- home page
- special column
- php
- Article details
oauth2 mechanism of laravel passport (I) -- installation and configuration
1, Oauth2
1. Definition:
OAuth 2.0 is an authorization mechanism, which is mainly used to issue token s.
2. Members:
Client
Service (authentication server)
3. Process:
- application(client) requests Service (authentication server, which may be a third party such as wechat, or its own user authentication Service);
- Service authentication succeeded, return access_token;
- application with access_token to operate the relevant authorized functions.
4. oauth2 authorization mode
- Authorization code mode (this mode is widely used by third parties such as wechat)
- Simplified mode
- Password mode (this mode is commonly used by subsystems on their own platform, which is mainly discussed below)
- Client mode
2, laravel passport
1. Installation
composer require laravel/passport
Installation data sheet
php artisan migrate
From the service configuration file in the composer project to config
php artisan passport:install
Add laravel \ passport \ hasapitoken trail to App\User model
namespace App\Models; use Illuminate\Contracts\Auth\MustVerifyEmail; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; use Laravel\Sanctum\HasApiTokens; class User extends Authenticatable { use HasApiTokens, HasFactory, Notifiable;
In the configuration file config/auth.php
'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'passport', 'provider' => 'users', ], ],
You need to call the Passport::routes method in the boot method of AuthServiceProvider, which will register the necessary routes for issuing access tokens, ungoing access tokens, clients and private access tokens.
namespace App\Providers; use Laravel\Passport\Passport; use Illuminate\Support\Facades\Gate; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; class AuthServiceProvider extends ServiceProvider { public function boot() { $this->registerPolicies(); Passport::routes(); } }
passport server authentication service configuration
phpartisan passport:client --password
The data will be newly generated and stored in OAuth_ In the clients table
2. Client request
code:
Route::get('/auth/password', function (\Illuminate\Http\Request $request){ $http = new \GuzzleHttp\Client(); $response = $http->post('http://http://mypassport.service.com/oauth/token', [ 'form_params' => [ 'grant_type' => 'password', 'client_id' => '3', 'client_secret' => 'Yom4nnZUKVIwYQPOWjnoCh9LHFkZV3pKh83fQe0s', 'username' => 'aa@qq.com', 'password' => 'abc123', 'scope' => '*', ], ]); return json_decode((string)$response->getBody(), true); });
postman:
The above is the installation configuration of the entire laravel passport oauth2.
summary
1. After installing and configuring passport s, use them to guide the route to request and obtain relevant access_token;
2. Now this is just a simple password mode. The expiration time of token and the permission verification of scope are not listed. The next chapter will write the process and logic from the source code.
reference resources:
https://laravelacademy.org/po...
https://www.ruanyifeng.com/bl...