Laravel 护照 oauth 路线总是返回 401 未经授权
Posted
技术标签:
【中文标题】Laravel 护照 oauth 路线总是返回 401 未经授权【英文标题】:Laravel passport oauth routes always return 401 unauthorized 【发布时间】:2018-11-03 06:13:17 【问题描述】:我尝试使用护照实施 oauth 身份验证,但无法按预期工作。
我想让我的 api 与简单的 jwt 一起工作,并为第三方应用程序添加另一个 oauth-api。
我的问题是当我尝试访问任何oauth/* 路由(例如oauth/authorize)时,我得到了"message":"Unauthorized.","success":false 的响应
我不知道我的实现出了什么问题,我被这个错误困了一天。
我的守卫:
'guards' => [
'web' => [
'driver' => 'jwt',
'provider' => 'myappprovider',
],
'api' => [
'driver' => 'jwt',
'provider' => 'myappprovider',
],
'oauth-api' => [
'driver' => 'passport',
'provider' => 'myappprovider'
]
],
这是我的 AuthServiceProvider:
class AuthServiceProvider extends ServiceProvider
/**
* Register any application authentication / authorization services.
*
* @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @return void
*/
public function boot(GateContract $gate)
Passport::routes();
// Create auth user provider
Auth::provider('myapp', function($app)
$repository = app()->make('\MyApp\User\Repository\UserRepository');
return new AuthUserProvider($repository);
);
// Create auth driver
Auth::extend('jwt', function($app, $name, array $config)
$provider = Auth::createUserProvider($config['provider']);
return new JwtAuthGuard($name, $provider);
);
parent::registerPolicies($gate);
应用内核:
class Kernel extends HttpKernel
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
//
'api' => [
//'throttle:60,1',
'auth:api'
],
'web' => [
'language' => \App\Http\Middleware\Language::class
],
'oauth-api' => [
'auth:oauth-api'
]
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'role' => \App\Http\Middleware\RoleMiddleware::class,
'session' => \Illuminate\Session\Middleware\StartSession::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'ip' => \App\Http\Middleware\IPMiddleware::class
];
我的身份验证类:
class Authenticate
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
if (Auth::guard($guard)->guest())
return response()->json([
'message' => 'Unauthorized.',
'success' => false
], 401);
return $next($request);
【问题讨论】:
【参考方案1】:OAuth2 在用户同意的情况下工作,这就是它具有 web 和 auth 中间件的原因。做
php 工匠路线:列表
它会显示带有中间件的路由列表。以下链接更好地解释它 https://***.com/a/40999998/3377733
【讨论】:
以上是关于Laravel 护照 oauth 路线总是返回 401 未经授权的主要内容,如果未能解决你的问题,请参考以下文章