oauth2 mechanism of laravel passport -- installation and configuration

  1. home page
  2. special column
  3. php
  4. Article details

oauth2 mechanism of laravel passport (I) -- installation and configuration

I don't think so Published 2 minutes ago

1, Oauth2
1. Definition:
OAuth 2.0 is an authorization mechanism, which is mainly used to issue token s.
2. Members:
Service (authentication server)
3. Process:

  • application(client) requests Service (authentication server, which may be a third party such as wechat, or its own user authentication Service);
  • Service authentication succeeded, return access_token;
  • application with access_token to operate the relevant authorized functions.

4. oauth2 authorization mode

  • Authorization code mode (this mode is widely used by third parties such as wechat)
  • Simplified mode
  • Password mode (this mode is commonly used by subsystems on their own platform, which is mainly discussed below)
  • Client mode

2, laravel passport
1. Installation
composer require laravel/passport
Installation data sheet
php artisan migrate
From the service configuration file in the composer project to config
php artisan passport:install

Add laravel \ passport \ hasapitoken trail to App\User model

namespace App\Models;

use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable
    use HasApiTokens, HasFactory, Notifiable;

In the configuration file config/auth.php

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',

    'api' => [
        'driver' => 'passport',
        'provider' => 'users',

You need to call the Passport::routes method in the boot method of AuthServiceProvider, which will register the necessary routes for issuing access tokens, ungoing access tokens, clients and private access tokens.

namespace App\Providers;
use Laravel\Passport\Passport;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
    public function boot()


passport server authentication service configuration
phpartisan passport:client --password

The data will be newly generated and stored in OAuth_ In the clients table

2. Client request

Route::get('/auth/password', function (\Illuminate\Http\Request $request){
    $http = new \GuzzleHttp\Client();

    $response = $http->post('http://http://mypassport.service.com/oauth/token', [
        'form_params' => [
            'grant_type' => 'password',
            'client_id' => '3',
            'client_secret' => 'Yom4nnZUKVIwYQPOWjnoCh9LHFkZV3pKh83fQe0s',
            'username' => 'aa@qq.com',
            'password' => 'abc123',
            'scope' => '*',

    return json_decode((string)$response->getBody(), true);


The above is the installation configuration of the entire laravel passport oauth2.

1. After installing and configuring passport s, use them to guide the route to request and obtain relevant access_token;
2. Now this is just a simple password mode. The expiration time of token and the permission verification of scope are not listed. The next chapter will write the process and logic from the source code.

reference resources:


Read 7 updated 1 minute ago
Like collection
1 prestige
0 fans
Focus on the author
Submit comments
You know what?

Register login
1 prestige
0 fans
Focus on the author
Article catalog

Keywords: PHP Laravel

Added by Imtehbegginer on Fri, 29 Oct 2021 08:44:40 +0300