我已经使用Laravel Passport安装设置了一个新的laravel 5.6安装。如果我向邮递员发送邮件请求http://127.0.0.1/oauth/token,我会收到有效的令牌:
请求
POST /oauth/token HTTP/1.1
Host: 127.0.0.1:8000
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Cache-Control: no-cache
Postman-Token: 99529c07-0fe3-38a8-54cf-8b80a9dd5fbd
{
"grant_type" : "password",
"client_id" : 4,
"client_secret" : "Ib1UOS7BK12tFxOilqwea1XGJhrExbVYe8B7r8wK",
"username" : "[email protected]",
"password" : "password"
}
响应:
{
"token_type": "Bearer",
"expires_in": 31536000,
"access_token": "eyJ0eXAiOiJKV1.....",
"refresh_token": "def5020026dfeb6f91f6a9....."
}
我不希望我的用户直接访问它,所以我在routes / web.php文件中设置了一个路由:
Route::post('login', 'API\AuthController@login');
我的AuthController看起来像:
<?php
namespace App\Http\Controllers\API;
use App\OAuth;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller as Controller;
use Illuminate\Support\Facades\Auth;
use Carbon\Carbon;
use App\User;
class AuthController extends Controller
{
public function __construct()
{
$this->middleware('auth:api', ['except' => ['login']]);
}
/**
* Login user and create token
*
* @param [string] email
* @param [string] password
* @param [boolean] remember_me
* @return [string] access_token
* @return [string] token_type
* @return [string] expires_at
*/
public function login(Request $request)
{
$request->validate([
'username' => 'required|string|email',
'password' => 'required|string'
]);
$credentials = request(['username', 'password']);
return OAuth::login($credentials['username'], $credentials['password']);
}
这会调用我的OAuth类的登录方法:
namespace App;
use GuzzleHttp;
class OAuth
{
public static function login($username, $password)
{
$http = new GuzzleHttp\Client;
$response = $http->post('http://127.0.0.1:8000/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => 4,
'client_secret' => 'Ib1UOS7BK12tFxOilqwea1XGJhrExbVYe8B7r8wK',
'username' => $username,
'password' => $password
],
]);
return json_decode((string) $response->getBody(), true);
}
}
当我使用邮递员发帖请求获取令牌时:
POST /login HTTP/1.1
Host: 127.0.0.1:8000
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Cache-Control: no-cache
Postman-Token: 94469bd8-a011-7e04-5f20-b835a5b1cac4
{
"username" : "[email protected]",
"password" : "password"
}
请求只是挂起。它没有带回任何响应或超时,它似乎永远加载。我不确定出了什么问题。如果我从邮递员发出oauth / token的帖子请求它可以工作,但如果我向控制器方法发出一个帖子请求,而后者又向oauth / token发出一个帖子请求,它就不起作用了。我什么都没回来。
这是因为内置的PHP服务器是单线程的。因此,您对OAuth服务器的第二个(内部)请求将终止第一个请求。
看我的评论here。
我还尝试从curl或guzzle生成令牌。尝试使用这个代码它适合我。
function tokenRequest(Request $request){
$request->request->add([
"grant_type" => "password",
"username" => $request->username,
"password" => $request->password,
"client_id" => "2",
"client_secret" => "VE5S97DfjNciEWJOL1gEZhVLEx2VAGJQEX1dK6cq",
]);
$tokenRequest = $request->create(
env('APP_URL').'/oauth/token',
'post'
);
$instance = Route::dispatch($tokenRequest);
return json_decode($instance->getContent());
}