国产av日韩一区二区三区精品,成人性爱视频在线观看,国产,欧美,日韩,一区,www.成色av久久成人,2222eeee成人天堂

Home Backend Development PHP Tutorial Set Up an OAuth2 Server Using Passport in Laravel

Set Up an OAuth2 Server Using Passport in Laravel

Mar 05, 2025 am 11:32 AM

Set Up an OAuth2 Server Using Passport in Laravel

This tutorial demonstrates building a robust OAuth2 server within a Laravel application using the Laravel Passport library. We'll cover server configuration and provide a practical example of consuming OAuth2 APIs. Basic OAuth2 knowledge is assumed. Laravel Passport simplifies the process significantly.

The tutorial is divided into two parts: library installation and configuration, followed by creating and consuming sample resources.

Server Configuration

This section details installing and configuring the necessary components for Passport to function with Laravel.

Installing the Laravel Passport Library

Use Composer to install the library:

composer require laravel/passport

This completes the Passport installation. Next, we'll integrate it into Laravel.

Enabling the Passport Service

Laravel uses service providers to manage application services. To enable Passport, you'll need to add its service provider to config/app.php. (If unfamiliar with Laravel service providers, refer to a relevant introductory resource.) Crucially, you must also register Passport's routes (within the boot method of app/Providers/AuthServiceProvider.php) and run the php artisan passport:install command. This command also allows client creation. Let's create a demo client.

php artisan passport:client

The command prompts for details: user ID, client name, and redirect URI. The redirect URI is where the user is redirected after authorization, carrying the authorization code.

Let's assume the following output:

<code>New client created successfully.
Client ID: 3
Client secret: 1BT1tNj0Are27IGvIZe4lE2jRjtiVt0fmtaWBe8m</code>

Now, we can test the OAuth2 APIs.

For this example, we'll create an oauth2_client directory in the document root (ideally, this would reside on the third-party application consuming your API).

Create oauth2_client/auth_redirection.php:

<?php
$query = http_build_query([
    'client_id' => '3',
    'redirect_uri' => 'http://localhost/oauth2_client/callback.php',
    'response_type' => 'code',
    'scope' => '',
]);

header('Location: http://your-laravel-site-url/oauth/authorize?' . $query);
?>

Remember to replace placeholders like client_id and redirect_uri with your actual values.

Next, create oauth2_client/callback.php:

<?php
if (isset($_REQUEST['code']) && $_REQUEST['code']) {
    $ch = curl_init();
    $url = 'http://your-laravel-site-url/oauth/token';

    $params = [
        'grant_type' => 'authorization_code',
        'client_id' => '3',
        'client_secret' => '1BT1tNj0Are27IGvIZe4lE2jRjtiVt0fmtaWBe8m',
        'redirect_uri' => 'http://localhost/oauth2_client/callback.php',
        'code' => $_REQUEST['code'],
    ];

    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

    $params_string = '';
    if (is_array($params) && count($params)) {
        foreach ($params as $key => $value) {
            $params_string .= $key . '=' . $value . '&';
        }
        rtrim($params_string, '&');
        curl_setopt($ch, CURLOPT_POST, count($params));
        curl_setopt($ch, CURLOPT_POSTFIELDS, $params_string);
    }

    $result = curl_exec($ch);
    curl_close($ch);
    $response = json_decode($result);

    if (isset($response->access_token) && $response->access_token) {
        $access_token = $response->access_token;

        $ch = curl_init();
        $url = 'http://your-laravel-site-url/api/user/get';
        $header = ['Authorization: Bearer ' . $access_token];
        $query = http_build_query(['uid' => '1']);

        curl_setopt($ch, CURLOPT_URL, $url . '?' . $query);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
        $result = curl_exec($ch);
        curl_close($ch);
        $response = json_decode($result);
        var_dump($result);
    }
}
?>

Again, adjust URLs and credentials as needed.

Workflow

The user interacts with two applications: the Laravel application (with an existing account) and the third-party client (auth_redirection.php and callback.php).

  1. The user accesses http://localhost/oauth2_client/auth_redirection.php.
  2. This redirects to the Laravel application's authorization page.
  3. After login and authorization, the user is redirected to http://localhost/oauth2_client/callback.php with an authorization code.
  4. callback.php exchanges the code for an access token.
  5. The access token is used to make API calls (e.g., to http://your-laravel-site-url/api/user/get).

