php - 直接从代码调用 AccessTokenController.issueToken()
问题描述
我正在使用 Laravel Passport 来保护我的 REST API。目前我使用创建个人访问令牌$user->createToken('APP_NAME')->accessToken
,但这些没有到期日期。所以我想创建一个密码访问令牌。我注意到,这些是由该AccessTokenController.issueToken()
方法生成的。
但我找不到任何关于如何称呼它的信息。
我目前的解决方案
$input = $request->all();
$user = User::where('email', $input['email'])->first();
if ($user) {
if ($input['password'] == $user->password) {
$token = $user->createToken($this->app_name)->accessToken;
return [
'token' => $token,
'user' => $user
];
} else
return new ResponseGeneratorError('Password mismatch', 400);
} else
return new ResponseGeneratorError('User does not exist', 400);
解决方案
我在这里找到了解决方案:
<?php
namespace App\Traits;
use App\User;
use DateTime;
use GuzzleHttp\Psr7\Response;
use Illuminate\Events\Dispatcher;
use Laravel\Passport\Bridge\AccessToken;
use Laravel\Passport\Bridge\AccessTokenRepository;
use Laravel\Passport\Bridge\Client;
use Laravel\Passport\Bridge\RefreshTokenRepository;
use Laravel\Passport\Passport;
use Laravel\Passport\TokenRepository;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
# https://github.com/laravel/passport/issues/71
/**
* Trait PassportToken
*
* @package App\Traits
*/
trait PassportToken {
/**
* Generate a new unique identifier.
*
* @param int $length
*
* @throws OAuthServerException
*
* @return string
*/
private function generateUniqueIdentifier($length = 40) {
try {
return bin2hex(random_bytes($length));
// @codeCoverageIgnoreStart
} catch (\TypeError $e) {
throw OAuthServerException::serverError('An unexpected error has occurred');
} catch (\Error $e) {
throw OAuthServerException::serverError('An unexpected error has occurred');
} catch (\Exception $e) {
// If you get this message, the CSPRNG failed hard.
throw OAuthServerException::serverError('Could not generate a random string');
}
// @codeCoverageIgnoreEnd
}
private function issueRefreshToken(AccessTokenEntityInterface $accessToken) {
$maxGenerationAttempts = 10;
$refreshTokenRepository = app(RefreshTokenRepository::class);
$refreshToken = $refreshTokenRepository->getNewRefreshToken();
$refreshToken->setExpiryDateTime((new \DateTime())->add(Passport::refreshTokensExpireIn()));
$refreshToken->setAccessToken($accessToken);
while ($maxGenerationAttempts-- > 0) {
$refreshToken->setIdentifier($this->generateUniqueIdentifier());
try {
$refreshTokenRepository->persistNewRefreshToken($refreshToken);
return $refreshToken;
} catch (UniqueTokenIdentifierConstraintViolationException $e) {
if ($maxGenerationAttempts === 0) {
throw $e;
}
}
}
}
protected function createPassportTokenByUser(User $user, $clientId) {
$accessToken = new AccessToken($user->id);
$accessToken->setIdentifier($this->generateUniqueIdentifier());
$accessToken->setClient(new Client($clientId, null, null));
$accessToken->setExpiryDateTime((new DateTime())->add(Passport::tokensExpireIn()));
$accessTokenRepository = new AccessTokenRepository(new TokenRepository(), new Dispatcher());
$accessTokenRepository->persistNewAccessToken($accessToken);
$refreshToken = $this->issueRefreshToken($accessToken);
return [
'access_token' => $accessToken,
'refresh_token' => $refreshToken,
];
}
protected function sendBearerTokenResponse($accessToken, $refreshToken) {
$response = new BearerTokenResponse();
$response->setAccessToken($accessToken);
$response->setRefreshToken($refreshToken);
$privateKey = new CryptKey('file://' . Passport::keyPath('oauth-private.key'), null, false);
$response->setPrivateKey($privateKey);
$response->setEncryptionKey(app('encrypter')->getKey());
return $response->generateHttpResponse(new Response);
}
/**
* @param \App\User $user
* @param $clientId
* @param bool $output default = true
* @return array | \League\OAuth2\Server\ResponseTypes\BearerTokenResponse
*/
protected function getBearerTokenByUser(User $user, $clientId, $output = true) {
$passportToken = $this->createPassportTokenByUser($user, $clientId);
$bearerToken = $this->sendBearerTokenResponse($passportToken['access_token'], $passportToken['refresh_token']);
if (!$output) {
$bearerToken = json_decode($bearerToken->getBody()->__toString(), true);
}
return $bearerToken;
}
}
我改为new CryptKey('file://' . Passport::keyPath('oauth-private.key'))
避免new CryptKey('file://' . Passport::keyPath('oauth-private.key'), null, false)
权限不正确错误(从此处修复)
推荐阅读
- javascript - 如何使用 jQuery 在密码字段中更改 fontawsome 图标 onclick?
- dgraph - dgraph 什么时候支持 Gremlin
- css - firefox 在点击下拉菜单时遇到问题
- java - Ubuntu VDS 上的 java selenium 测试。该网站未完全加载
- python - 查找在循环中创建的按钮 ID
- node.js - 带有 React 和 OIDC 身份验证的 Electron 在 DEV 工作,但在 PROD 失败
- python - 如何在 Python numpy 中将行和列变成变量?
- git - GitHub存储库中的文件在哪里?
- ruby-on-rails - Ruby on Rails - 参数丢失或值为空
- azure - 我们应该将什么服务连接添加到 Azure 管道中的“调用 REST API:POST”