Laravel Passport

Als Fortsetzung zum MyInput-Beispiel füge ich Laravel Passport hinzu.  

Das Beispiel baut auf folgenden Artikeln auf:  Laravel Beispiel - Schritt für Schritt und Laravel - Authentication und Authorization Beispiel 

Einrichten laut: https://laravel.com/docs/passport

Hinzufügen von Passport mittels Composer:

vagrant@homestead:~/Code/Laravel$ composer require laravel/passport
Using version ^1.0 for laravel/passport
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)

dann in der Konsole: php artisan migrate

vagrant@homestead:~/Code/Laravel$ php artisan migrate
Migrated: 2016_06_01_000001_create_oauth_auth_codes_table
Migrated: 2016_06_01_000002_create_oauth_access_tokens_table
Migrated: 2016_06_01_000003_create_oauth_refresh_tokens_table
Migrated: 2016_06_01_000004_create_oauth_clients_table
Migrated: 2016_06_01_000005_create_oauth_personal_access_clients_table

und php artisan passport:install

vagrant@homestead:~/Code/Laravel$ php artisan passport:install
Encryption keys generated successfully.
Personal access client created successfully.
Client ID: 1
Client Secret: ????????????????????????????????????????
Password grant client created successfully.
Client ID: 2
Client Secret: ????????????????????????????????????????

Anpassen der Datei: app/User.php, hinzufügen von:

use Laravel\Passport\HasApiTokens; und  HasApiTokens,

<?php

namespace App;

use Laravel\Passport\HasApiTokens;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use HasApiTokens,Notifiable;

    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = [
        'name', 'email', 'password',
    ];

    /**
     * The attributes that should be hidden for arrays.
     *
     * @var array
     */
    protected $hidden = [
        'password', 'remember_token',
    ];

} 

Datei: app/Providers/AuthServiceProvider.php

use Laravel\Passport\Passport; und Passport::routes();

<?php

namespace App\Providers;
use Laravel\Passport\Passport;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * The policy mappings for the application.
     *
     * @var array
     */
    protected $policies = [
        'App\Model' => 'App\Policies\ModelPolicy',
    ];

    /**
     * Register any authentication / authorization services.
     *
     * @return void
     */
    public function boot()
    {
        $this->registerPolicies();
        Gate::define('isadmin', function ($user) {
            return $user->role_id == "1";
        });
        Passport::routes();
	Passport::tokensExpireIn(now()->addDays(15));//365 is default
	Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
	Passport::personalAccessTokensExpireIn(now()->addDays(365));//365 is default
    }
}

Datei: config/auth.php

'api' => [
'driver' => 'passport',

...
    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'passport',
            'provider' => 'users',
        ],
    ],

...

Für eine schnelle GUI-Integration können noch folgende Dateien angepasst werden:

resources/assets/js/app.js

/**
 * First we will load all of this project's JavaScript dependencies which
 * include Vue and Vue Resource. This gives a great starting point for
 * building robust, powerful web applications using Vue and Laravel.
 */

require('./bootstrap');

/**
 * Next, we will create a fresh Vue application instance and attach it to
 * the page. Then, you may begin adding components to this application
 * or customize the JavaScript scaffolding to fit your unique needs.
 */

Vue.component('example', require('./components/Example.vue'));

Vue.component(
    'passport-clients',
    require('./components/passport/Clients.vue')
);

Vue.component(
    'passport-authorized-clients',
    require('./components/passport/AuthorizedClients.vue')
);

Vue.component(
    'passport-personal-access-tokens',
    require('./components/passport/PersonalAccessTokens.vue')
);

const app = new Vue({
    el: '#app'
});

Da wir die Datei home.blade.php in einem vorigen Beispiel überspringen, also nach dem Anmelden direkt auf unser myinputs-Beispiel gehen, füge ich folgenden Quellcode in die Datei: views/myinputs/index.blade.php

<passport-clients></passport-clients>
<passport-authorized-clients></passport-authorized-clients>
<passport-personal-access-tokens></passport-personal-access-tokens>

..
            <!-- we will also add show, edit, and delete buttons -->
            <td>

                <!-- show the myinput (uses the show method found at GET /myinputs/{id} -->
                <a class="btn btn-small btn-success" href="{{ URL::to('myinputs/' . $value->id) }}">Show this Myinput</a>

                <!-- edit this myinput (uses the edit method found at GET /myinputs/{id}/edit -->
                @can('isadmin')
                  <a class="btn btn-small btn-info" href="{{ URL::to('myinputs/' . $value->id . '/edit') }}">Edit this Myinput</a>

