use App\Http\Controllers\AuthController;
// More code
class AuthController extends Controller {
protected $appDomain;
protected $appClientId;
protected $appClientSecret;
protected $appAudience;
public function authorize(){
$this->appDomain = 'https://' . config('laravel-auth0.domain');
$this->appClientId = config('laravel-auth0.client_id');
$this->appClientSecret = config('laravel-auth0.client_secret');
$this->appAudience = config('laravel-auth0.api_identifier');
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "$this->appDomain/oauth/token",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"client_id\":\"$this->appClientId\",\"client_secret\":\"$this->appClientSecret\",\"audience\":\"$this->appAudience\",\"grant_type\":\"client_credentials\"}",
CURLOPT_HTTPHEADER => array(
"content-type: application/json"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
return "cURL Error #:" . $err;
} else {
return $response;
}
}
}
在用戶控制器中:
class UserController extends AuthController {
// More code
public function getUserId(){
// Do authorization
parent::authorize();
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "$this->appDomain/userinfo",
CURLOPT_HTTPHEADER => array(
"content-type: application/json"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
return "cURL Error #:" . $err;
} else {
return $response;
}
}
// More code
}
當我訪問/user-profile
路由時,Potman 會拋出Unauthorized
的響應。
盡管/authorize
路由確實返回了令牌,但還是發生了這種情況:
{"access_token":"somerandom.longtoken","scope":"read:users update:users delete:users","expires_in":86400,"token_type":"Bearer"}
我的錯誤在哪里?
根據@IProSoft 的回答,在UserController中我有:
public function getUserId(){
$access_token = parent::authorization()->access_token;
$client = new \GuzzleHttp\Client;
try {
$client = new \GuzzleHttp\Client(['headers' => [
'authorization' => 'Bearer' . $access_token,
'content-type' => 'application/json'
]]);
$response = $client->request('GET', $this->appDomain . '/userinfo');
$response = json_decode($response->getBody());
}
catch (\GuzzleHttp\Exception\ClientException $e) {
$response = $e->getResponse();
}
return $response;
}
我在 Postman 中收到此錯誤:
Error: Class 'Symfony\Bridge\PsrHttpMessage\Factory\HttpFoundationFactory' not found in \vendor\laravel\framework\src\Illuminate\Routing\Router.php
首先安裝和學習 Guzzle
composer require guzzlehttp/guzzle:^7.0
在授權方法中,您可以將所有內容更改為:
$client = new GuzzleHttp\Client;
try {
$client = new \GuzzleHttp\Client();
$response = $client->request('POST', $this->appDomain . '/oauth/token', [
'form_params' => [
{
"client_id": $this->appClientId,
"client_secret": $this->appClientSecret,
"audience": $this->appAudience,
"grant_type": "client_credentials"
}
]
]);
$response = json_decode($response->getBody());
}
catch (GuzzleHttp\Exception\ClientException $e) {
$response = $e->getResponse();
}
return $response;
第二:如果要獲取用戶ID,則必須在請求中傳遞Barer令牌
$client = new GuzzleHttp\Client;
try {
$client = new \GuzzleHttp\Client('headers' => [
'authorization' => 'Bearer ACCESS_TOKEN'
'content-type' => 'application/json'
]]);
$response = $client->request('GET', $this->appDomain . '/userinfo');
$response = json_decode($response->getBody());
}
catch (GuzzleHttp\Exception\ClientException $e) {
$response = $e->getResponse();
}
您不必重新發明輪子:-) 有一個現成的庫可供您使用,所有信息都可以在這里找到: https://auth0.com/docs/quickstart/webapp/laravel/01-login
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.