我正在使用Laravel 7,并且试图熟悉护照oauth 2.0的实现。我已经从我的客户站点正确设置了所有内容:
Route::get('/redirect', function () {
request()->session()->put('state', $state = Str::random(40));
$query = http_build_query([
'client_id' => 5,
'redirect_uri' => 'http://localhost:8001/callback',
'response_type' => 'code',
'scope' => '',
'state' => $state,
]);
return redirect('http://localhost:8000/oauth/authorize?'.$query);
});
Route::get('/callback', function () {
$state = request()->session()->pull('state');
throw_unless(
strlen($state) > 0 && $state === request()->state,
InvalidArgumentException::class
);
$http = new GuzzleHttp\Client;
$response = $http->post('http://localhost:8000/oauth/token', [
'form_params' => [
'grant_type' => 'authorization_code',
'client_id' => '1',
'client_secret' => 'XcxHBsIAPDsmCBTsy0PtAHE7pG9TbbkemVtmAXD8',
'redirect_uri' => 'http://localhost:8001/callback',
'code' => request()->code,
],
]);
return json_decode((string) $response->getBody(), true);
});
我实际上没有对身份验证服务器做太多配置,我只在Passport::routes();类中包含了AuthServiceProvider行。但是,在我批准了请求之后,我已经从护照包中的RetrievesAuthRequestFromSession特征中发现了以下错误。这是方法:
protected function assertValidAuthToken(Request $request)
{
dump($request->session()->get('authToken'));
dump($request->get('auth_token'));
if ($request->has('auth_token') && $request->session()->get('authToken') !== $request->get('auth_token')) {
$request->session()->forget(['authToken', 'authRequest']);
throw InvalidAuthTokenException::different();
}
}
其他信息;我的客户端口是8001。服务器是8000。谁能帮我解决这个问题。预先谢谢你。
您有没有得到答案?我遇到了与您几乎相同的代码设置的完全相同的问题。