This tutorial demonstrates building a robust OAuth2 server within a Laravel application using the Laravel Passport library. We'll cover server configuration and provide a practical example of consuming OAuth2 APIs. Basic OAuth2 knowledge is assumed. Laravel Passport simplifies the process significantly.
The tutorial is divided into two parts: library installation and configuration, followed by creating and consuming sample resources.
Server Configuration
This section details installing and configuring the necessary components for Passport to function with Laravel.
Installing the Laravel Passport Library
Use Composer to install the library:
composer require laravel/passport
This completes the Passport installation. Next, we'll integrate it into Laravel.
Enabling the Passport Service
Laravel uses service providers to manage application services. To enable Passport, you'll need to add its service provider to config/app.php
. (If unfamiliar with Laravel service providers, refer to a relevant introductory resource.) Crucially, you must also register Passport's routes (within the boot
method of app/Providers/AuthServiceProvider.php
) and run the php artisan passport:install
command. This command also allows client creation. Let's create a demo client.
php artisan passport:client
The command prompts for details: user ID, client name, and redirect URI. The redirect URI is where the user is redirected after authorization, carrying the authorization code.
Let's assume the following output:
<code>New client created successfully. Client ID: 3 Client secret: 1BT1tNj0Are27IGvIZe4lE2jRjtiVt0fmtaWBe8m</code>
Now, we can test the OAuth2 APIs.
For this example, we'll create an oauth2_client
directory in the document root (ideally, this would reside on the third-party application consuming your API).
Create oauth2_client/auth_redirection.php:
<?php $query = http_build_query([ 'client_id' => '3', 'redirect_uri' => 'http://localhost/oauth2_client/callback.php', 'response_type' => 'code', 'scope' => '', ]); header('Location: http://your-laravel-site-url/oauth/authorize?' . $query); ?>
Remember to replace placeholders like client_id
and redirect_uri
with your actual values.
Next, create oauth2_client/callback.php:
<?php if (isset($_REQUEST['code']) && $_REQUEST['code']) { $ch = curl_init(); $url = 'http://your-laravel-site-url/oauth/token'; $params = [ 'grant_type' => 'authorization_code', 'client_id' => '3', 'client_secret' => '1BT1tNj0Are27IGvIZe4lE2jRjtiVt0fmtaWBe8m', 'redirect_uri' => 'http://localhost/oauth2_client/callback.php', 'code' => $_REQUEST['code'], ]; curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $params_string = ''; if (is_array($params) && count($params)) { foreach ($params as $key => $value) { $params_string .= $key . '=' . $value . '&'; } rtrim($params_string, '&'); curl_setopt($ch, CURLOPT_POST, count($params)); curl_setopt($ch, CURLOPT_POSTFIELDS, $params_string); } $result = curl_exec($ch); curl_close($ch); $response = json_decode($result); if (isset($response->access_token) && $response->access_token) { $access_token = $response->access_token; $ch = curl_init(); $url = 'http://your-laravel-site-url/api/user/get'; $header = ['Authorization: Bearer ' . $access_token]; $query = http_build_query(['uid' => '1']); curl_setopt($ch, CURLOPT_URL, $url . '?' . $query); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, $header); $result = curl_exec($ch); curl_close($ch); $response = json_decode($result); var_dump($result); } } ?>
Again, adjust URLs and credentials as needed.
Workflow
The user interacts with two applications: the Laravel application (with an existing account) and the third-party client (auth_redirection.php and callback.php).
- The user accesses
http://localhost/oauth2_client/auth_redirection.php
. - This redirects to the Laravel application's authorization page.
- After login and authorization, the user is redirected to
http://localhost/oauth2_client/callback.php
with an authorization code. -
callback.php
exchanges the code for an access token. - The access token is used to make API calls (e.g., to
http://your-laravel-site-url/api/user/get
).
Conclusion
This tutorial showcased Laravel Passport's ease of use in setting up an OAuth2 server. For further Laravel development resources, explore Envato Market.
The above is the detailed content of Set Up an OAuth2 Server Using Passport in Laravel. For more information, please follow other related articles on the PHP Chinese website!

Hot AI Tools

Undress AI Tool
Undress images for free

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

Notepad++7.3.1
Easy-to-use and free code editor

SublimeText3 Chinese version
Chinese version, very easy to use

Zend Studio 13.0.1
Powerful PHP integrated development environment

Dreamweaver CS6
Visual web development tools

SublimeText3 Mac version
God-level code editing software (SublimeText3)

Hot Topics

ToversionaPHP-basedAPIeffectively,useURL-basedversioningforclarityandeaseofrouting,separateversionedcodetoavoidconflicts,deprecateoldversionswithclearcommunication,andconsidercustomheadersonlywhennecessary.StartbyplacingtheversionintheURL(e.g.,/api/v

TosecurelyhandleauthenticationandauthorizationinPHP,followthesesteps:1.Alwayshashpasswordswithpassword_hash()andverifyusingpassword_verify(),usepreparedstatementstopreventSQLinjection,andstoreuserdatain$_SESSIONafterlogin.2.Implementrole-basedaccessc

PHPdoesnothaveabuilt-inWeakMapbutoffersWeakReferenceforsimilarfunctionality.1.WeakReferenceallowsholdingreferenceswithoutpreventinggarbagecollection.2.Itisusefulforcaching,eventlisteners,andmetadatawithoutaffectingobjectlifecycles.3.YoucansimulateaWe

Proceduralandobject-orientedprogramming(OOP)inPHPdiffersignificantlyinstructure,reusability,anddatahandling.1.Proceduralprogrammingusesfunctionsorganizedsequentially,suitableforsmallscripts.2.OOPorganizescodeintoclassesandobjects,modelingreal-worlden

To safely handle file uploads in PHP, the core is to verify file types, rename files, and restrict permissions. 1. Use finfo_file() to check the real MIME type, and only specific types such as image/jpeg are allowed; 2. Use uniqid() to generate random file names and store them in non-Web root directory; 3. Limit file size through php.ini and HTML forms, and set directory permissions to 0755; 4. Use ClamAV to scan malware to enhance security. These steps effectively prevent security vulnerabilities and ensure that the file upload process is safe and reliable.

Yes, PHP can interact with NoSQL databases like MongoDB and Redis through specific extensions or libraries. First, use the MongoDBPHP driver (installed through PECL or Composer) to create client instances and operate databases and collections, supporting insertion, query, aggregation and other operations; second, use the Predis library or phpredis extension to connect to Redis, perform key-value settings and acquisitions, and recommend phpredis for high-performance scenarios, while Predis is convenient for rapid deployment; both are suitable for production environments and are well-documented.

In PHP, the main difference between == and == is the strictness of type checking. ==Type conversion will be performed before comparison, for example, 5=="5" returns true, and ===Request that the value and type are the same before true will be returned, for example, 5==="5" returns false. In usage scenarios, === is more secure and should be used first, and == is only used when type conversion is required.

TostaycurrentwithPHPdevelopmentsandbestpractices,followkeynewssourceslikePHP.netandPHPWeekly,engagewithcommunitiesonforumsandconferences,keeptoolingupdatedandgraduallyadoptnewfeatures,andreadorcontributetoopensourceprojects.First,followreliablesource
