How to use Laravel Passport with Password Grant Tokens?
I just read the https://laravel.com/docs/5.6/passport documentation and I have some doubts that hopefully someone could help me with:
First, some context, I want to
-
If you are consuming your own api then you don't need to call http://example.com/oauth/token for user login because then you need to store client_id and client_secret at app side. Better you create an api for login and there you can check the credentials and generate the personal token.
public function login(Request $request) { $credentials = $request->only('email', 'password'); if (Auth::attempt($credentials)) { // Authentication passed... $user = Auth::user(); $token = $user->createToken('Token Name')->accessToken; return response()->json($token); } }Finally, there are a lot of endpoints that I get from passport that I don't think I will use for example: oauth/clients*, oauth/personal-access-tokens* is there a way to remove them from the endpoints published by passport?
You need to remove
Passport::routes();from AuthServiceProvider and manually put only required passport routes. I think you only needoauth/tokenroute.what exactly is "The-App" value for?
if you check oauth_access_tokens table it has name field.
$user->createToken('Token Name')->accessToken;here the "Token Name" stored in name field.How to use Laravel Passport with Password Grant Tokens?
To generate password grant token you have to store
client_idandclient_secretat app side (not recommended, check this ) and suppose if you have to reset theclient_secretthen the old version app stop working, these are the problems. To generate password grant token you have to call this api like you mention in step 3.$http = new GuzzleHttp\Client; $response = $http->post('http://your-app.com/oauth/token', [ 'form_params' => [ 'grant_type' => 'password', 'client_id' => 'client-id', 'client_secret' => 'client-secret', 'username' => 'taylor@laravel.com', 'password' => 'my-password', 'scope' => '', ], ]); return json_decode((string) $response->getBody(), true);Generate token from
refresh_token$http = new GuzzleHttp\Client; $response = $http->post('http://your-app.com/oauth/token', [ 'form_params' => [ 'grant_type' => 'refresh_token', 'refresh_token' => 'the-refresh-token', 'client_id' => 'client-id', 'client_secret' => 'client-secret', 'scope' => '', ], ]); return json_decode((string) $response->getBody(), true);You can look this https://laravel.com/docs/5.6/passport#implicit-grant-tokens too.
讨论(0) -
Tackling Question 5
Finally, there are a lot of endpoints that I get from passport that I don't think I will use for example:
oauth/clients*,oauth/personal-access-tokens*is there a way to remove them from the endpoints published by passport?
Passport::routes($callback = null, array $options = [])takes an optional$callbackfunction and optional$optionsargument.The callback function takes a
$routerargument from which you can then choose which routes to install as shown below in yourAuthServiceProvider.phpthat is enabling a more granular configuration:Passport::routes(function ($router) { $router->forAccessTokens(); $router->forPersonalAccessTokens(); $router->forTransientTokens(); }); Passport::tokensExpireIn(Carbon::now()->addMinutes(10)); Passport::refreshTokensExpireIn(Carbon::now()->addDays(10));This way we only create the passport routes that we need.
forAccessTokens(); enable us to create access tokens.
forPersonalAccessTokens(); enable us to create personal tokens although we will not use this in this article. Lastly,forTransientTokens(); creates the route for refreshing tokens.If you run
php artisan route:listyou can see the new endpoints installed by Laravel Passport.| POST | oauth/token | \Laravel\Passport\Http\Controllers\AccessTokenController@issueToken | POST | oauth/token/refresh | \Laravel\Passport\Http\Controllers\TransientTokenController@refresh讨论(0)
加载中...
- 热议问题