                  <!-- delete the myinput (uses the destroy method DESTROY /myinputs/{id} -->
                  <form action="./myinputs/{{$value->id }}"  onsubmit="return confirm('Are you sure to delete: {{ $value->string}}')" method="POST">
                      {{ csrf_field() }}
                      {{ method_field('DELETE') }}
                      <button type="submit" class="btn btn-danger">
                          <i class="fa fa-btn fa-trash">Delete</i>
                      </button>
                  </form>
                @endcan

            </td>
        </tr>
    @endforeach
                <passport-clients></passport-clients>
                <passport-authorized-clients></passport-authorized-clients>
                <passport-personal-access-tokens></passport-personal-access-tokens>
..

zu guter Letzt noch folgende Befehle in der Konsole:

php artisan vendor:publish --tag=passport-components

vagrant@homestead:~/Code/Laravel$ php artisan vendor:publish --tag=passport-components
Copied Directory [/vendor/laravel/passport/resources/assets/js/components] To [/resources/assets/js/components/passport]
Publishing complete for tag [passport-components]!

 

Sollten 

nach dem Registrieren kann z.B. ein Personal Access Token erstellt werden:

npm install 

und

npm run dev 

laravel-passport-3.jpg?cache=2016-12-2119-21-24500390

Personal Access Tokens - Lifetime

app/Providers/AuthServiceProvider.php

in boot:

Passport::personalAccessTokensExpireIn(now()->addDays(3650));//365 is default

API/routes

Hinzufügen der API zum jeweiligen Aufruf

Route::get('/test', function () {
    return("test");
})->middleware('auth:api');

Zugriff von PowerShell

Zugriff mittels Personal-Access-Token

Invoke-RestMethod https:/myapp/api/user-Method Get -Headers @{"Authorization" = "Bearer $accessToken"}

Password Grant

$result = Invoke-RestMethod http://localhost/oauth/token `
-Method Post -ContentType "application/x-www-form-urlencoded" `
-Body @{client_id=2;
client_secret="xxxxxxxxxxxxx";
grant_type="password";
username="test@test.test"
password="xxx"} -ErrorAction STOP

$accessToken=$result.access_token
Invoke-RestMethod http://localhost/api/test -Method Get -Headers @{"Authorization" = "Bearer $accessToken"}

Client Grant

Voraussetzung 

  • php artisan passport:client --client
  • app/Http/Kernel.php 
    • use Laravel\Passport\Http\Middleware\CheckClientCredentials;
      
      protected $routeMiddleware = [
          'client' => CheckClientCredentials::class,
      ];
  • routes/app.php
    • Route::get('/test', function (Request $request) {
      return("test");
      })->middleware('client');

Powershell

$result=""
   $result = Invoke-RestMethod http://localhost/oauth/token `
    -Method Post -ContentType "application/x-www-form-urlencoded" `
    -Body @{client_id=4;
           client_secret="OyezJ3NHKSOVqTqiml4NgU8fkm6Iu6DxZzBJiAhU";
           grant_type="client_credentials";
        } -ErrorAction STOP

$result.access_token
$accessToken=$result.access_token
Invoke-RestMethod http://localhost/api/test -Method Get -Headers @{"Authorization" = "Bearer $accessToken"}

Refresh Token

$refresh = Invoke-RestMethod http://localhost/oauth/token `
-Method Post -ContentType "application/x-www-form-urlencoded" `
-Body @{client_id=2;
client_secret="xxx";
refresh_token="$($result.refresh_token)"
grant_type="refresh_token";
scope="";
} -ErrorAction STOP

Invoke-RestMethod http://localhost/api/user -Method Get -Headers @{"Authorization" = "Bearer $($refresh.access_token)"}

Beim Refresh wird der bestehende Token revoked und ein neuer ausgestellt, dies kann auch nachdem der Token abgelaufen ist erfolgen

laravel-passport-4.jpg?cache=2019-03-0319-15-5250042

 

positive Bewertung({{pro_count}})
Beitrag bewerten:
{{percentage}} % positiv
negative Bewertung({{con_count}})

DANKE für deine Bewertung!


veröffentlicht am 21.12.2018 von Bernhard
geändert am 03.03.2019 von Bernhard



Fragen / Kommentare


Wir verwenden Cookies, um Inhalte und Anzeigen zu personalisieren, Funktionen für soziale Medien anbieten zu können und die Zugriffe auf unsere Website zu analysieren. Außerdem geben wir Informationen zu Ihrer Nutzung unserer Website an unsere Partner für soziale Medien, Werbung und Analysen weiter. Details anzeigen.