Conclusion

This tutorial showcased Laravel Passport's ease of use in setting up an OAuth2 server. For further Laravel development resources, explore Envato Market.

The above is the detailed content of Set Up an OAuth2 Server Using Passport in Laravel. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undress AI Tool

Undress AI Tool

Undress images for free

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

What are some best practices for versioning a PHP-based API? What are some best practices for versioning a PHP-based API? Jun 14, 2025 am 12:27 AM

ToversionaPHP-basedAPIeffectively,useURL-basedversioningforclarityandeaseofrouting,separateversionedcodetoavoidconflicts,deprecateoldversionswithclearcommunication,andconsidercustomheadersonlywhennecessary.StartbyplacingtheversionintheURL(e.g.,/api/v

How do I implement authentication and authorization in PHP? How do I implement authentication and authorization in PHP? Jun 20, 2025 am 01:03 AM

TosecurelyhandleauthenticationandauthorizationinPHP,followthesesteps:1.Alwayshashpasswordswithpassword_hash()andverifyusingpassword_verify(),usepreparedstatementstopreventSQLinjection,andstoreuserdatain$_SESSIONafterlogin.2.Implementrole-basedaccessc

What are weak references (WeakMap) in PHP, and when might they be useful? What are weak references (WeakMap) in PHP, and when might they be useful? Jun 14, 2025 am 12:25 AM

PHPdoesnothaveabuilt-inWeakMapbutoffersWeakReferenceforsimilarfunctionality.1.WeakReferenceallowsholdingreferenceswithoutpreventinggarbagecollection.2.Itisusefulforcaching,eventlisteners,andmetadatawithoutaffectingobjectlifecycles.3.YoucansimulateaWe

What are the differences between procedural and object-oriented programming paradigms in PHP? What are the differences between procedural and object-oriented programming paradigms in PHP? Jun 14, 2025 am 12:25 AM

Proceduralandobject-orientedprogramming(OOP)inPHPdiffersignificantlyinstructure,reusability,anddatahandling.1.Proceduralprogrammingusesfunctionsorganizedsequentially,suitableforsmallscripts.2.OOPorganizescodeintoclassesandobjects,modelingreal-worlden

How can you handle file uploads securely in PHP? How can you handle file uploads securely in PHP? Jun 19, 2025 am 01:05 AM

To safely handle file uploads in PHP, the core is to verify file types, rename files, and restrict permissions. 1. Use finfo_file() to check the real MIME type, and only specific types such as image/jpeg are allowed; 2. Use uniqid() to generate random file names and store them in non-Web root directory; 3. Limit file size through php.ini and HTML forms, and set directory permissions to 0755; 4. Use ClamAV to scan malware to enhance security. These steps effectively prevent security vulnerabilities and ensure that the file upload process is safe and reliable.

How can you interact with NoSQL databases (e.g., MongoDB, Redis) from PHP? How can you interact with NoSQL databases (e.g., MongoDB, Redis) from PHP? Jun 19, 2025 am 01:07 AM

Yes, PHP can interact with NoSQL databases like MongoDB and Redis through specific extensions or libraries. First, use the MongoDBPHP driver (installed through PECL or Composer) to create client instances and operate databases and collections, supporting insertion, query, aggregation and other operations; second, use the Predis library or phpredis extension to connect to Redis, perform key-value settings and acquisitions, and recommend phpredis for high-performance scenarios, while Predis is convenient for rapid deployment; both are suitable for production environments and are well-documented.

What are the differences between == (loose comparison) and === (strict comparison) in PHP? What are the differences between == (loose comparison) and === (strict comparison) in PHP? Jun 19, 2025 am 01:07 AM

In PHP, the main difference between == and == is the strictness of type checking. ==Type conversion will be performed before comparison, for example, 5=="5" returns true, and ===Request that the value and type are the same before true will be returned, for example, 5==="5" returns false. In usage scenarios, === is more secure and should be used first, and == is only used when type conversion is required.

How do I stay up-to-date with the latest PHP developments and best practices? How do I stay up-to-date with the latest PHP developments and best practices? Jun 23, 2025 am 12:56 AM

TostaycurrentwithPHPdevelopmentsandbestpractices,followkeynewssourceslikePHP.netandPHPWeekly,engagewithcommunitiesonforumsandconferences,keeptoolingupdatedandgraduallyadoptnewfeatures,andreadorcontributetoopensourceprojects.First,followreliablesource

See all articles