如何在Laravel Passport中获取刷新令牌?

xt0899hw  于 2023-04-13  发布在  其他
关注(0)|答案(2)|浏览(192)

我正在使用Laravel 6.7并尝试使用Passport进行用户身份验证。
我可以在用户注册时为他们创建访问令牌。代码如下:

$user = User::create($input);
$user->createToken('auth-token');

此访问令牌的有效期为15分钟,正如我在AuthServiceProvider.php文件boot()函数中定义的那样:

Passport::personalAccessTokensExpireIn(Carbon::now()->addMinutes(15));

我想使用刷新令牌刷新它,但似乎不知道如何操作。
我到处都找过了(包括Laravel网站),他们都告诉我这样做:

$http = new GuzzleHttp\Client;

$response = $http->post('http://your-app.com/oauth/token', [
    'form_params' => [
        'grant_type' => 'refresh_token',
        'refresh_token' => 'the-refresh-token',
        'client_id' => 'client-id',
        'client_secret' => 'client-secret',
        'scope' => '',
    ],
]);

没有关于值'the-refresh-token''client-id''client-secret'的含义的任何明确解释。
一个关于堆栈溢出的answer说:
你必须发送旧的refresh-token('refresh_token' => 'the-refresh-token'),这段代码会产生一个新的token和refresh-refresh。
但是我没有刷新令牌,我正在尝试创建一个。我是否只是创建一个随机字符串?

alen0pnh

alen0pnh1#

使用口令授予令牌

From:Laravel Docs:密码授予令牌

OAuth2密码授权允许您的其他第一方客户端(如移动的应用程序)使用电子邮件地址/用户名和密码获取访问令牌。

首先需要通过以下方式生成密码授权客户端:

php artisan passport:client --password

这将给予一个client_id和一个client_secret

接下来,您可以在移动的应用程序中实现登录,如下所示:

POST
http://your-app.com/oauth/token

Body:
{
  'grant_type' => 'password',
  'client_id' => 'client-id',
  'client_secret' => 'client-secret',
  'username' => 'taylor@laravel.com',
  'password' => 'my-password',
  'scope' => '',
}

其结果是:

{
  "token_type": "Bearer",
  "expires_in": 300,
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjAyMGM1YTQ2MzM5ZTAxNjBjODViOWUyMGE0YTAxYzhmOWYzOTZkYjlhMmM1OWZiNjk0NDVjZTZlYTIyMmUyZmEyNDZmYzQ0MTc4M2NjNjIyIn0.eyJhdWQiOiI1MSIsImp0aSI6IjAyMGM1YTQ2MzM5ZTAxNjBjODViOWUyMGE0YTAxYzhmOWYzOTZkYjlhMmM1OWZiNjk0NDVjZTZlYTIyMmUyZmEyNDZmYzQ0MTc4M2NjNjIyIiwiaWF0IjoxNTczMjIxMTk0LCJuYmYiOjE1NzMyMjExOTQsImV4cCI6MTU3MzIyMTQ5NCwic3ViIjoiNWZhNzNkNjAtYzliNC0xMWU5LThiMDEtNjFmNDI4YjYyNTdiIiwic2NvcGVzIjpbXX0.EmmKwdr_tLUmN08MxnleCqIU0zDk8-pyecOaz-tQ2OBZa-UBsFe2SoaD0jqq_0t1BZHBiayO5qHFY6M459mXTPRNJM8Bx7MC1X_4GPHrozKMuymZ3Ham3J00UtsGHcF2gG39YcUnmhbDhiFefO8VGU-2e_2q2qWAFvO_lUB4CrcrVQ3o8-4o3mwXpmWbcoDbqiQwga_0-SMo8gYIFlh4OaO0Z_bCWsJaspUdRra672BV49une5uPlANLIinCthFHgcT_9t48z_wOzEHbVhuogMr5ObkJAy0rXTQLyvprale5EaNTPR0s9Fp1wvMtd08m7Pbdz2XLCShuIrE7cY8U8NZydxvX3aFqUOcqkmlvEGRkr3B6utjNQW19I7bKw9aIBBczoCCBmIqkqBuQFQziV3dQ7qQYJyKqr0n_mSyVzCllJ4nhWcV4hwny2KVQoszxjVMoVEzWEXsJSmxfWE4NHMYb0wmid6K_COCGzHRhfqtg_llySP_w2N0us2Ri92LyVovIJI0w2_ze0MBmyvS37OYIOLV3bCZcsVhnf9QCxAE6NAXXwgzYEj7Y0Q-7GkbOCDWrVghih3-engZj36dTBo_i4YJc5iygRlzLCW8AFtZig6mW6Veb9ITsSu_yTefCbZVPG4G0MjBhk03kSnLJGeyWeEAIBapdeEI7Vf8VsXo",
  "refresh_token": "def50200a4c2c3670e62fe28d61c38b66f0d4d85f5a576c0a3914cf9767d91027102bd9ab0a17e9e149266be2443f6ef2c25e092d4c17d2a813ca59b1df608dcfc120596c2ed72ffe7dd0a1db3bc7511ec905a65c63551239581a1c13c3c0b53fd0f8db97d2b49763f5bd98b7624a432d7e82161cc9e543d3e2550f73d6bcea0014aa0d4f72c2eb3edfe2f256fae1a8ea69270735be98a85b7040e33194eb449187b67aa0dbb10f75bdf620b6416c12756e96449e92aa6ad7b56be53876113a9d17d93c1039f54647040ce8acd7f242684d0b0aa1835267dbc6bab87c6b2a7862ca3bcd8396ae7c912b03ee3df7d471f74b96d0c48ec76a55ff05762227722ffb99ecb12f30fae9042b078383678492ef73e5fedfb0085a30a9511bc94588edd5a171e0650a092bb9c37e7571aeb6d0b6d9048189ab0fa16d48477e6d51e81efbe762af34c46ed2da1862528c24d00f0139f3e74eccbefd06a7dd238ccff85b9cbec68e2e7483a9fb2f4bc314d81d48f3dbbe0a9c8b42bd76bc4ad57fa2afad52092c5339f9461"
}

如果要刷新过期的令牌,需要使用POST方法向/oauth/token发出请求

与身体:

{
  'grant_type' => 'refresh_token',
  'refresh_token' => 'the-refresh-token',
  'client_id' => 'client-id',
  'client_secret' => 'client-secret',
  'scope' => '',
}

将之前的refresh_tokenclient_idclient_secret放入,您将得到包含其他令牌的另一个响应

yuvru6vn

yuvru6vn2#

为了防止超时,您可以像这样调用oauth/token

$request = Request::create('oauth/token', 'POST', [
                'grant_type' => 'password',
                'client_id' => env("CLIENT_ID"),
                'client_secret' => env("CLIENT_SECRET"),
                'username' => $request->email,
                'password' => $request->password,
                'scope' => '',
            ]);
            
            $result = app()->handle($request);
            $response = json_decode($result->getContent(), true); 
            return response()->json($response, 200);

相关问题