自定义令牌响应Laravel Passport

Question

我目前正在开发一个API并且已经打了一堵砖墙.我正在使用带有"密码"授权类型的Passport.

我想用访问令牌返回用户信息,但是,我不知道如何.

我可以实现,编辑或扩展哪个类来获取它？

我想要退回:

{
    "token_type": "Bearer",
    "expires_in": 31536000,
    "access_token": "lalalalalal",
    "refresh_token": "lalalallala",
    "user": {
        "username": "a username",
        "user_type": "admin"
    }
}

提前致谢.

Answer 1

有关如何执行此操作的说明，请参见BearerTokenResponse该类（League / oauth2-server软件包的一部分）。

在Laravel 5.7上测试。

1.扩展BearerTokenResponse类，在响应中添加所需的额外参数。

namespace App\Auth;

use League\OAuth2\Server\Entities\AccessTokenEntityInterface;

class BearerTokenResponse extends \League\OAuth2\Server\ResponseTypes\BearerTokenResponse
{
    /**
     * Add custom fields to your Bearer Token response here, then override
     * AuthorizationServer::getResponseType() to pull in your version of
     * this class rather than the default.
     *
     * @param AccessTokenEntityInterface $accessToken
     *
     * @return array
     */
    protected function getExtraParams(AccessTokenEntityInterface $accessToken): array
    {
        return [
            'user_id' => $this->accessToken->getUserIdentifier(),
        ];
    }
}

2.创建您自己的PassportServiceProvider类并重写该makeAuthorizationServer()方法，以便传入您自己的BearerTokenResponse类。

namespace App\Providers;

use App\Auth\BearerTokenResponse;
use Laravel\Passport\Bridge;
use League\OAuth2\Server\AuthorizationServer;

class PassportServiceProvider extends \Laravel\Passport\PassportServiceProvider
{
    /**
     * Make the authorization service instance.
     *
     * @return \League\OAuth2\Server\AuthorizationServer
     */
    public function makeAuthorizationServer()
    {
        return new AuthorizationServer(
            $this->app->make(Bridge\ClientRepository::class),
            $this->app->make(Bridge\AccessTokenRepository::class),
            $this->app->make(Bridge\ScopeRepository::class),
            $this->makeCryptKey('private'),
            app('encrypter')->getKey(),
            new BearerTokenResponse() // <-- The class you created above
        );
    }
}

3.将您的提供者添加到的提供者数组中 config/app.php

    /*
     * Application Service Providers...
     */
    App\Providers\PassportServiceProvider::class,

4.从laravel自动发现中排除护照包 composer.json

这将阻止PassportServiceProvider加载默认类。

    "extra": {
        "laravel": {
            "dont-discover": [
                "laravel/passport"
            ]
        }
    },

然后运行composer install。

Answer 2

两步。

1 . 在您的路线文件中添加一条新路线。

// routes/api.php

Route::post('oauth/token', 'AuthController@auth');

请记住，这将更改从/oauth/token到获取令牌的路线/api/oauth/token。

2 . 添加控制器方法。

<?php
// app/Http/Controllers/AuthController.php

namespace App\Http\Controllers;

use App\User;
use Psr\Http\Message\ServerRequestInterface;
use \Laravel\Passport\Http\Controllers\AccessTokenController;

class AuthController extends AccessTokenController
{
    public function auth(ServerRequestInterface $request)
    {
            $tokenResponse = parent::issueToken($request);
            $token = $tokenResponse->getContent();

            // $tokenInfo will contain the usual Laravel Passort token response.
            $tokenInfo = json_decode($token, true);

            // Then we just add the user to the response before returning it.
            $username = $request->getParsedBody()['username'];
            $user = User::whereEmail($username)->first();
            $tokenInfo = collect($tokenInfo);
            $tokenInfo->put('user', $user);

            return $tokenInfo;
    }
}

Answer 3

来自网络的另一个更好的答案

自定义 Laravel 护照 BearerTokenResponse

https://gist.github.com/messi89/489473c053e3ea8d9e034b0032effb1d